|
299201
|
- |
|
ibm
|
tivoli_access_manager_for_e-business
|
Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1-TIV-AWS-FP0001 on AIX allows remote attackers to read arbitrary files via a %uff0e%uff0e (e…
|
CWE-22
Path Traversal
|
CVE-2010-4622
|
2024-11-21 10:21 |
2010-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299202
|
- |
|
clear
|
ispot_firmware
ispot
clearspot_firmware
clearspot
|
Multiple cross-site request forgery (CSRF) vulnerabilities on the iSpot 2.0.0.0 R1679, and the ClearSpot 2.0.0.0 R1512 and R1786, with firmware 1.9.9.4 allow remote attackers to hijack the authentica…
|
CWE-352
Origin Validation Error
|
CVE-2010-4507
|
2024-11-21 10:21 |
2010-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299203
|
- |
|
webscripti
|
mafya_oyun_scrpti
|
SQL injection vulnerability in profil.php in Mafya Oyun Scrpti (aka Mafia Game Script) allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2010-4619
|
2024-11-21 10:21 |
2010-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299204
|
- |
|
algisinfo
|
aicontactsafe
|
Cross-site scripting (XSS) vulnerability in the Algis Info aiContactSafe component before 2.0.14 for Joomla! allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2010-4618
|
2024-11-21 10:21 |
2010-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299205
|
- |
|
kanich
|
com_jotloader
|
Directory traversal vulnerability in the JotLoader (com_jotloader) component 2.2.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the section paramet…
|
CWE-22
Path Traversal
|
CVE-2010-4617
|
2024-11-21 10:21 |
2010-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299206
|
- |
|
impresscms
|
impresscms
|
Cross-site scripting (XSS) vulnerability in modules/content/admin/content.php in ImpressCMS 1.2.3 Final, and possibly other versions before 1.2.4, allows remote attackers to inject arbitrary web scri…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4616
|
2024-11-21 10:21 |
2010-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299207
|
- |
|
iskenderaltuntas
|
oto_galeri_sistemi
|
Multiple SQL injection vulnerabilities in Oto Galeri Sistemi 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) arac parameter to carsdetail.asp and the (2) marka parameter to t…
|
CWE-89
SQL Injection
|
CVE-2010-4615
|
2024-11-21 10:21 |
2010-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299208
|
- |
|
mhproducts
|
ero_auktion
|
SQL injection vulnerability in item.php in Ero Auktion 2010 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2010-0723.
|
CWE-89
SQL Injection
|
CVE-2010-4614
|
2024-11-21 10:21 |
2010-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299209
|
- |
|
hycus
|
hycus_cms
|
Multiple directory traversal vulnerabilities in Hycus CMS 1.0.3 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the site parameter to (1) index.php and (2) a…
|
CWE-22
Path Traversal
|
CVE-2010-4613
|
2024-11-21 10:21 |
2010-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299210
|
- |
|
hycus
|
hycus_cms
|
Multiple SQL injection vulnerabilities in index.php in Hycus CMS 1.0.3, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) user_name and (2) usr_e…
|
CWE-89
SQL Injection
|
CVE-2010-4612
|
2024-11-21 10:21 |
2010-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
