CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
11851 CVE-2010-2425 22 Dir. Trav. 2010-06-24 2018-10-10
6.5
None Remote Low Single system Partial Partial Partial
Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read or delete arbitrary files via "..//" sequences in a COMB command.
11852 CVE-2010-2420 DoS Exec Code 2010-06-22 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Multiple unspecified vulnerabilities in Fenrir Inc. ActiveGeckoBrowser 1.0.0 and 1.0.5 alpha, a module for the Sleipnir web browser, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors related to the Gecko engine.
11853 CVE-2010-2419 2010-10-13 2010-11-11
6.5
None Remote Low Single system Partial Partial Partial
Unspecified vulnerability in the Java Virtual Machine component in Oracle Database Server 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
11854 CVE-2010-2405 2010-10-13 2016-11-23
6.0
None Remote Medium Single system Partial Partial Partial
Unspecified vulnerability in the Siebel Core - Highly Interactive Client component in Oracle Siebel Suite 7.7.2.12, 7.8.2.14, 8.0.0.10, and 8.1.1.3 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-3500.
11855 CVE-2010-2375 2010-07-13 2018-10-30
6.4
None Remote Low Not required Partial Partial None
Package/Privilege: Plugins for Apache, Sun and IIS web servers Unspecified vulnerability in the WebLogic Server component in Oracle Fusion Middleware 7.0 SP7, 8.1 SP6, 9.0, 9.1, 9.2 MP3, 10.0 MP2, 10.3.2, and 10.3.3 allows remote attackers to affect confidentiality and integrity, related to IIS.
11856 CVE-2010-2369 +Priv 2010-10-18 2010-10-19
6.9
None Local Medium Not required Complete Complete Complete
Untrusted search path vulnerability in Lhasa 0.19 and earlier allows local users to gain privileges via a Trojan horse executable file in the current working directory.
11857 CVE-2010-2368 +Priv 2010-10-18 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
Untrusted search path vulnerability in Lhaplus before 1.58 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
11858 CVE-2010-2350 119 DoS Exec Code Overflow 2010-06-21 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in the PNG decoder in Ziproxy 3.1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PNG file.
11859 CVE-2010-2345 352 CSRF 2010-06-21 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in odCMS 1.06, and possibly earlier, allows remote attackers to hijack the authentication of administrators for requests that change the administrative password, and other unspecified requests.
11860 CVE-2010-2340 89 1 Exec Code Sql 2010-06-18 2010-06-21
6.8
None Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in members.php in Arab Portal 2.2, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the by parameter in the msearch action.
11861 CVE-2010-2337 20 2010-07-28 2017-08-16
6.0
None Remote Medium Single system Partial Partial Partial
Open redirect vulnerability in RSA Federated Identity Manager 4.0 before 4.0.25 and 4.1 before 4.1.26 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unknown vectors.
11862 CVE-2010-2314 94 2 Exec Code File Inclusion 2010-06-17 2010-06-18
6.8
None Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in nucleus/plugins/NP_Twitter.php in the NP_Twitter Plugin 0.8 and 0.9 for Nucleus, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the DIR_PLUGINS parameter. NOTE: some of these details are obtained from third party information.
11863 CVE-2010-2313 22 2 Dir. Trav. 2010-06-17 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in index.php in Anodyne Productions SIMM Management System (SMS) 2.6.10, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter to index.php. NOTE: some of these details are obtained from third party information.
11864 CVE-2010-2294 352 CSRF 2010-06-15 2018-10-10
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in Plume CMS 1.2.4 and possibly earlier allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via unspecified vectors.
11865 CVE-2010-2293 20 DoS 2010-06-15 2018-10-10
6.8
None Remote Low Single system None None Complete
The Ping tools web interface in Dlink Di-604 router allows remote authenticated users to cause a denial of service via a large "ip textfield" size.
11866 CVE-2010-2268 352 CSRF 2010-06-15 2010-06-16
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in authcfg.cgi in Accoria Web Server (aka Rock Web Server) 1.4.7 allows remote attackers to hijack the authentication of administrators for requests that create user accounts.
11867 CVE-2010-2253 20 Exec Code 2010-07-06 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
lwp-download in libwww-perl before 5.835 does not reject downloads to filenames that begin with a . (dot) character, which allows remote servers to create or overwrite files via (1) a 3xx redirect to a URL with a crafted filename or (2) a Content-Disposition header that suggests a crafted filename, and possibly execute arbitrary code as a consequence of writing to a dotfile in a home directory.
11868 CVE-2010-2252 20 Exec Code 2010-07-06 2016-11-28
6.8
None Remote Medium Not required Partial Partial Partial
GNU Wget 1.12 and earlier uses a server-provided filename instead of the original URL to determine the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a 3xx redirect to a URL with a .wgetrc filename followed by a 3xx redirect to a URL with a crafted filename, and possibly execute arbitrary code as a consequence of writing to a dotfile in a home directory.
