Total
258583 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-2365 | 1 Common1 | 1 Moobbs2 | 2010-08-31 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Free CGI Moo moobbs2 before 1.03 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-2364 | 1 Common1 | 1 Moobbs | 2010-08-31 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Free CGI Moo moobbs before 1.03 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-1129 | 1 Php | 1 Php | 2010-08-31 | 7.5 HIGH | N/A |
| The safe_mode implementation in PHP before 5.2.13 does not properly handle directory pathnames that lack a trailing / (slash) character, which allows context-dependent attackers to bypass intended access restrictions via vectors related to use of the tempnam function. | |||||
| CVE-2010-2945 | 1 Simone Rota | 1 Slim Simple Login Manager | 2010-08-31 | 6.9 MEDIUM | N/A |
| The default configuration of SLiM before 1.3.2 places ./ (dot slash) at the beginning of the default_path option, which might allow local users to gain privileges via a Trojan horse program in the current working directory, related to slim.conf and cfg.cpp. | |||||
| CVE-2010-3154 | 1 Adobe | 1 Extension Manager Cs5 | 2010-08-30 | 9.3 HIGH | N/A |
| Untrusted search path vulnerability in Adobe Extension Manager CS5 5.0.298 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .mxi or .mxp file. | |||||
| CVE-2002-2330 | 1 Uninet | 1 Statsplus | 2010-08-30 | 5.0 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in stat.pl in StatsPlus 1.25 allows remote attackers to inject arbitrary web script or HTML via (1) HTTP_USER_AGENT or (2) HTTP_REFERER, which is written to stats.html and executed in client browsers. | |||||
| CVE-2007-5227 | 1 Blackboard | 1 Blackboard Learning And Community Post Systems | 2010-08-30 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in messaging/course/composeMessage.jsp in BlackBoard Learning System 6.3.1.593 and earlier in BlackBoard Academic Suite allow remote attackers to inject arbitrary web script or HTML via the (1) subject_t and (2) body_text parameters. NOTE: vector 2 requires bypassing a client-side security mechanism that attempts to block XSS sequences. | |||||
| CVE-2008-4325 | 1 Viewvc | 1 Viewvc | 2010-08-30 | 5.8 MEDIUM | N/A |
| lib/viewvc.py in ViewVC 1.0.5 uses the content-type parameter in the HTTP request for the Content-Type header in the HTTP response, which allows remote attackers to cause content to be misinterpreted by the browser via a content-type parameter that is inconsistent with the requested object. NOTE: this issue might not be a vulnerability, since it requires attacker access to the repository that is being viewed. | |||||
| CVE-2010-3031 | 1 Wyse | 1 Thinos Hf | 2010-08-30 | 10.0 HIGH | N/A |
| Buffer overflow in Wyse ThinOS HF 4.4.079i, and possibly other versions before ThinOS 6.5, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string to the LPD service. | |||||
| CVE-2010-3125 | 1 Wolterskluwer | 1 Teammate Audit Management Software Suite | 2010-08-26 | 9.3 HIGH | N/A |
| Untrusted search path vulnerability in TeamMate Audit Management Software Suite 8.0 patch 2 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse mfc71enu.dll that is located in the same folder as a .tmx file. | |||||
| CVE-2009-4995 | 1 Smartertools | 1 Smartertrack | 2010-08-26 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in frmTickets.aspx in SmarterTools SmarterTrack before 4.0.3504 allows remote attackers to inject arbitrary web script or HTML via the email address field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2009-4994 | 1 Smartertools | 1 Smartertrack | 2010-08-26 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in frmKBSearch.aspx in SmarterTools SmarterTrack before 4.0.3504 allows remote attackers to inject arbitrary web script or HTML via the search parameter. | |||||
| CVE-2010-1802 | 1 Apple | 3 Libsecurity, Mac Os X, Mac Os X Server | 2010-08-26 | 6.4 MEDIUM | N/A |
| libsecurity in Apple Mac OS X 10.5.8 and 10.6.4 does not properly perform comparisons to domain-name strings in X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a certificate associated with a similar domain name, as demonstrated by use of a www.example.con certificate to spoof www.example.com. | |||||
| CVE-2010-1808 | 1 Apple | 3 Apple Type Services, Mac Os X, Mac Os X Server | 2010-08-26 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 and 10.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted embedded font in a document. | |||||
| CVE-2010-3121 | 1 Devonit | 1 Thin-client Management Tool | 2010-08-26 | 7.5 HIGH | N/A |
| Buffer overflow in tm-console-bin in the DevonIT thin-client management tool might allow remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2010-1800 | 1 Apple | 3 Cfnetwork, Mac Os X, Mac Os X Server | 2010-08-26 | 5.0 MEDIUM | N/A |
| CFNetwork in Apple Mac OS X 10.6.3 and 10.6.4 supports anonymous SSL and TLS connections, which allows man-in-the-middle attackers to redirect a connection and obtain sensitive information via crafted responses. | |||||
| CVE-2010-3122 | 1 Devonit | 1 Thin-client Management Tool | 2010-08-26 | 5.0 MEDIUM | N/A |
| The DevonIT thin-client management tool relies on a shared secret for authentication but transmits the secret in cleartext, which makes it easier for remote attackers to discover the secret value, and consequently obtain administrative control over client machines, by sniffing the network. | |||||
| CVE-2009-4991 | 1 Omnistaretools | 1 Omnistar Recruiting | 2010-08-25 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in users/resume_register.php in Omnistar Recruiting allows remote attackers to inject arbitrary web script or HTML via the job2 parameter. | |||||
| CVE-2009-4990 | 2 Drupal, Jrbcs | 2 Drupal, Webform Report | 2010-08-25 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Webform report module 5.x and 6.x for Drupal allows remote attackers to inject arbitrary web script or HTML via a submission. | |||||
| CVE-2009-4989 | 1 Ajsquare | 1 Aj Auction Pro-oopd | 2010-08-25 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in AJ Auction Pro OOPD 3.0 allows remote attackers to inject arbitrary web script or HTML via the txtkeyword parameter in a search action. | |||||