6827 matches found
CVE-2010-1165
Atlassian JIRA 3.12 through 4.1 allows remote authenticated administrators to execute arbitrary code by modifying the 1 attachment aka attachments, 2 index aka indexing, or 3 backup path and then uploading a file, as exploited in the wild in April 2010...
CVE-2010-1164
Multiple cross-site scripting XSS vulnerabilities in Atlassian JIRA 3.12 through 4.1 allow remote attackers to inject arbitrary web script or HTML via the 1 element or 2 defaultColor parameter to the Colour Picker page; the 3 formName parameter, 4 element parameter, or 5 full name field to the Us...
CVE-2010-1165
Atlassian JIRA 3.12 through 4.1 allows remote authenticated administrators to execute arbitrary code by modifying the 1 attachment aka attachments, 2 index aka indexing, or 3 backup path and then uploading a file, as exploited in the wild in April 2010...
RJ-iTop Network Vulnerability Scanner System Multiple SQL Injection Vulnerabilities
RJ-iTop Network Vulnerability Scanner System Multiple SQL Injection Vulnerabilities Vulnerable: v3.0.7.x Vendor: www.rj-itop.com Category: Input Validation Error Impact: SQL injection Details: ========= Multiple SQL Injection Vulnerabilities has been found in DRJ-iTop Network Vulnerability Scanne...
Microsoft Plugs Critical Drive-By Download Holes
Microsoft today released 11 security bulletins with fixes for a total of 25 security vulnerabilities, including several flaws that expose users to browse-and-you’re-hacked malicious drive-by download attacks. Two of the bulletins are rated “critical” for all versions of Microsoft’s flagship...
Worldviewer.com CMS SQL Injection
Exploit Title: Worldviewer.com CMS SQL Injection Vulnerability Date: 12-4-2010 Author: 41.w4r10r aka AN1L Software Link : Version: Web Application Tested on: Apcahe/Unix CVE : if exists Dork : inurl:"php/showContent.php?linkid=" Or inurl:"/php/showNews.php?newsid=" Code : This Is The CMS Created ...
Worldviewer.com CMS - SQL Injection
Exploit Title: Worldviewer.com CMS SQL Injection Vulnerability Date: 12-4-2010 Author: 41.w4r10r aka AN1L Software Link : Version: Web Application Tested on: Apcahe/Unix CVE : if exists Dork : inurl:"php/showContent.php?linkid=" Or inurl:"/php/showNews.php?newsid=" Code : This Is The CMS Created ...
Vulnerability in TYPO3 Core
It has been discovered that TYPO3 Core is vulnerable to Remote Command Execution. Component Type: TYPO3 Core Affected Versions: 4.3.0, 4.3.1 and 4.3.2 + development releases of 4.4 branch Vulnerability Types: Remote Command Execution Overall Severity: Critical Release Date: April 9, 2010 Vulnerab...
CVE-2010-0886
creationtimestamp| type| source ---|---|--- 2010-04-09 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/41700 2010-04-09 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/12117 2010-04-09 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/12122 2010-09-21...
CVE-2010-1423
creationtimestamp| type| source ---|---|--- 2010-04-09 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/41700 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/javawsarginjectaltjvm.rb 2025-02-06...
Oracle Java SE Multiple Vulnerabilities - Linux
Sun Java SE is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:sun:jre"; ifdescription...
GNOME Project libxslt Library RC4 Key String Buffer Overflow (CVE-2008-2935)
XSLT is an XML language to define transformation for XML. XSLT is designed for use as part of XSL, which is a stylesheet language for XML. In addition to XSLT, XSL includes an XML vocabulary for specifying formatting. There exists a heap based buffer overflow vulnerability in RC4 libxslt...
Memory corruption
Use-after-free vulnerability in the Peer Objects component aka iepeers.dll in Microsoft Internet Explorer 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via vectors involving access to an invalid pointer after the deletion of an object, as exploited in the wild in March 2010, a...
Recently Patched Adobe PDF Flaw Being 'Actively Exploited'
Malicious hackers have pounced on a newly patched Adobe PDF Reader vulnerability to plant Trojan downloaders on tardy Windows users. According to researchers in Microsoft’s malware protection center, the vulnerability CVE-2010-0188 was patched less than a month ago, proving that malicious hackers...
spamass-milter -- remote command execution vulnerability
The spamassassin milter plugin contains a vulnerability that can allow remote attackers to execute commands on affected systems. The vulnerability can be exploited trough a special-crafted email header when the plugin was started with the '-x' expand flag...
ESA-2010-003: EMC HomeBase Server Arbitrary File Upload Vulnerability
ESA-2010-003: EMC HomeBase Server Arbitrary File Upload Vulnerability Identifier: ESA-2010-003 Identifier: HB6042 CVE Identifier: CVE-2010-0620 Severity Rating: CVSS v2 Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C Affected products: EMC HomeBase Server version 6.2.x EMC HomeBase Server version 6.3....
LDF (Default.asp) Sql Injection Vulnerability
Product : LDF vendor : www.ldf.22.cn Vulnerable Versions : All Default.asp Page has an issue on validating "Page" parameter , It could be exploited by attacker & attacker can inject arbitrary Sql Commands http://www.example.com/ldf path/default.asp?page=SQL COMMAND...
Microsoft Windows GP Trap Handler Privilege Escalation Vulnerability
Microsoft Windows operating system is prone to a privilege escalation vulnerability. This VT has been deprecated and replaced by the VT with the OID: 1.3.6.1.4.1.25623.1.0.900740. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and ar...
US-CERT Technical Cyber Security Alert TA10-013A -- Adobe Reader and Acrobat Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA10-013A Adobe Reader and Acrobat Vulnerabilities Original release date: Last revised: -- Source: US-CERT Systems Affected Adobe Reader and Acrobat 9.2 and earlier 9.x versions Adobe Reader a...
Adobe Reader/Acrobat Multiple Vulnerabilities (Jan 2010) - Windows
Adobe Reader/Acrobat is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...