|
345581
|
- |
|
bukulokomedia
|
lokomedia_cms
|
Directory traversal vulnerability in downlot.php in Lokomedia CMS 1.4.1 and 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
|
CWE-22
Path Traversal
|
CVE-2010-2018
|
2017-08-17 10:32 |
2010-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345582
|
- |
|
mgenti
|
tftputil_gui
|
Buffer overflow in k23productions TFTPUtil GUI (aka TFTPGUI) 1.4.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long transport mode.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-2028
|
2017-08-17 10:32 |
2010-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345583
|
- |
|
cybozu
|
cybozu_office
cybozu_dotsales
|
Cybozu Office 7 Ktai and Dotsales do not properly restrict access to the login page, which allows remote attackers to bypass authentication and obtain or modify sensitive information by using the uni…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-2029
|
2017-08-17 10:32 |
2010-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345584
|
- |
|
alan_palazzolo
|
external_link_page
|
Cross-site scripting (XSS) vulnerability in the External Link Page module 5.x before 5.x-1.0 and 6.x before 6.x-1.2 for Drupal allows remote attackers to inject arbitrary web script or HTML via vecto…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2030
|
2017-08-17 10:32 |
2010-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345585
|
- |
|
kingsoft
|
webshield
|
KAVSafe.sys 2010.4.14.609 and earlier, as used in Kingsoft Webshield 3.5.1.2 and earlier, allows local users to overwrite arbitrary kernel memory via a crafted request to IOCTL 0x830020d4 on the KAVS…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-2031
|
2017-08-17 10:32 |
2010-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345586
|
- |
|
gpeasy
|
gpeasy_cms
|
Cross-site request forgery (CSRF) vulnerability in gpEasy CMS 1.6.2, 1.6.1, and earlier allows remote attackers to hijack the authentication of administrators for requests that create new administrat…
|
CWE-352
Origin Validation Error
|
CVE-2010-2039
|
2017-08-17 10:32 |
2010-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345587
|
- |
|
v-eva
|
shopzilla_affiliate_script_php
|
Cross-site scripting (XSS) vulnerability in search.php in V-EVA Shopzilla Affiliate Script PHP allows remote attackers to inject arbitrary web script or HTML via the s parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2010-2040
|
2017-08-17 10:32 |
2010-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345588
|
- |
|
magnoware
|
datatrack_system
|
Cross-site scripting (XSS) vulnerability in Home.aspx in DataTrack System 3.5 and 3.5.8019.4 allows remote attackers to inject arbitrary web script or HTML via the Work_Order_Summary parameter (aka t…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2043
|
2017-08-17 10:32 |
2010-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345589
|
- |
|
adhie_utomo
|
com_konsultasi
|
SQL injection vulnerability in the Konsultasi (com_konsultasi) component 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the sid parameter in a detail action to index.…
|
CWE-89
SQL Injection
|
CVE-2010-2044
|
2017-08-17 10:32 |
2010-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345590
|
- |
|
dionesoft
|
com_dioneformwizard
|
Directory traversal vulnerability in the Dione Form Wizard (aka FDione or com_dioneformwizard) component 1.0.2 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequ…
|
CWE-22
Path Traversal
|
CVE-2010-2045
|
2017-08-17 10:32 |
2010-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
