|
355271
|
- |
|
phpkobo
|
address_book_script
|
Directory traversal vulnerability in staff/app/common.inc.php in Phpkobo Address Book Script 1.09, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local fi…
|
CWE-22
Path Traversal
|
CVE-2010-1059
|
2010-03-24 13:00 |
2010-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355272
|
- |
|
phpkobo
|
short_url
|
Directory traversal vulnerability in staff/app/common.inc.php in Phpkobo Short URL 1.01, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a …
|
CWE-22
Path Traversal
|
CVE-2010-1060
|
2010-03-24 13:00 |
2010-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355273
|
- |
|
phpkobo
|
free_real_estate_contact_form_script
|
Multiple directory traversal vulnerabilities in Phpkobo Free Real Estate Contact Form 1.09, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via …
|
CWE-22
Path Traversal
|
CVE-2010-1063
|
2010-03-24 13:00 |
2010-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355274
|
- |
|
entrylevelcms
|
el_cms
|
SQL injection vulnerability in index.php in Entry Level CMS (EL CMS) allows remote attackers to execute arbitrary SQL commands via the subj parameter.
|
CWE-89
SQL Injection
|
CVE-2010-1075
|
2010-03-24 13:00 |
2010-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355275
|
- |
|
ryan_marshall
|
rostermain
|
Multiple SQL injection vulnerabilities in index.php in Rostermain 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) userid (username) and (2) password parameters.
|
CWE-89
SQL Injection
|
CVE-2010-1046
|
2010-03-23 22:53 |
2010-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355276
|
- |
|
jaxcms
|
jaxcms
|
Directory traversal vulnerability in index.php in jaxCMS 1.0 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the p parameter.
|
CWE-22
Path Traversal
|
CVE-2010-1043
|
2010-03-23 13:00 |
2010-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355277
|
- |
|
design-cars
|
com_productbook
|
SQL injection vulnerability in the Productbook (com_productbook) component 1.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index…
|
CWE-89
SQL Injection
|
CVE-2010-1045
|
2010-03-23 13:00 |
2010-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355278
|
- |
|
uiga
|
business_portal
|
Cross-site scripting (XSS) vulnerability in blog/index.php in Uiga Business Portal allows remote attackers to inject arbitrary web script or HTML via the textcomment parameter (aka the Comment Box) i…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1048
|
2010-03-23 13:00 |
2010-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355279
|
- |
|
alexandre_dubus
|
audistat
|
SQL injection vulnerability in index.php in AudiStat 1.3 allows remote attackers to execute arbitrary SQL commands via the mday parameter.
|
CWE-89
SQL Injection
|
CVE-2010-1050
|
2010-03-23 13:00 |
2010-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355280
|
- |
|
alexandre_dubus
|
audistat
|
Multiple SQL injection vulnerabilities in index.php in AudiStat 1.3 allow remote attackers to execute arbitrary SQL commands via the (1) year and (2) month parameters. NOTE: the provenance of this i…
|
CWE-89
SQL Injection
|
CVE-2010-1051
|
2010-03-23 13:00 |
2010-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
