|
345251
|
- |
|
kmsoft
|
guestbook
|
KMSoft Guestbook (aka GBook) 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/db.…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-0978
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345252
|
- |
|
mitchell_sleeper
|
l4d_stats
|
SQL injection vulnerability in player.php in Left 4 Dead (L4D) Stats 1.1 allows remote attackers to execute arbitrary SQL commands via the steamid parameter.
|
CWE-89
SQL Injection
|
CVE-2010-0980
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345253
|
- |
|
templateplazza
|
com_tpjobs
|
SQL injection vulnerability in the TPJobs (com_tpjobs) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id_c[] parameter in a resadvsearch action to index.php.
|
CWE-89
SQL Injection
|
CVE-2010-0981
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345254
|
- |
|
utilo
|
rezervi
|
PHP remote file inclusion vulnerability in include/mail.inc.php in Rezervi 3.0.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the …
|
CWE-94
Code Injection
|
CVE-2010-0983
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345255
|
- |
|
acidcat
|
acidcat_cms
|
Acidcat CMS 3.5.3 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing credentials via a direc…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-0984
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345256
|
- |
|
chris_simon
|
com_abbrev
|
Directory traversal vulnerability in the Abbreviations Manager (com_abbrev) component 1.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the co…
|
CWE-22
Path Traversal
|
CVE-2010-0985
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345257
|
- |
|
chris_wederka
|
tgm_newsletter
|
SQL injection vulnerability in the TGM-Newsletter (tgm_newsletter) extension 0.0.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2010-1024
|
2017-08-17 10:32 |
2010-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345258
|
- |
|
chris_wederka
|
tgm_newsletter
|
Cross-site scripting (XSS) vulnerability in the TGM-Newsletter (tgm_newsletter) extension 0.0.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2010-1025
|
2017-08-17 10:32 |
2010-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345259
|
- |
|
mathon_nicolas
|
tmsw_cleandb
|
SQL injection vulnerability in the CleanDB - DBAL (tmsw_cleandb) extension 2.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2010-1026
|
2017-08-17 10:32 |
2010-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345260
|
- |
|
dietmar_schffer
|
travelmate
|
SQL injection vulnerability in the Meet Travelmates (travelmate) extension 0.1.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2010-1027
|
2017-08-17 10:32 |
2010-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
