|
347481
|
- |
|
datalifecms
|
datalife_engine
|
Multiple PHP remote file inclusion vulnerabilities in DataLife Engine (DLE) 8.3 allow remote attackers to execute arbitrary PHP code via a URL in (1) the selected_language parameter to engine/inc/inc…
|
CWE-94
Code Injection
|
CVE-2010-2005
|
2017-08-17 10:32 |
2010-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347482
|
- |
|
chaos_tool_suite_project
|
ctools
|
Multiple cross-site scripting (XSS) vulnerabilities in the Chaos Tool Suite (aka CTools) module 6.x before 6.x-1.4 for Drupal allow remote attackers to inject arbitrary web script or HTML via a node …
|
CWE-79
Cross-site Scripting
|
CVE-2010-2010
|
2017-08-17 10:32 |
2010-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347483
|
- |
|
imagetraders
|
iceberg_cms
|
SQL injection vulnerability in details.php in Iceberg CMS allows remote attackers to execute arbitrary SQL commands via the p_id parameter.
|
CWE-89
SQL Injection
|
CVE-2010-2016
|
2017-08-17 10:32 |
2010-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347484
|
- |
|
bukulokomedia
|
lokomedia_cms
|
Directory traversal vulnerability in downlot.php in Lokomedia CMS 1.4.1 and 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
|
CWE-22
Path Traversal
|
CVE-2010-2018
|
2017-08-17 10:32 |
2010-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347485
|
- |
|
mgenti
|
tftputil_gui
|
Buffer overflow in k23productions TFTPUtil GUI (aka TFTPGUI) 1.4.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long transport mode.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-2028
|
2017-08-17 10:32 |
2010-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347486
|
- |
|
cybozu
|
cybozu_office
cybozu_dotsales
|
Cybozu Office 7 Ktai and Dotsales do not properly restrict access to the login page, which allows remote attackers to bypass authentication and obtain or modify sensitive information by using the uni…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-2029
|
2017-08-17 10:32 |
2010-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347487
|
- |
|
alan_palazzolo
|
external_link_page
|
Cross-site scripting (XSS) vulnerability in the External Link Page module 5.x before 5.x-1.0 and 6.x before 6.x-1.2 for Drupal allows remote attackers to inject arbitrary web script or HTML via vecto…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2030
|
2017-08-17 10:32 |
2010-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347488
|
- |
|
kingsoft
|
webshield
|
KAVSafe.sys 2010.4.14.609 and earlier, as used in Kingsoft Webshield 3.5.1.2 and earlier, allows local users to overwrite arbitrary kernel memory via a crafted request to IOCTL 0x830020d4 on the KAVS…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-2031
|
2017-08-17 10:32 |
2010-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347489
|
- |
|
gpeasy
|
gpeasy_cms
|
Cross-site request forgery (CSRF) vulnerability in gpEasy CMS 1.6.2, 1.6.1, and earlier allows remote attackers to hijack the authentication of administrators for requests that create new administrat…
|
CWE-352
Origin Validation Error
|
CVE-2010-2039
|
2017-08-17 10:32 |
2010-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347490
|
- |
|
v-eva
|
shopzilla_affiliate_script_php
|
Cross-site scripting (XSS) vulnerability in search.php in V-EVA Shopzilla Affiliate Script PHP allows remote attackers to inject arbitrary web script or HTML via the s parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2010-2040
|
2017-08-17 10:32 |
2010-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
