|
346441
|
- |
|
xs4all
|
jag
|
JAG (Just Another Guestbook) 1.14 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-0665
|
2017-08-17 10:32 |
2010-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346442
|
- |
|
moinmo
|
moinmoin
|
Unspecified vulnerability in MoinMoin 1.5.x through 1.7.x, 1.8.x before 1.8.7, and 1.9.x before 1.9.2 has unknown impact and attack vectors, related to configurations that have a non-empty superuser …
|
NVD-CWE-noinfo
|
CVE-2010-0668
|
2017-08-17 10:32 |
2010-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346443
|
- |
|
iptechinside
|
com_jquarks
|
Unspecified vulnerability in the IP-Tech JQuarks (com_jquarks) Component before 0.2.4 for Joomla! allows attackers to obtain the installation path for Joomla! via unknown vectors.
|
CWE-200
Information Exposure
|
CVE-2010-0670
|
2017-08-17 10:32 |
2010-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346444
|
- |
|
webmastersite
|
wsn_guest
|
SQL injection vulnerability in index.php in WSN Guest 1.02 allows remote attackers to execute arbitrary SQL commands via the orderlinks parameter.
|
CWE-89
SQL Injection
|
CVE-2010-0672
|
2017-08-17 10:32 |
2010-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346445
|
- |
|
2enetworx
|
statcountex
|
StatCounteX 3.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for path/stats.mdb.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-0674
|
2017-08-17 10:32 |
2010-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346446
|
- |
|
orbitals
|
orbital_viewer
|
Stack-based buffer overflow in Orbital Viewer 1.04 allows user-assisted remote attackers to execute arbitrary code via a crafted (1) .orb or (2) .ov file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-0688
|
2017-08-17 10:32 |
2010-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346447
|
- |
|
commodityrentals
|
video_games_rentals
|
SQL injection vulnerability in index.php in CommodityRentals Video Games Rentals allows remote attackers to execute arbitrary SQL commands via the pfid parameter in a catalog action.
|
CWE-89
SQL Injection
|
CVE-2010-0690
|
2017-08-17 10:32 |
2010-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346448
|
- |
|
commodityrentals
|
trade_manager_script
|
SQL injection vulnerability in products.php in CommodityRentals Trade Manager Script allows remote attackers to execute arbitrary SQL commands via the cid parameter.
|
CWE-89
SQL Injection
|
CVE-2010-0693
|
2017-08-17 10:32 |
2010-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346449
|
- |
|
percha
|
com_perchagallery
|
SQL injection vulnerability in the PerchaGallery (com_perchagallery) component before 1.5b for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an editunidad …
|
CWE-89
SQL Injection
|
CVE-2010-0694
|
2017-08-17 10:32 |
2010-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346450
|
- |
|
ilya_ivanchenko
|
itweak_upload
|
Cross-site scripting (XSS) vulnerability in the iTweak Upload module 6.x-1.x before 6.x-1.2 and 6.x-2.x before 6.x-2.3 for Drupal allows remote authenticated users, with create content and upload fil…
|
CWE-79
Cross-site Scripting
|
CVE-2010-0697
|
2017-08-17 10:32 |
2010-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
