|
347121
|
- |
|
mhd_zaher_ghaibeh
|
arab_cart
|
SQL injection vulnerability in showimg.php in Arab Cart 1.0.2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2010-0724
|
2010-04-15 14:41 |
2010-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347122
|
- |
|
mhd_zaher_ghaibeh
|
arab_cart
|
Cross-site scripting (XSS) vulnerability in showimg.php in Arab Cart 1.0.2.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2010-0725
|
2010-04-15 14:41 |
2010-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347123
|
- |
|
preprojects
|
pre_classified_listings_asp
|
Cross-site scripting (XSS) vulnerability in signup.asp in Pre Classified Listings ASP allows remote attackers to inject arbitrary web script or HTML via the address parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2010-1371
|
2010-04-15 06:03 |
2010-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347124
|
- |
|
preprojects
|
pre_classified_listings_asp
|
SQL injection vulnerability in signup.asp in Pre Classified Listings ASP allows remote attackers to execute arbitrary SQL commands via the email parameter.
|
CWE-89
SQL Injection
|
CVE-2010-1369
|
2010-04-15 05:58 |
2010-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347125
|
- |
|
uiga
|
fan_club
|
Multiple SQL injection vulnerabilities in admin/admin_login.php in Uiga Fan Club 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) admin_name and (2) admin_password…
|
CWE-89
SQL Injection
|
CVE-2010-1366
|
2010-04-15 05:49 |
2010-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347126
|
- |
|
uiga
|
personal_portal
|
SQL injection vulnerability in index.php in Uiga Personal Portal, as downloaded on 20100301, allows remote attackers to execute arbitrary SQL commands via the id parameter in a photos action. NOTE: …
|
CWE-89
SQL Injection
|
CVE-2010-1364
|
2010-04-15 04:37 |
2010-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347127
|
- |
|
ben_jeavons
|
ownterm
|
Cross-site scripting (XSS) vulnerability in the Own Term module 6.x-1.0 for Drupal allows remote authenticated users, with "create additional terms" privileges, to inject arbitrary web script or HTML…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1362
|
2010-04-14 22:59 |
2010-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347128
|
- |
|
yasirpro
|
ms-pro_portal_scripti
|
YP Portal MS-Pro Surumu (aka MS-Pro Portal Scripti) 1.0 and 1.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-4766
|
2010-04-14 21:44 |
2010-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347129
|
- |
|
ron_jerome
|
bibliography
|
Cross-site scripting (XSS) vulnerability in the Bibliography (Biblio) module 5.x through 5.x-1.17 and 6.x through 6.x-1.9 for Drupal allows remote authenticated users, with "administer biblio" privil…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1358
|
2010-04-14 13:00 |
2010-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347130
|
- |
|
uiga
|
fan_club
|
SQL injection vulnerability in index.php in Uiga Fan Club, as downloaded on 20100310, allows remote attackers to execute arbitrary SQL commands via the id parameter in a photos action.
|
CWE-89
SQL Injection
|
CVE-2010-1365
|
2010-04-14 13:00 |
2010-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
