|
345471
|
- |
|
uiga
|
proxy
|
PHP remote file inclusion vulnerability in include/template.php in Uiga Proxy, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the content paramet…
|
CWE-94
Code Injection
|
CVE-2010-1528
|
2017-08-17 10:32 |
2010-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345472
|
- |
|
freestyle
|
faqs_lite
|
SQL injection vulnerability in the Freestyle FAQs Lite (com_fsf) component, possibly 1.3, for Joomla! allows remote attackers to execute arbitrary SQL commands via the faqid parameter in an faq actio…
|
CWE-89
SQL Injection
|
CVE-2010-1529
|
2017-08-17 10:32 |
2010-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345473
|
- |
|
redcomponent
|
com_redshop
|
Directory traversal vulnerability in the redSHOP (com_redshop) component 1.0.x for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php.
|
CWE-22
Path Traversal
|
CVE-2010-1531
|
2017-08-17 10:32 |
2010-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345474
|
- |
|
joomla.batjo
|
com_shoutbox
|
Directory traversal vulnerability in the Shoutbox Pro (com_shoutbox) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
CWE-22
Path Traversal
|
CVE-2010-1534
|
2017-08-17 10:32 |
2010-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345475
|
- |
|
francois_bissonnette
|
phpcdb
|
Multiple directory traversal vulnerabilities in phpCDB 1.0 and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang_global parameter to (1) first…
|
CWE-22
Path Traversal
|
CVE-2010-1537
|
2017-08-17 10:32 |
2010-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345476
|
- |
|
bluestrikeweb
|
phpraincheck
|
SQL injection vulnerability in print_raincheck.php in phpRAINCHECK 1.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2010-1538
|
2017-08-17 10:32 |
2010-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345477
|
- |
|
john_vandyk
|
workflow
|
Cross-site scripting (XSS) vulnerability in the Workflow module 5.x-2.x before 5.x-2.6 and 6.x-1.x before 6.x-1.4 for Drupal, when used with the Token module, might allow remote authenticated users t…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1539
|
2017-08-17 10:32 |
2010-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345478
|
- |
|
etracker
|
etracker
|
Cross-site scripting (XSS) vulnerability in the eTracker module before 6.x-1.2 for Drupal allows remote attackers to inject arbitrary web script or HTML by appending a crafted string to an arbitrary …
|
CWE-79
Cross-site Scripting
|
CVE-2010-1543
|
2017-08-17 10:32 |
2010-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345479
|
- |
|
chaos_tool_suite_project
|
ctools
|
Multiple eval injection vulnerabilities in the import functionality in the Chaos Tool Suite (aka CTools) module 6.x before 6.x-1.4 for Drupal allow remote authenticated users, with "administer page m…
|
CWE-94
Code Injection
|
CVE-2010-1546
|
2017-08-17 10:32 |
2010-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345480
|
- |
|
chaos_tool_suite_project
|
ctools
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Chaos Tool Suite (aka CTools) module 6.x before 6.x-1.4 for Drupal allow remote attackers to hijack the authentication of administrat…
|
CWE-352
Origin Validation Error
|
CVE-2010-1547
|
2017-08-17 10:32 |
2010-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