11869 CVE-2010-2236 20 Exec Code 2014-04-15 2014-04-16
6.0
None Remote Medium Single system Partial Partial Partial
The monitoring probe display in spacewalk-java before 2.1.148-1 and Red Hat Network (RHN) Satellite 4.0.0 through 4.2.0 and 5.1.0 through 5.3.0, and Proxy 5.3.0, allows remote authenticated users with permissions to administer monitoring probes to execute arbitrary code via unspecified vectors, related to backticks.
11870 CVE-2010-2234 352 CSRF 2010-08-19 2018-10-10
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in Apache CouchDB 0.8.0 through 0.11.0 allows remote attackers to hijack the authentication of administrators for direct requests to an installation URL.
11871 CVE-2010-2231 352 CSRF 2010-06-28 2010-09-09
6.8
User Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in report/overview/report.php in the quiz module in Moodle before 1.8.13 and 1.9.x before 1.9.9 allows remote attackers to hijack the authentication of arbitrary users for requests that delete quiz attempts via the attemptid parameter.
11872 CVE-2010-2227 119 DoS Overflow +Info 2010-07-13 2018-10-10
6.4
None Remote Low Not required Partial None Partial
Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service (application outage) or obtain sensitive information via a crafted header that interferes with "recycling of a buffer."
11873 CVE-2010-2203 119 DoS Exec Code Overflow Mem. Corr. 2010-06-30 2017-09-18
6.8
User Remote Medium Not required Partial Partial Partial
Adobe Reader and Acrobat 9.x before 9.3.3 on UNIX allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
11874 CVE-2010-2191 119 Overflow Mem. Corr. +Info 2010-06-07 2017-08-16
6.4
None Remote Low Not required Partial Partial None
The (1) parse_str, (2) preg_match, (3) unpack, and (4) pack functions; the (5) ZEND_FETCH_RW, (6) ZEND_CONCAT, and (7) ZEND_ASSIGN_CONCAT opcodes; and the (8) ArrayObject::uasort method in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information (memory contents) or trigger memory corruption by causing a userspace interruption of an internal function or handler. NOTE: vectors 2 through 4 are related to the call time pass by reference feature.
11875 CVE-2010-2159 119 DoS Exec Code Overflow Mem. Corr. 2010-06-07 2018-10-10
6.5
None Remote Low Single system Partial Partial Partial
Dameng DM Database Server allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors related to the SP_DEL_BAK_EXPIRED procedure in wdm_dll.dll, which triggers memory corruption.
11876 CVE-2010-2153 Exec Code 2010-06-03 2010-06-04
6.8
None Remote Medium Not required Partial Partial Partial
Unrestricted file upload vulnerability in admin/code/tce_functions_tcecode_editor.php in TCExam 10.1.006 and 10.1.007 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in cache/.
11877 CVE-2010-2138 22 2 Dir. Trav. 2010-06-02 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Multiple directory traversal vulnerabilities in ProMan 0.1.1 and earlier allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the _SESSION[userLang] parameter to (1) elisttasks.php, (2) managepmanagers.php, (3) manageusers.php, (4) helpfunc.php, (5) managegroups.php, (6) manageprocess.php, and (7) manageusersgroups.php.
11878 CVE-2010-2136 22 1 Dir. Trav. 2010-06-02 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in admin/index.php in Article Friendly, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter.
11879 CVE-2010-2129 22 2 Dir. Trav. 2010-06-01 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in the JE Ajax Event Calendar (com_jeajaxeventcalendar) component 1.0.1 and 1.0.3 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. NOTE: some of these details are obtained from third party information.
11880 CVE-2010-2122 22 2 Dir. Trav. 2010-06-01 2018-10-10
6.8
None Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in the SimpleDownload (com_simpledownload) component before 0.9.6 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
11881 CVE-2010-2116 264 +Priv 2010-05-28 2010-06-01
6.5
None Remote Low Single system Partial Partial Partial
The web interface in McAfee Email Gateway (formerly IronMail) 6.7.1 allows remote authenticated users, with only Read privileges, to gain Write privileges to modify configuration via the save action in a direct request to admin/systemWebAdminConfig.do.
11882 CVE-2010-2094 134 Exec Code +Info 2010-05-27 2011-01-26
6.8
None Remote Medium Not required Partial Partial Partial
Multiple format string vulnerabilities in the phar extension in PHP 5.3 before 5.3.2 allow context-dependent attackers to obtain sensitive information (memory contents) and possibly execute arbitrary code via a crafted phar:// URI that is not properly handled by the (1) phar_stream_flush, (2) phar_wrapper_unlink, (3) phar_parse_url, or (4) phar_wrapper_open_url functions in ext/phar/stream.c; and the (5) phar_wrapper_open_dir function in ext/phar/dirstream.c, which triggers errors in the php_stream_wrapper_log_error function.
11883 CVE-2010-2074 20 2010-06-16 2010-09-09
6.8
None Remote Medium Not required Partial Partial Partial
istream.c in w3m 0.5.2 and possibly other versions, when ssl_verify_server is enabled, does not properly handle a '\0' character in a domain name in the (1) subject's Common Name or (2) Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
11884 CVE-2010-2067 119 DoS Exec Code Overflow 2010-06-24 2018-11-16
6.8
None Remote Medium Not required Partial Partial Partial
Stack-based buffer overflow in the TIFFFetchSubjectDistance function in tif_dirread.c in LibTIFF before 3.9.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long EXIF SubjectDistance field in a TIFF file.
