| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| content/html/document/src/nsHTMLDocument.cpp in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allows user-assisted remote attackers to bypass the Same Origin Policy and read an arbitrary content selection via the document.getSelection function. |
| The XPCVariant::VariantDataToJS function in the XPCOM implementation in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 does not enforce intended restrictions on interaction between chrome privileged code and objects obtained from remote web sites, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via unspecified method calls, related to "doubly-wrapped objects." |
| Mahara before 1.0.13, and 1.1.x before 1.1.7, allows remote authenticated institution administrators to reset a site administrator password via unspecified vectors. |
| NFSv4 in the Linux kernel 2.6.18, and possibly other versions, does not properly clean up an inode when an O_EXCL create fails, which causes files to be created with insecure settings such as setuid bits, and possibly allows local users to gain privileges, related to the execution of the do_open_permission function even when a create fails. |
| The vmx86 kernel extension in VMware Fusion before 2.0.6 build 196839 does not use correct file permissions, which allows host OS users to gain privileges on the host OS via unspecified vectors. |
| The getSVGDocument method in Google Chrome before 3.0.195.21 omits an unspecified "access check," which allows remote web servers to bypass the Same Origin Policy and conduct cross-site scripting attacks via unknown vectors, related to a user's visit to a different web server that hosts an SVG document. |
| vtiger CRM before 5.1.0 allows remote authenticated users, with certain View privileges, to delete (1) attachments, (2) reports, (3) filters, (4) views, and (5) tickets; insert (6) attachments, (7) reports, (8) filters, (9) views, and (10) tickets; and edit (11) reports, (12) filters, (13) views, and (14) tickets via unspecified vectors. |
| vtiger CRM before 5.1.0 allows remote authenticated users to bypass the permissions on the (1) Account Billing Address and (2) Shipping Address fields in a profile by creating a Sales Order (SO) associated with that profile. |
| include/utils/ListViewUtils.php in vtiger CRM before 5.1.0 allows remote authenticated users to bypass intended access restrictions and read the (1) visibility, (2) location, and (3) recurrence fields of a calendar via a custom view. |
| member.php in Crossday Discuz! Board allows remote attackers to reset passwords of arbitrary users via crafted (1) lostpasswd and (2) getpasswd actions, possibly involving predictable generation of the id parameter. |
| The web interface (CobblerWeb) in Cobbler before 1.2.9 allows remote authenticated users to execute arbitrary Python code in cobblerd by editing a Cheetah kickstart template to import arbitrary Python modules. |
| TurnkeyForms Web Hosting Directory stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain a database backup via a direct request to admin/backup/db. |
| Unrestricted file upload vulnerability in submit_file.php in AlstraSoft SendIt Pro allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in send/files/. |
| Unrestricted file upload vulnerability in PHPStore Job Search (aka PHPCareers) allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a resume photo, then accessing it via a direct request to the file in jobseekers/jobseeker_profile_images. |
| Unrestricted file upload vulnerability in PHPStore Real Estate allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a logo, then accessing it via a direct request to the file in realty/re_images/. |
| Unrestricted file upload vulnerability in PHPStore Auto Classifieds allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a logo, then accessing it via a direct request to the file in cars/cars_images/. |
| Unrestricted file upload vulnerability in PHPStore Complete Classifieds allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a logo, then accessing it via a direct request to the file in classifieds1/yellow_images/. |
| Unrestricted file upload vulnerability in index.php in phpAdBoard 1.8 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in photoes/. |
| Unrestricted file upload vulnerability in auth.php in phpEmployment 1.8 allows remote attackers to execute arbitrary code by uploading a file with an executable extension during a regnew action, then accessing it via a direct request to the file in photoes/. |
| Unrestricted file upload vulnerability in admin/galeria.php in ThePortal2 2.2 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the file in galeria/. |
