|
299191
|
- |
|
pilotcart
|
pilot_cart
|
Multiple cross-site scripting (XSS) vulnerabilities in ASPilot Pilot Cart 7.3 allow remote attackers to inject arbitrary web script or HTML via the (1) countrycode parameter to contact.asp, USERNAME …
|
CWE-79
Cross-site Scripting
|
CVE-2010-4631
|
2024-11-21 10:21 |
2010-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299192
|
- |
|
fubra
|
wp-survey-and-quiz-tool
|
Cross-site scripting (XSS) vulnerability in pages/admin/surveys/create.php in the WP Survey And Quiz Tool plugin 1.2.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4630
|
2024-11-21 10:21 |
2010-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299193
|
- |
|
mybb
|
mybb
|
MyBB (aka MyBulletinBoard) before 1.4.12 does not properly restrict uid values for group join requests, which allows remote attackers to cause a denial of service (resource consumption) by using gues…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-4629
|
2024-11-21 10:21 |
2010-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299194
|
- |
|
mybb
|
mybb
|
member.php in MyBB (aka MyBulletinBoard) before 1.4.12 makes a certain superfluous call to the SQL COUNT function, which allows remote attackers to cause a denial of service (resource consumption) by…
|
NVD-CWE-Other
|
CVE-2010-4628
|
2024-11-21 10:21 |
2010-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299195
|
- |
|
mybb
|
mybb
|
Cross-site request forgery (CSRF) vulnerability in usercp2.php in MyBB (aka MyBulletinBoard) before 1.4.12 allows remote attackers to hijack the authentication of unspecified victims via unknown vect…
|
CWE-352
Origin Validation Error
|
CVE-2010-4627
|
2024-11-21 10:21 |
2010-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299196
|
- |
|
mybb
|
mybb
|
The my_rand function in functions.php in MyBB (aka MyBulletinBoard) before 1.4.12 does not properly use the PHP mt_rand function, which makes it easier for remote attackers to obtain access to an arb…
|
CWE-310
Cryptographic Issues
|
CVE-2010-4626
|
2024-11-21 10:21 |
2010-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299197
|
- |
|
mybb
|
mybb
|
MyBB (aka MyBulletinBoard) before 1.4.12 does not properly handle a configuration with a visible forum that contains hidden threads, which allows remote attackers to obtain sensitive information by r…
|
CWE-200
Information Exposure
|
CVE-2010-4625
|
2024-11-21 10:21 |
2010-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299198
|
- |
|
mybb
|
mybb
|
MyBB (aka MyBulletinBoard) before 1.4.12 allows remote authenticated users to bypass intended restrictions on the number of [img] MyCodes by editing a post after it has been created.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-4624
|
2024-11-21 10:21 |
2010-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299199
|
- |
|
mybb
|
mybb
|
Multiple cross-site scripting (XSS) vulnerabilities in MyBB (aka MyBulletinBoard) 1.4.14, and 1.6.x before 1.6.1, allow remote attackers to inject arbitrary web script or HTML via vectors related to …
|
CWE-79
Cross-site Scripting
|
CVE-2010-4522
|
2024-11-21 10:21 |
2010-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299200
|
- |
|
ibm
|
tivoli_access_manager_for_e-business
|
WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1-TIV-AWS-FP0001 allows remote authenticated users to cause a denial of service (worker thread consumption) via shift-reload actio…
|
CWE-399
Resource Management Errors
|
CVE-2010-4623
|
2024-11-21 10:21 |
2010-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
