|
347221
|
- |
|
mybboard
|
mybb
|
Cross-site scripting (XSS) vulnerability in myps.php in MyBB (aka MyBulletinBoard) 1.4.10 allows remote attackers to inject arbitrary web script or HTML via the username parameter in a donate action.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4813
|
2010-04-28 00:30 |
2010-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347222
|
- |
|
reyero
|
i18n
|
Multiple cross-site scripting (XSS) vulnerabilities in the Internationalization module 6.x before 6.x-1.4 for Drupal allow remote authenticated users, with translate interface or administer blocks pr…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1530
|
2010-04-27 13:00 |
2010-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347223
|
- |
|
givesight
|
com_powermail
|
Directory traversal vulnerability in the givesight PowerMail Pro (com_powermail) component 1.5.3 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact…
|
CWE-22
Path Traversal
|
CVE-2010-1532
|
2010-04-27 13:00 |
2010-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347224
|
- |
|
dragonfrugal
|
dfd_cart
|
Multiple cross-site scripting (XSS) vulnerabilities in DFD Cart 1.198, 1.197, and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) category and (2) list_quantity para…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1541
|
2010-04-27 13:00 |
2010-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347225
|
- |
|
acme
rca
|
micro_httpd
digital_cable_modem
|
micro_httpd on the RCA DCM425 cable modem allows remote attackers to cause a denial of service (device reboot) via a long string to TCP port 80.
|
CWE-20
Improper Input Validation
|
CVE-2010-1544
|
2010-04-27 13:00 |
2010-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347226
|
- |
|
samhain_labs
|
samhain
|
The Secure Remote Password (SRP) implementation in Samhain before 2.5.4 does not check for a certain zero value where required by the protocol, which allows remote attackers to bypass authentication …
|
CWE-20
Improper Input Validation
|
CVE-2009-4810
|
2010-04-27 01:17 |
2010-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347227
|
- |
|
palosanto
|
elastix
|
Directory traversal vulnerability in help/frameRight.php in Elastix 1.6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the id_nodo parameter. NOTE: the provenance of this in…
|
CWE-22
Path Traversal
|
CVE-2010-1492
|
2010-04-26 13:00 |
2010-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347228
|
- |
|
joachim_ruhs
|
flat_manager
|
SQL injection vulnerability in the Flat Manager (flatmgr) extension before 1.9.16 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2009-4802
|
2010-04-26 13:00 |
2010-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347229
|
- |
|
phpmyfaq
|
phpmyfaq
|
Multiple cross-site scripting (XSS) vulnerabilities in index.php in phpMyFAQ before 2.5.5 allow remote attackers to inject arbitrary web script or HTML via (1) the lang parameter in a sitemap action,…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4780
|
2010-04-24 13:00 |
2010-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347230
|
- |
|
ijoomla
|
com_news_portal
|
Directory traversal vulnerability in the iJoomla News Portal (com_news_portal) component 1.5.x for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller paramet…
|
CWE-22
Path Traversal
|
CVE-2010-1312
|
2010-04-22 14:42 |
2010-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
