Total
304758 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-2146 | 1 Graviton-mediatech | 1 Visitor Logger | 2010-06-04 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in banned.php in Visitor Logger allows remote attackers to execute arbitrary PHP code via a URL in the VL_include_path parameter. | |||||
| CVE-2010-2151 | 1 Fujitsu | 1 E-pares | 2010-06-04 | 2.6 LOW | N/A |
| Cross-site request forgery (CSRF) vulnerability in Fujitsu e-Pares V01 L01 V01 L01, L03, L10, L20, L30, and L40 allows remote attackers to hijack the authentication of users for requests that modify "facility reservation data" via unknown vectors. | |||||
| CVE-2010-2144 | 1 Zeeways | 1 Ebay Clone Auction Script | 2010-06-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in signinform.php in Zeeways eBay Clone Auction Script allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-2150 | 1 Fujitsu | 1 E-pares | 2010-06-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability Fujitsu e-Pares V01 L01 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-0793 | 1 Barnowl | 1 Barnowl | 2010-06-03 | 7.5 HIGH | N/A |
| Buffer overflow in BarnOwl before 1.5.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted CC: header. | |||||
| CVE-2010-0745 | 1 Dovecot | 1 Dovecot | 2010-06-03 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Dovecot 1.2.x before 1.2.11 allows remote attackers to cause a denial of service (CPU consumption) via long headers in an e-mail message. | |||||
| CVE-2009-4784 | 2 Joaktree, Joomla | 2 Com Joaktree, Joomla\! | 2010-06-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Joaktree (com_joaktree) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the treeId parameter to index.php. | |||||
| CVE-2010-2140 | 1 Multishopcms | 1 Multishop Cms | 2010-06-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in itemdetail.php in Multishop CMS allows remote attackers to execute arbitrary SQL commands via the itemid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-7255 | 1 Amsn | 1 Amsn | 2010-06-03 | 4.6 MEDIUM | N/A |
| login_screen.tcl in aMSN (aka Alvaro's Messenger) before 0.97.1 saves a password after logout, which allows physically proximate attackers to hijack a session by visiting an unattended workstation. | |||||
| CVE-2009-4790 | 1 Sysax | 1 Multi Server | 2010-06-03 | 9.0 HIGH | N/A |
| Multiple directory traversal vulnerabilities in Sysax Multi Server 4.5 allow remote authenticated users to read or modify arbitrary files via crafted FTP commands. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2010-1153 | 1 Typo3 | 1 Typo3 | 2010-06-03 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in the autoloader in TYPO3 4.3.x before 4.3.3 allows remote attackers to execute arbitrary PHP code via a URL in an input field associated with the className variable. | |||||
| CVE-2009-4785 | 2 Bhavesh Chauhan, Joomla | 2 Com Quicknews, Joomla\! | 2010-06-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Quick News (com_quicknews) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the newsid parameter in a view_item action to index.php. | |||||
| CVE-2009-4788 | 1 Pligg | 1 Pligg Cms | 2010-06-03 | 4.3 MEDIUM | N/A |
| Multiple open redirect vulnerabilities in Pligg 1.0.2 and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the (1) return parameter to pligg/login.php and the (2) HTTP Referer header to user_settings.php. | |||||
| CVE-2010-2139 | 1 Multishopcms | 1 Multishop Cms | 2010-06-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in pages.php in Multishop CMS allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2009-4789 | 2 Joomla, Mojoblog | 2 Joomla, Mojoblog | 2010-06-03 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in the MojoBlog component RC 0.15 for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) wp-comments-post.php and (2) wp-trackback.php. | |||||
| CVE-2010-2115 | 1 Solarwinds | 1 Tftp Server | 2010-06-01 | 5.0 MEDIUM | N/A |
| SolarWinds TFTP Server 10.4.0.10 allows remote attackers to cause a denial of service (no new connections) via a crafted read request. | |||||
| CVE-2010-1718 | 2 Joomla, Lispeltuut | 2 Joomla\!, Com Archeryscores | 2010-06-01 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in archeryscores.php in the Archery Scores (com_archeryscores) component 1.0.6 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. | |||||
| CVE-2010-2022 | 1 Freebsd | 1 Freebsd | 2010-06-01 | 3.3 LOW | N/A |
| jail.c in jail in FreeBSD 8.0 and 8.1-PRERELEASE, when the "-l -U root" options are omitted, does not properly restrict access to the current working directory, which might allow local users to read, modify, or create arbitrary files via standard filesystem operations. | |||||
| CVE-2010-2112 | 1 Intervations | 1 Filecopa | 2010-06-01 | 8.8 HIGH | N/A |
| Directory traversal vulnerability in the FTP service in FileCOPA before 5.03 allows remote attackers to read or overwrite arbitrary files via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2010-2114 | 1 Brekeke | 1 Pbx | 2010-06-01 | 2.6 LOW | N/A |
| Cross-site request forgery (CSRF) vulnerability in pbx/gate in Brekeke PBX 2.4.4.8 allows remote attackers to hijack the authentication of users for requests that change passwords via the pbxadmin.web.PbxUserEdit bean. | |||||