|
349791
|
- |
|
justsystems
|
ichitaro
|
Unspecified vulnerability in JustSystems Ichitaro and Ichitaro Government 2006 through 2010 allows user-assisted remote attackers to execute arbitrary code via a crafted font file.
|
NVD-CWE-noinfo
|
CVE-2010-1424
|
2010-04-16 13:00 |
2010-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
349792
|
- |
|
f-secure
|
anti-virus
f-secure_anti-virus
f-secure_anti-virus_client_security
f-secure_anti-virus_for_citrix_servers
f-secure_anti-virus_for_linux
f-secure_anti-virus_for_microsoft_exchange
f-…
|
F-Secure Internet Security 2010 and earlier; Anti-Virus for Microsoft Exchange 9 and earlier, and for MIMEsweeper 5.61 and earlier; Internet Gatekeeper for Windows 6.61 and earlier, and for Linux 4.0…
|
NVD-CWE-Other
|
CVE-2010-1425
|
2010-04-16 13:00 |
2010-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
349793
|
- |
|
mhd_zaher_ghaibeh
|
arab_cart
|
SQL injection vulnerability in showimg.php in Arab Cart 1.0.2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2010-0724
|
2010-04-15 14:41 |
2010-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
349794
|
- |
|
mhd_zaher_ghaibeh
|
arab_cart
|
Cross-site scripting (XSS) vulnerability in showimg.php in Arab Cart 1.0.2.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2010-0725
|
2010-04-15 14:41 |
2010-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
349795
|
- |
|
preprojects
|
pre_classified_listings_asp
|
Cross-site scripting (XSS) vulnerability in signup.asp in Pre Classified Listings ASP allows remote attackers to inject arbitrary web script or HTML via the address parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2010-1371
|
2010-04-15 06:03 |
2010-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
349796
|
- |
|
preprojects
|
pre_classified_listings_asp
|
SQL injection vulnerability in signup.asp in Pre Classified Listings ASP allows remote attackers to execute arbitrary SQL commands via the email parameter.
|
CWE-89
SQL Injection
|
CVE-2010-1369
|
2010-04-15 05:58 |
2010-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
349797
|
- |
|
uiga
|
fan_club
|
Multiple SQL injection vulnerabilities in admin/admin_login.php in Uiga Fan Club 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) admin_name and (2) admin_password…
|
CWE-89
SQL Injection
|
CVE-2010-1366
|
2010-04-15 05:49 |
2010-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
349798
|
- |
|
uiga
|
personal_portal
|
SQL injection vulnerability in index.php in Uiga Personal Portal, as downloaded on 20100301, allows remote attackers to execute arbitrary SQL commands via the id parameter in a photos action. NOTE: …
|
CWE-89
SQL Injection
|
CVE-2010-1364
|
2010-04-15 04:37 |
2010-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
349799
|
- |
|
ben_jeavons
|
ownterm
|
Cross-site scripting (XSS) vulnerability in the Own Term module 6.x-1.0 for Drupal allows remote authenticated users, with "create additional terms" privileges, to inject arbitrary web script or HTML…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1362
|
2010-04-14 22:59 |
2010-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
349800
|
- |
|
yasirpro
|
ms-pro_portal_scripti
|
YP Portal MS-Pro Surumu (aka MS-Pro Portal Scripti) 1.0 and 1.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-4766
|
2010-04-14 21:44 |
2010-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
