|
303561
|
- |
|
ezpx
|
ezpx_photoblog
|
PHP remote file inclusion vulnerability in system/application/views/public/commentform.php in EZPX Photoblog 1.2 beta allows remote attackers to execute arbitrary PHP code via a URL in the tpl_base_d…
|
CWE-94
Code Injection
|
CVE-2010-2341
|
2024-11-21 10:16 |
2010-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303562
|
- |
|
arabportal
|
arab_portal
|
SQL injection vulnerability in members.php in Arab Portal 2.2, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the by parameter in the msearch action.
|
CWE-89
SQL Injection
|
CVE-2010-2340
|
2024-11-21 10:16 |
2010-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303563
|
- |
|
subdreamer
|
subdreamer
|
SQL injection vulnerability in admin/pages.php in Subdreamer CMS 3.x.x allows remote attackers to execute arbitrary SQL commands via the categoryids[] parameter in an update_pages action.
|
CWE-89
SQL Injection
|
CVE-2010-2339
|
2024-11-21 10:16 |
2010-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303564
|
- |
|
vunet
|
vu_web_visitor_analyst
|
Multiple SQL injection vulnerabilities in redir.asp in VU Web Visitor Analyst allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter. NOTE: some of t…
|
CWE-89
SQL Injection
|
CVE-2010-2338
|
2024-11-21 10:16 |
2010-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303565
|
- |
|
yamamah
|
yamamah
|
index.php in Yamamah Photo Gallery 1.00 allows remote attackers to obtain the source code of executable files within the web document root via the download parameter.
|
CWE-200
Information Exposure
|
CVE-2010-2336
|
2024-11-21 10:16 |
2010-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303566
|
- |
|
yamamah
|
yamamah
|
SQL injection vulnerability in index.php in Yamamah Photo Gallery 1.00, as distributed before 20100618, allows remote attackers to execute arbitrary SQL commands via the news parameter.
|
CWE-89
SQL Injection
|
CVE-2010-2335
|
2024-11-21 10:16 |
2010-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303567
|
- |
|
yamamah
|
yamamah
|
Directory traversal vulnerability in themes/default/download.php in Yamamah Photo Gallery 1.00, as distributed before 20100618, allows remote attackers to read arbitrary files via a .. (dot dot) in t…
|
CWE-22
Path Traversal
|
CVE-2010-2334
|
2024-11-21 10:16 |
2010-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303568
|
- |
|
litespeedtech
|
litespeed_web_server
|
LiteSpeed Technologies LiteSpeed Web Server 4.0.x before 4.0.15 allows remote attackers to read the source code of scripts via an HTTP request with a null byte followed by a .txt file extension.
|
CWE-200
Information Exposure
|
CVE-2010-2333
|
2024-11-21 10:16 |
2010-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303569
|
- |
|
impactfinancials
|
impact_pdf_reader
|
Impact Financials, Inc. Impact PDF Reader 2.0, 1.2, and other versions for iPhone and iPod touch allows remote attackers to cause a denial of service (server crash) via a "..." body in a POST request.
|
CWE-20
Improper Input Validation
|
CVE-2010-2332
|
2024-11-21 10:16 |
2010-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303570
|
- |
|
upredsun
|
isharer_file_sharing_wizard
|
Stack-based buffer overflow in iSharer File Sharing Wizard 1.5.0 allows remote attackers to execute arbitrary code via a long HEAD request.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-2331
|
2024-11-21 10:16 |
2010-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
