|
355371
|
- |
|
aspcodecms
|
aspcode_cms
|
SQL injection vulnerability in default.asp in ASPCode CMS 1.5.8, 2.0.0 Build 103, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the newsid parameter when …
|
CWE-89
SQL Injection
|
CVE-2010-0710
|
2010-02-26 14:00 |
2010-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355372
|
- |
|
videosearchscript
|
videosearchscript_pro
|
Cross-site scripting (XSS) vulnerability in index.php in VideoSearchScript Pro 3.5 allows remote attackers to inject arbitrary web script or HTML via the q parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2010-0699
|
2010-02-24 14:00 |
2010-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355373
|
- |
|
zeuscms
|
zeuscms
|
Directory traversal vulnerability in index.php in ZeusCMS 0.2 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the page parameter.
|
CWE-22
Path Traversal
|
CVE-2010-0680
|
2010-02-24 02:14 |
2010-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355374
|
- |
|
zeuscms
|
zeuscms
|
ZeusCMS 0.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request for admin/backup.sql.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-0681
|
2010-02-24 02:14 |
2010-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355375
|
- |
|
weberr
|
com_rwcards
|
Directory traversal vulnerability in index.php in the RWCards (com_rwcards) component 3.0.18 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter.
|
CWE-22
Path Traversal
|
CVE-2010-0676
|
2010-02-24 01:18 |
2010-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355376
|
- |
|
copperleaf
|
photolog
|
SQL injection vulnerability in cplphoto.php in the Copperleaf Photolog plugin 0.16, and possibly earlier, for WordPress allows remote attackers to execute arbitrary SQL commands via the postid parame…
|
CWE-89
SQL Injection
|
CVE-2010-0673
|
2010-02-23 14:00 |
2010-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355377
|
- |
|
bgsvetionik
|
bgs_cms
|
Cross-site scripting (XSS) vulnerability in index.php in BGSvetionik BGS CMS 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the search parameter in a search action. NOTE: s…
|
CWE-79
Cross-site Scripting
|
CVE-2010-0675
|
2010-02-23 14:00 |
2010-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355378
|
- |
|
katalog.hurricane
|
katalog_stron_hurricane
|
SQL injection vulnerability in index.php in Katalog Stron Hurricane 1.3.5, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the get parameter.
|
CWE-89
SQL Injection
|
CVE-2010-0677
|
2010-02-23 14:00 |
2010-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355379
|
- |
|
katalog.hurricane
|
katalog_stron_hurricane
|
PHP remote file inclusion vulnerability in includes/moderation.php in Katalog Stron Hurricane 1.3.5, and possibly earlier, when register_globals is enabled, allows remote attackers to execute arbitra…
|
CWE-94
Code Injection
|
CVE-2010-0678
|
2010-02-23 14:00 |
2010-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355380
|
- |
|
hyleos
|
chemview
|
Multiple stack-based buffer overflows in the HyleosChemView.HLChemView ActiveX control (HyleosChemView.ocx) in Hyleos ChemView 1.9.5.1 allow remote attackers to execute arbitrary code via a large num…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-0679
|
2010-02-23 14:00 |
2010-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
