|
305481
|
- |
|
linearcorp
|
emerge_50
emerge_5000
|
The Linear eMerge 50 and 5000 uses a default password of eMerge for the IEIeMerge account, which makes it easier for remote attackers to obtain Video Recorder data by establishing a session to the de…
|
CWE-255
Credentials Management
|
CVE-2010-2469
|
2024-11-21 10:16 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305482
|
- |
|
s2sys
linearcorp
sonitrol
|
netbox
emerge_50
emerge_5000
eaccess
|
The S2 Security NetBox 2.x and 3.x, as used in the Linear eMerge 50 and 5000 and the Sonitrol eAccess, uses a weak hash algorithm for storing the Administrator password, which makes it easier for con…
|
CWE-310
Cryptographic Issues
|
CVE-2010-2468
|
2024-11-21 10:16 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305483
|
- |
|
s2sys
linearcorp
sonitrol
|
netbox
emerge_50
emerge_5000
eaccess
|
The S2 Security NetBox, possibly 2.x and 3.x, as used in the Linear eMerge 50 and 5000 and the Sonitrol eAccess, does not require setting a password for the FTP server that stores database backups, w…
|
CWE-255
Credentials Management
|
CVE-2010-2467
|
2024-11-21 10:16 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305484
|
- |
|
s2sys
linearcorp
sonitrol
|
netbox
emerge_50
emerge_5000
eaccess
|
The S2 Security NetBox, possibly 2.x and 3.x, as used in the Linear eMerge 50 and 5000 and the Sonitrol eAccess, does not properly prevent downloading of database backups, which allows remote attacke…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-2466
|
2024-11-21 10:16 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305485
|
- |
|
s2sys
linearcorp
sonitrol
|
netbox
emerge_50
emerge_5000
eaccess
|
The S2 Security NetBox 2.5, 3.3, and 4.0, as used in the Linear eMerge 50 and 5000 and the Sonitrol eAccess, stores sensitive information under the web root with insufficient access control, which al…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-2465
|
2024-11-21 10:16 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305486
|
- |
|
rsjoomla
|
com_rscomments
|
Multiple cross-site scripting (XSS) vulnerabilities in the RSComments (com_rscomments) component 1.0.0 Rev 2 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) webs…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2464
|
2024-11-21 10:16 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305487
|
- |
|
jamroom
|
jamroom
|
Cross-site scripting (XSS) vulnerability in forum.php in Jamroom before 4.1.9 allows remote attackers to inject arbitrary web script or HTML via the post_id parameter in a modify action.
|
CWE-79
Cross-site Scripting
|
CVE-2010-2463
|
2024-11-21 10:16 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305488
|
- |
|
tomacero
|
orohyip
|
SQL injection vulnerability in withdraw_money.php in Toma Cero OroHYIP allows remote attackers to execute arbitrary SQL commands via the id parameter in a cancel action.
|
CWE-89
SQL Injection
|
CVE-2010-2462
|
2024-11-21 10:16 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305489
|
- |
|
jce-tech
|
overstock_script
|
SQL injection vulnerability in storecat.php in JCE-Tech Overstock 1 allows remote attackers to execute arbitrary SQL commands via the store parameter.
|
CWE-89
SQL Injection
|
CVE-2010-2461
|
2024-11-21 10:16 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305490
|
- |
|
jce-tech
|
shareasale_script
|
SQL injection vulnerability in merchant_product_list.php in JCE-Tech Shareasale Script (SASS) 1 allows remote attackers to execute arbitrary SQL commands via the mechant_id parameter.
|
CWE-89
SQL Injection
|
CVE-2010-2460
|
2024-11-21 10:16 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
