Lucene search
K

3458 matches found

UbuntuCve
UbuntuCve
added 2010/10/28 12:0 a.m.27 views

CVE-2010-3933

Ruby on Rails 2.3.9 and 3.0.0 does not properly handle nested attributes, which allows remote attackers to modify arbitrary records by changing the names of parameters for form inputs...

6.4CVSS6AI score0.0225EPSS
Exploits0References2
Prion
Prion
added 2010/10/28 12:0 a.m.22 views

Design/Logic Flaw

Ruby on Rails 2.3.9 and 3.0.0 does not properly handle nested attributes, which allows remote attackers to modify arbitrary records by changing the names of parameters for form inputs...

6.4CVSS7.1AI score0.0225EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2010/10/27 10:0 p.m.31 views

CVE-2010-3933

Ruby on Rails 2.3.9 and 3.0.0 does not properly handle nested attributes, which allows remote attackers to modify arbitrary records by changing the names of parameters for form inputs...

6.4CVSS6.5AI score0.0225EPSS
Exploits0
Cvelist
Cvelist
added 2010/10/27 10:0 p.m.21 views

CVE-2010-3933

Ruby on Rails 2.3.9 and 3.0.0 does not properly handle nested attributes, which allows remote attackers to modify arbitrary records by changing the names of parameters for form inputs...

6.5AI score0.0225EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2010/08/20 8:0 p.m.22 views

CVE-2010-3063

The phpmysqlndreaderrorfromline function in the Mysqlnd extension in PHP 5.3 through 5.3.2 does not properly calculate a buffer length, which allows context-dependent attackers to trigger a heap-based buffer overflow via crafted inputs that cause a negative length value to be used...

5CVSS6AI score0.01574EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2010/08/16 12:0 a.m.23 views

Pligg Multiple SQL Injection Vulnerabilities

Pligg CMS is prone to multiple SQL injection vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.01258EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2010/07/16 12:0 a.m.31 views

Opera Browser Multiple Vulnerabilities july-10 (Win01)

The host is installed with Opera web browser and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gboperamultvulnwin01july10.nasl 5323 2017-02-17 08:49:23Z teissa $ Opera Browser Multiple Vulnerabilities july-10 Win01 Authors: Antu Sanadi Copyright: Copyright c 2010 Greenbone...

9.3CVSS1.1AI score0.03902EPSS
Exploits0References4
Cvelist
Cvelist
added 2010/07/07 6:0 p.m.24 views

CVE-2010-2658

Opera before 10.60 does not properly restrict certain interaction between plug-ins, file inputs, and the clipboard, which allows user-assisted remote attackers to trigger the uploading of arbitrary files via a crafted web site...

7.4AI score0.01633EPSS
Exploits0References8
Opera Security Advisories
Opera Security Advisories
added 2010/06/29 12:0 a.m.11 views

File inputs can disclose the path to selected files – Opera Security Advisories

File inputs can disclose the path to selected files – Opera Security Advisories OPCOM Team | June 29, 2010 Severity Less severe Description When a file is selected in a file upload input, the path to that file is not exposed through the input’s value property. This is done to protect any sensitiv...

5.7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2010/06/22 12:0 a.m.21 views

Opera < 10.54 Multiple Vulnerabilities

The version of Opera installed on the remote host is earlier than 10.54. Such versions are potentially affected by the following issues : - Web fonts may be used to trigger a privilege elevation vulnerability in the Windows operating system MS10-032 954 - It may be possible to use data URIs in a...

10CVSS6AI score0.05039EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2010/05/27 12:0 a.m.6 views

PT-2010-3699 · Python +1 · Python +1

Name of the Vulnerable Software and Affected Versions: Python versions 2.7 through 3.2 Description: The issue arises from the audioop module in Python not verifying the relationships between size arguments and byte string lengths. This allows context-dependent attackers to cause a denial of...

7.5CVSS7.1AI score0.27924EPSS
Exploits4References48
OpenVAS
OpenVAS
added 2010/05/11 12:0 a.m.25 views

REZERVI Belegungsplan und Gästedatenbank 'include/mail.inc.php' Remote File Include Vulnerability

UTILO REZERVI Belegungsplan und Gästedatenbank is prone to a remote file-include vulnerability because it fails to properly sanitize user- supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the...

6.8CVSS0.4AI score0.02393EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2010/04/06 12:0 a.m.29 views

libESMTP multiple vulnerabilities

This host has libESMTP installed and is prone to multiple vulnerabilities. Vulnerabilities Insight: Multiple flaws are due to: - An error in 'matchcomponent' function in 'smtp-tls.c' when processing substrings. It treats two strings as equal if one is a substring of the other, which allows...

6.8CVSS0.4AI score0.01176EPSS
Exploits0References3
0day.today
0day.today
added 2010/03/21 12:0 a.m.11 views

Left 4 Dead Stats 1.1 SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================= Left 4 Dead Stats 1.1 SQL Injection Vulnerability ================================================= Left 4 Dead Stats SQL Injection Vulnerability Author: Sora Website:...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2010/03/15 12:0 a.m.33 views

Ananta Gazelle 1.0 SQL Injection

www.BugReport.ir AmnPardaz Security Research Team Title: Ananta Gazelle SQL Injection Vulnerability Vendor: http://www.anantasoft.com/ Vulnerable Version: 1.0 Latest version till now Exploitation: Remote with browser Fix: N/A - Description: Ananta Gazelle is a rich JavaScript enabled CMS with...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2010/01/15 12:0 a.m.22 views

DasForum Local File Inclusion

'/ -.- --------------------oOO------OOo------------------- | DasForum layout Local File Inclusion Exploit | | works only with magicquotesgpc = off | ------------------------------------------------------ ! Discovered: cr4wl3r ! Download: http://mirror.vocabbuilder.net/savannah/dasforum/ ! Date:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2010/01/12 12:0 a.m.20 views

Calendar Express 2 Cross Site Scripting

Exploit Title: Calendar Express 2 Cross Site Scripting Exploit Date: January 11th, 2010 Author: Sora Version: 2.0 Tested on: Windows Vista Home Premium and Linux 2.6.32 ---------------------------------------- Calendar Express 2 XSS Exploit Author: Sora Contact: vhr95zw at hotmail dot com Website...

Exploits0
0day.today
0day.today
added 2010/01/07 12:0 a.m.18 views

Ulisse's Scripts 2.6.1 ladder.php SQL Injection Vulnerability

Exploit for unknown platform in category web applications ============================================================= Ulisse's Scripts 2.6.1 ladder.php SQL Injection Vulnerability ============================================================= Tested on: Windows Vista Home Premium and Linux...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2010/01/04 12:0 a.m.13 views

Left 4 Dead Stats SQL Injection

---------------------------------- Left 4 Dead Stats SQL Injection Vulnerability Author: Sora Contact: vhr95zw at hotmail dot com Website: http://greyhathackers.wordpress.com/ Google Dork: "In your dreams, script kiddies." VULNERABILITY DESCRIPTION: Left 4 Dead Stats suffers from a remote SQL...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2010/01/03 12:0 a.m.21 views

Elite Gaming Ladders 3.0 - SQL Injection

Elite Gaming Ladders 3.0 - SQL Injection Exploit Title: Elite Gaming Ladders v3.0 SQL Injection Exploit Date: January 3rd, 2010 Author: Sora Version: 3.0 Tested on: Windows and Linux ---------------------------------------- Elite Gaming Ladders v3.0 SQL Injection Exploit Contact: vhr95zw at hotma...

0.3AI score
Exploits0
Rows per page
Query Builder