|
347661
|
- |
|
visialis
|
abb_forum
|
Visialis ABB Forum 1.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for fpdb/abb.mdb.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-0939
|
2017-08-17 10:32 |
2010-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347662
|
- |
|
sanusart
|
simple_php_guestbook
|
Cross-site scripting (XSS) vulnerability in guestbook.php in Simple PHP Guestbook 1.0 allows remote attackers to inject arbitrary web script or HTML via the action parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2010-0940
|
2017-08-17 10:32 |
2010-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347663
|
- |
|
web-site-development
|
etek_systems_hit_counter
|
Multiple cross-site scripting (XSS) vulnerabilities in eTek Systems Hit Counter 2.0 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) index.php, (2) inc/login.php…
|
CWE-79
Cross-site Scripting
|
CVE-2010-0941
|
2017-08-17 10:32 |
2010-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347664
|
- |
|
jvideodirect
|
com_jvideodirect
|
Directory traversal vulnerability in the jVideoDirect (com_jvideodirect) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.…
|
CWE-22
Path Traversal
|
CVE-2010-0942
|
2017-08-17 10:32 |
2010-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347665
|
- |
|
joomlart
|
com_jashowcase
|
Directory traversal vulnerability in the JA Showcase (com_jashowcase) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a jashowc…
|
CWE-22
Path Traversal
|
CVE-2010-0943
|
2017-08-17 10:32 |
2010-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347666
|
- |
|
thorsten_riess
|
com_jcollection
|
Directory traversal vulnerability in the JCollection (com_jcollection) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.ph…
|
CWE-22
Path Traversal
|
CVE-2010-0944
|
2017-08-17 10:32 |
2010-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347667
|
- |
|
hotbrackets
|
com_hotbrackets
|
SQL injection vulnerability in the HotBrackets Tournament Brackets (com_hotbrackets) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
|
CWE-89
SQL Injection
|
CVE-2010-0945
|
2017-08-17 10:32 |
2010-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347668
|
- |
|
bfs.kilu
|
bigforum
|
SQL injection vulnerability in profil.php in Bigforum 4.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2010-0948
|
2017-08-17 10:32 |
2010-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347669
|
- |
|
dev4u
|
dev4u_cms
|
SQL injection vulnerability in go_target.php in dev4u CMS allows remote attackers to execute arbitrary SQL commands via the kontent_id parameter.
|
CWE-89
SQL Injection
|
CVE-2010-0951
|
2017-08-17 10:32 |
2010-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347670
|
- |
|
insanevisions
|
onecms
|
SQL injection vulnerability in index.php in OneCMS 2.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the user parameter in an elite action.
|
CWE-89
SQL Injection
|
CVE-2010-0952
|
2017-08-17 10:32 |
2010-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
