|
305901
|
- |
|
gecad
|
axigen_mail_server
|
Directory traversal vulnerability in the HTTP interface in AXIGEN Mail Server 7.4.1 for Windows allows remote attackers to read arbitrary files via a %5C (encoded backslash) in the URL.
|
CWE-22
Path Traversal
|
CVE-2010-3460
|
2024-11-21 10:18 |
2010-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305902
|
- |
|
gecad
|
axigen_mail_server
|
Cross-site scripting (XSS) vulnerability in the Ajax WebMail interface in AXIGEN Mail Server before 7.4.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2010-3459
|
2024-11-21 10:18 |
2010-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305903
|
- |
|
getsymphony
|
symphony
|
SQL injection vulnerability in lib/toolkit/events/event.section.php in Symphony CMS 2.0.7 and 2.1.1 allows remote attackers to execute arbitrary SQL commands via the send-email[recipient] parameter t…
|
CWE-89
SQL Injection
|
CVE-2010-3458
|
2024-11-21 10:18 |
2010-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305904
|
- |
|
getsymphony
|
symphony
|
Multiple cross-site scripting (XSS) vulnerabilities in Symphony CMS 2.0.7 and 2.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) fields[website] parameter in the post com…
|
CWE-79
Cross-site Scripting
|
CVE-2010-3457
|
2024-11-21 10:18 |
2010-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305905
|
- |
|
energyscripts
|
simple_download
|
Directory traversal vulnerability in download.php in EnergyScripts (ES) Simple Download 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
|
CWE-22
Path Traversal
|
CVE-2010-3456
|
2024-11-21 10:18 |
2010-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305906
|
- |
|
atutor
|
achecker
|
Cross-site scripting (XSS) vulnerability in index.php in AChecker 1.0 allows remote attackers to inject arbitrary web script or HTML via the uri parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2010-3455
|
2024-11-21 10:18 |
2010-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305907
|
- |
|
microsoft
|
sharepoint_services
groove_server
internet_explorer
sharepoint_server
sharepoint_foundation
web_apps
|
The toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2, SharePoint Foundation 2010, Office SharePoint Server 2007 SP2, …
|
CWE-79
Cross-site Scripting
|
CVE-2010-3324
|
2024-11-21 10:18 |
2010-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305908
|
- |
|
intermesh
|
group-office
|
SQL injection vulnerability in modules/notes/json.php in Intermesh Group-Office 3.5.9 allows remote attackers to execute arbitrary SQL commands via the category_id parameter in a category action.
|
CWE-89
SQL Injection
|
CVE-2010-3428
|
2024-11-21 10:18 |
2010-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305909
|
- |
|
open-classifieds
|
open_classifieds
|
Multiple cross-site scripting (XSS) vulnerabilities in Open Classifieds 1.7.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) desc, (2) price, (3) title, and (4) place par…
|
CWE-79
Cross-site Scripting
|
CVE-2010-3427
|
2024-11-21 10:18 |
2010-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305910
|
- |
|
4you-studio
|
com_jphone
|
Directory traversal vulnerability in jphone.php in the JPhone (com_jphone) component 1.0 Alpha 3 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in…
|
CWE-22
Path Traversal
|
CVE-2010-3426
|
2024-11-21 10:18 |
2010-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
