|
345491
|
- |
|
rising-global
|
rising_antivirus
|
Beijing Rising International Rising Antivirus 2008 through 2010 does not properly validate input to certain IOCTLs, including 0x83003C07, which allows local users to gain privileges via crafted IOCTL…
|
CWE-20
Improper Input Validation
|
CVE-2010-1591
|
2017-08-17 10:32 |
2010-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345492
|
- |
|
ocsinventory-ng
|
ocs_inventory_ng
|
Multiple cross-site scripting (XSS) vulnerabilities in ocsreports/index.php in OCS Inventory NG 1.02.1 allow remote attackers to inject arbitrary web script or HTML via (1) the query string, (2) the …
|
CWE-79
Cross-site Scripting
|
CVE-2010-1594
|
2017-08-17 10:32 |
2010-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345493
|
- |
|
ocsinventory-ng
|
ocs_inventory_ng
|
Multiple SQL injection vulnerabilities in ocsreports/index.php in OCS Inventory NG 1.02.1 allow remote attackers to execute arbitrary SQL commands via the (1) c, (2) val_1, or (3) onglet_bis paramete…
|
CWE-89
SQL Injection
|
CVE-2010-1595
|
2017-08-17 10:32 |
2010-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345494
|
- |
|
sitracker
|
support_incident_tracker
|
Support Incident Tracker before 3.51, when using LDAP authentication with anonymous binds, allows remote attackers to bypass authentication via an empty password.
|
CWE-287
Improper Authentication
|
CVE-2010-1596
|
2017-08-17 10:32 |
2010-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345495
|
- |
|
zipgenius
|
zipgenius
|
Stack-based buffer overflow in zgtips.dll in ZipGenius 6.3.1.2552 allows user-assisted remote attackers to execute arbitrary code via a ZIP file containing an entry with a long filename.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-1597
|
2017-08-17 10:32 |
2010-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345496
|
- |
|
silisoftware
|
phpthumb\(\)
|
phpThumb.php in phpThumb() 1.7.9 and possibly other versions, when ImageMagick is installed, allows remote attackers to execute arbitrary commands via the fltr[] parameter, as discovered in the wild …
|
CWE-20
Improper Input Validation
|
CVE-2010-1598
|
2017-08-17 10:32 |
2010-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345497
|
- |
|
nkinfoweb
|
nkinfoweb
|
SQL injection vulnerability in loadorder.php in NKInFoWeb 2.5 and 5.2.2.0 allows remote attackers to execute arbitrary SQL commands via the id_sp parameter.
|
CWE-89
SQL Injection
|
CVE-2010-1599
|
2017-08-17 10:32 |
2010-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345498
|
- |
|
thefactory
|
com_mediamall
|
SQL injection vulnerability in the Media Mall Factory (com_mediamall) component 1.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter to index.php.
|
CWE-89
SQL Injection
|
CVE-2010-1600
|
2017-08-17 10:32 |
2010-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345499
|
- |
|
joomlamart
|
com_jacomment
|
Directory traversal vulnerability in the JA Comment (com_jacomment) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php.
|
CWE-22
Path Traversal
|
CVE-2010-1601
|
2017-08-17 10:32 |
2010-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345500
|
- |
|
ncrypted
|
nct_jobs_portal_script
|
Multiple SQL injection vulnerabilities in admin_login.php in NCT Jobs Portal Script allow remote attackers to execute arbitrary SQL commands via the (1) user parameter (aka login field) and (2) passw…
|
CWE-89
SQL Injection
|
CVE-2010-1604
|
2017-08-17 10:32 |
2010-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