11885 CVE-2010-2065 189 DoS Exec Code Overflow 2010-06-24 2013-05-14
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF file that triggers a buffer overflow.
11886 CVE-2010-2039 352 2 CSRF 2010-05-25 2017-08-16
6.8
User Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in gpEasy CMS 1.6.2, 1.6.1, and earlier allows remote attackers to hijack the authentication of administrators for requests that create new administrative users via an Admin_Users action to index.php. NOTE: some of these details are obtained from third party information.
11887 CVE-2010-2026 287 Bypass 2010-05-26 2010-05-27
6.4
None Remote Low Not required None Partial Partial
The web interface on the Cisco Scientific Atlanta WebSTAR DPC2100R2 cable modem with firmware 2.0.2r1256-060303 allows remote attackers to bypass authentication, and reset the modem or replace the firmware, via a direct request to an unspecified page.
11888 CVE-2010-2025 352 CSRF 2010-05-26 2010-05-27
6.8
User Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface on the Cisco Scientific Atlanta WebSTAR DPC2100R2 cable modem with firmware 2.0.2r1256-060303 allow remote attackers to hijack the authentication of administrators for requests that (1) reset the modem, (2) erase the firmware, (3) change the administrative password, (4) install modified firmware, or (5) change the access level, as demonstrated by a request to goform/_aslvl.
11889 CVE-2010-2020 20 2 +Priv 2010-05-28 2012-11-05
6.9
None Local Medium Not required Complete Complete Complete
sys/nfsclient/nfs_vfsops.c in the NFS client in the kernel in FreeBSD 7.2 through 8.1-PRERELEASE, when vfs.usermount is enabled, does not validate the length of a certain fhsize parameter, which allows local users to gain privileges via a crafted mount request.
11890 CVE-2010-2019 89 Exec Code Sql 2010-05-24 2010-05-24
6.8
None Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in downlot.php in Lokomedia CMS 1.4.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the file parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
11891 CVE-2010-2015 89 Exec Code Sql 2010-05-24 2010-05-24
6.8
None Remote Medium Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in LiSK CMS 4.4 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in a view_inbox action to cp/cp_messages.php or (2) the id parameter to cp/edit_email.php.
11892 CVE-2010-2012 89 1 Exec Code Sql 2010-05-24 2010-05-24
6.8
None Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in function.php in MigasCMS 1.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the categorie parameter in a catalogo action. NOTE: some of these details are obtained from third party information.
11893 CVE-2010-2007 352 CSRF 2010-05-20 2018-10-10
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in LetoDMS (formerly MyDMS) 1.7.2 and earlier allow remote attackers to hijack the authentication of administrators for requests that use (1) op/op.EditUserData.php, (2) op/op.UsrMgr.php, (3) out/out.RemoveVersion.php, (4) op/op.RemoveFolder.php, (5) op/op.DefaultKeywords.php, (6) op/op.GroupMgr.php, (7) op/op.FolderAccess.php, (8) op/op.FolderNotify.php, or (9) op.MoveFolder.php in mydms.
11894 CVE-2010-2006 22 Dir. Trav. 2010-05-20 2018-10-10
6.5
None Remote Low Single system Partial Partial Partial
Directory traversal vulnerability in op/op.Login.php in LetoDMS (formerly MyDMS) 1.7.2 and earlier allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
11895 CVE-2010-1999 22 2 Dir. Trav. 2010-05-20 2010-05-21
6.8
None Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in scr/soustab.php in OpenMairie Opencatalogue 1.024, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the dsn[phptype] parameter, a related issue to CVE-2007-2069.
11896 CVE-2010-1981 22 2 Dir. Trav. 2010-05-19 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in the Fabrik (com_fabrik) component 2.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
11897 CVE-2010-1979 22 1 Dir. Trav. 2010-05-19 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in the Affiliate Datafeeds (com_datafeeds) component build 880 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
11898 CVE-2010-1978 94 1 Exec Code File Inclusion 2010-05-19 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in default_theme.php in FreePHPBlogSoftware 1.0, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the phpincdir parameter. NOTE: some of these details are obtained from third party information.
11899 CVE-2010-1974 Exec Code 2010-05-19 2010-05-21
6.8
None Remote Medium Not required Partial Partial Partial
Multiple unspecified vulnerabilities in the Safe (aka Safe.pm) module before 2.25 for Perl allow context-dependent attackers to inject and execute arbitrary code via vectors related to "automagic methods." NOTE: this might overlap CVE-2010-1169 or CVE-2010-1447.
11900 CVE-2010-1973 +Priv +Info 2010-07-22 2018-10-30
6.8
None Local Low Single system Complete Complete Complete
Unspecified vulnerability in the Auditing subsystem in HP OpenVMS 8.3, 8.2, 7.3-2, and earlier on the ALPHA platform, and 8.3-1H1, 8.3, 8.2-1, and earlier on the Itanium platform, allows local users to gain privileges or obtain sensitive information via unknown vectors.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.