|
309631
|
- |
|
otrs
|
otrs
|
Cross-site scripting (XSS) vulnerability in the rich-text-editor component in Open Ticket Request System (OTRS) before 3.0.0-beta2 allows remote authenticated users to inject arbitrary web script or …
|
CWE-79
Cross-site Scripting
|
CVE-2010-4762
|
2024-11-21 10:21 |
2011-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309632
|
- |
|
otrs
|
otrs
|
Open Ticket Request System (OTRS) before 3.0.0-beta6 adds email-notification-ext articles to tickets during processing of event-based notifications, which allows remote authenticated users to obtain …
|
CWE-200
Information Exposure
|
CVE-2010-4760
|
2024-11-21 10:21 |
2011-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309633
|
- |
|
otrs
|
otrs
|
Open Ticket Request System (OTRS) before 3.0.0-beta7 does not properly restrict the ticket ages that are within the scope of a search, which allows remote authenticated users to cause a denial of ser…
|
CWE-20
Improper Input Validation
|
CVE-2010-4759
|
2024-11-21 10:21 |
2011-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309634
|
- |
|
otrs
|
otrs
|
installer.pl in Open Ticket Request System (OTRS) before 3.0.3 has an Inbound Mail Password field that uses the text type, instead of the password type, for its INPUT element, which makes it easier f…
|
CWE-310
Cryptographic Issues
|
CVE-2010-4758
|
2024-11-21 10:21 |
2011-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309635
|
- |
|
e107
|
e107
|
Cross-site scripting (XSS) vulnerability in submitnews.php in e107 before 0.7.23 allows remote attackers to inject arbitrary web script or HTML via the submitnews_title parameter, a different vector …
|
CWE-79
Cross-site Scripting
|
CVE-2010-4757
|
2024-11-21 10:21 |
2011-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309636
|
- |
|
gnu
|
gnu_patch
|
Directory traversal vulnerability in util.c in GNU patch 2.6.1 and earlier allows user-assisted remote attackers to create or overwrite arbitrary files via a filename that is specified with a .. (dot…
|
CWE-22
Path Traversal
|
CVE-2010-4651
|
2024-11-21 10:21 |
2011-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309637
|
- |
|
gnu
|
glibc
|
The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not …
|
CWE-399
Resource Management Errors
|
CVE-2010-4756
|
2024-11-21 10:21 |
2011-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309638
|
- |
|
openbsd
freebsd
netbsd
|
openssh
freebsd
netbsd
openbsd
|
The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow…
|
CWE-399
Resource Management Errors
|
CVE-2010-4755
|
2024-11-21 10:21 |
2011-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309639
|
- |
|
openbsd
apple
netbsd
freebsd
|
openbsd
mac_os_x
netbsd
freebsd
|
The glob implementation in libc in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, and OpenBSD 4.7, and Libsystem in Apple Mac OS X before 10.6.8, allows remote authenticated users to cause a denial of service (C…
|
CWE-399
Resource Management Errors
|
CVE-2010-4754
|
2024-11-21 10:21 |
2011-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309640
|
- |
|
lightneasy
|
lightneasy
|
Cross-site scripting (XSS) vulnerability in LightNEasy.php in LightNEasy 3.2.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter, which is not properly handled in a …
|
CWE-79
Cross-site Scripting
|
CVE-2010-4753
|
2024-11-21 10:21 |
2011-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
