Vulnerabilities > Splunk
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-06-28 | CVE-2010-2502 | Path Traversal vulnerability in Splunk Multiple directory traversal vulnerabilities in Splunk 4.0 through 4.0.10 and 4.1 through 4.1.1 allow (1) remote attackers to read arbitrary files, aka SPL-31194; (2) remote authenticated users to modify arbitrary files, aka SPL-31063; or (3) have an unknown impact via redirects, aka SPL-31067. | 7.5 |
2010-06-24 | CVE-2010-2429 | Cross-Site Scripting vulnerability in Splunk Cross-site scripting (XSS) vulnerability in Splunk 4.0 through 4.1.2, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer in a "404 Not Found" response. | 4.3 |