|
345511
|
- |
|
silisoftware
|
phpthumb\(\)
|
phpThumb.php in phpThumb() 1.7.9 and possibly other versions, when ImageMagick is installed, allows remote attackers to execute arbitrary commands via the fltr[] parameter, as discovered in the wild …
|
CWE-20
Improper Input Validation
|
CVE-2010-1598
|
2017-08-17 10:32 |
2010-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345512
|
- |
|
nkinfoweb
|
nkinfoweb
|
SQL injection vulnerability in loadorder.php in NKInFoWeb 2.5 and 5.2.2.0 allows remote attackers to execute arbitrary SQL commands via the id_sp parameter.
|
CWE-89
SQL Injection
|
CVE-2010-1599
|
2017-08-17 10:32 |
2010-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345513
|
- |
|
thefactory
|
com_mediamall
|
SQL injection vulnerability in the Media Mall Factory (com_mediamall) component 1.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter to index.php.
|
CWE-89
SQL Injection
|
CVE-2010-1600
|
2017-08-17 10:32 |
2010-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345514
|
- |
|
joomlamart
|
com_jacomment
|
Directory traversal vulnerability in the JA Comment (com_jacomment) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php.
|
CWE-22
Path Traversal
|
CVE-2010-1601
|
2017-08-17 10:32 |
2010-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345515
|
- |
|
ncrypted
|
nct_jobs_portal_script
|
Multiple SQL injection vulnerabilities in admin_login.php in NCT Jobs Portal Script allow remote attackers to execute arbitrary SQL commands via the (1) user parameter (aka login field) and (2) passw…
|
CWE-89
SQL Injection
|
CVE-2010-1604
|
2017-08-17 10:32 |
2010-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345516
|
- |
|
ncrypted
|
nct_jobs_portal_script
|
Multiple SQL injection vulnerabilities in isearch.php in NCT Jobs Portal Script allow remote attackers to execute arbitrary SQL commands via the (1) anyword and (2) cityname parameters. NOTE: the pr…
|
CWE-89
SQL Injection
|
CVE-2010-1605
|
2017-08-17 10:32 |
2010-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345517
|
- |
|
ncrypted
|
nct_jobs_portal_script
|
Multiple cross-site scripting (XSS) vulnerabilities in NCT Jobs Portal Script allow remote attackers to inject arbitrary web script or HTML via the (1) search, (2) Keywords, (3) Tags, or (4) Desired …
|
CWE-79
Cross-site Scripting
|
CVE-2010-1606
|
2017-08-17 10:32 |
2010-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345518
|
- |
|
paysyspro
|
com_wmi
|
Directory traversal vulnerability in wmi.php in the Webmoney Web Merchant Interface (aka WMI or com_wmi) component 1.5.0 for Joomla! allows remote attackers to include and execute arbitrary local fil…
|
CWE-22
Path Traversal
|
CVE-2010-1607
|
2017-08-17 10:32 |
2010-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345519
|
- |
|
alegrocart
|
alegrocart
|
Cross-site request forgery (CSRF) vulnerability in AlegroCart 1.1 allows remote attackers to hijack the authentication of the administrator for requests that reset the administrator password via a PO…
|
CWE-352
Origin Validation Error
|
CVE-2010-1611
|
2017-08-17 10:32 |
2010-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345520
|
- |
|
ibm
|
websphere_application_server
|
IBM WebSphere Application Server (WAS) 6.0.x before 6.0.2.41, 6.1.x before 6.1.0.31, and 7.0.x before 7.0.0.11, when the -trace option (aka debugging mode) is enabled, executes debugging statements t…
|
CWE-310
Cryptographic Issues
|
CVE-2010-1650
|
2017-08-17 10:32 |
2010-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
