|
345411
|
- |
|
mm_forum
|
mmforum
|
Cross-site scripting (XSS) vulnerability in the mm_forum extension 1.8.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2010-1218
|
2017-08-17 10:32 |
2010-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345412
|
- |
|
com_janews
|
com_janews
|
Directory traversal vulnerability in the JA News (com_janews) component 1.0 for Joomla! allows remote attackers to read arbitrary local files via a .. (dot dot) in the controller parameter to index.p…
|
CWE-22
Path Traversal
|
CVE-2010-1219
|
2017-08-17 10:32 |
2010-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345413
|
- |
|
apache
|
activemq
|
Cross-site request forgery (CSRF) vulnerability in createDestination.action in Apache ActiveMQ before 5.3.1 allows remote attackers to hijack the authentication of unspecified victims for requests th…
|
CWE-352
Origin Validation Error
|
CVE-2010-1244
|
2017-08-17 10:32 |
2010-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345414
|
- |
|
kjetiltroan
|
webmaid_cms
|
Multiple PHP remote file inclusion vulnerabilities in WebMaid CMS 0.2-6 Beta and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) template, (2) menu, (3) events, and …
|
CWE-94
Code Injection
|
CVE-2010-1266
|
2017-08-17 10:32 |
2010-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345415
|
- |
|
fh54
|
justvisual
|
Directory traversal vulnerability in index.php in justVisual CMS 2.0, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files directory traversal seque…
|
CWE-22
Path Traversal
|
CVE-2010-1268
|
2017-08-17 10:32 |
2010-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345416
|
- |
|
phpscripte24
|
niedrig_gebote_pro_auktions_system_ii
|
SQL injection vulnerability in auktion.php in phpscripte24 Niedrig Gebote Pro Auktions System II allows remote attackers to execute arbitrary SQL commands via the id_auk parameter.
|
CWE-89
SQL Injection
|
CVE-2010-1269
|
2017-08-17 10:32 |
2010-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345417
|
- |
|
phpscripte24
|
multi_suktions_komplett_system
|
SQL injection vulnerability in auktion.php in Multi Auktions Komplett System 2 allows remote attackers to execute arbitrary SQL commands via the id_auk parameter.
|
CWE-89
SQL Injection
|
CVE-2010-1270
|
2017-08-17 10:32 |
2010-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345418
|
- |
|
smart-plugs
|
smartplugs
|
SQL injection vulnerability in showplugs.php in smartplugs 1.3 allows remote attackers to execute arbitrary SQL commands via the domain parameter.
|
CWE-89
SQL Injection
|
CVE-2010-1271
|
2017-08-17 10:32 |
2010-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345419
|
- |
|
komputer.boo
|
gnat-tgp
|
PHP remote file inclusion vulnerability in includes/tgpinc.php in Gnat-TGP 1.2.20 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter.
|
CWE-94
Code Injection
|
CVE-2010-1272
|
2017-08-17 10:32 |
2010-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345420
|
- |
|
webtoolkit
|
wt
|
Cross-site scripting (XSS) vulnerability in Emweb Wt before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to "insertions of the URL" that occur during a red…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1274
|
2017-08-17 10:32 |
2010-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
