|
313081
|
- |
|
openbsd
|
openssh
|
OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared …
|
CWE-287
Improper Authentication
|
CVE-2010-4478
|
2024-11-21 10:21 |
2010-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313082
|
6.1 |
MEDIUM
Network
|
vanillaforums
|
vanilla_forums
|
It was found in vanilla forums before 2.0.10 a potential linkbait vulnerability in dispatcher.
|
-
|
CVE-2010-4266
|
2024-11-21 10:20 |
2021-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313083
|
6.1 |
MEDIUM
Network
|
vanillaforums
|
vanilla_forums
|
It was found in vanilla forums before 2.0.10 a cross-site scripting vulnerability where a filename could contain arbitrary code to execute on the client side.
|
-
|
CVE-2010-4264
|
2024-11-21 10:20 |
2021-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313084
|
5.5 |
MEDIUM
Local
|
oracle fedoraproject
|
mysql-gui-tools fedora
|
mysql-gui-tools (mysql-query-browser and mysql-admin) before 5.0r14+openSUSE-2.3 exposes the password of a user connected to the MySQL server in clear text form via the list of running processes.
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2010-4177
|
2024-11-21 10:20 |
2019-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313085
|
5.5 |
MEDIUM
Local
|
oracle fedoraproject
|
mysql-gui-tools fedora
|
MySQL-GUI-tools (mysql-administrator) leaks passwords into process list after with launch of mysql text console
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2010-4178
|
2024-11-21 10:20 |
2019-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313086
|
5.9 |
MEDIUM
Network
|
mercurial
|
mercurial
|
Mercurial before 1.6.4 fails to verify the Common Name field of SSL certificates which allows remote attackers who acquire a certificate signed by a Certificate Authority to perform a man-in-the-midd…
|
CWE-295
Improper Certificate Validation
|
CVE-2010-4237
|
2024-11-21 10:20 |
2019-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313087
|
6.1 |
MEDIUM
Network
|
translatehouse
|
pootle
|
pootle 2.0.5 has XSS via 'match_names' parameter
|
CWE-79
Cross-site Scripting
|
CVE-2010-4245
|
2024-11-21 10:20 |
2019-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313088
|
8.8 |
HIGH
Network
|
tiki
|
tikiwiki_cms\/groupware
|
Tiki Wiki CMS Groupware 5.2 has CSRF
|
CWE-352
Origin Validation Error
|
CVE-2010-4241
|
2024-11-21 10:20 |
2019-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313089
|
6.1 |
MEDIUM
Network
|
tiki
|
tikiwiki_cms\/groupware
|
Tiki Wiki CMS Groupware 5.2 has XSS
|
CWE-79
Cross-site Scripting
|
CVE-2010-4240
|
2024-11-21 10:20 |
2019-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313090
|
9.8 |
CRITICAL
Network
|
tiki
|
tikiwiki_cms\/groupware
|
Tiki Wiki CMS Groupware 5.2 has Local File Inclusion
|
CWE-20
Improper Input Validation
|
CVE-2010-4239
|
2024-11-21 10:20 |
2019-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|