|
301291
|
- |
|
nicholas_thompson
|
relevant_content
|
The Relevant Content module 5.x before 5.x-1.4 and 6.x before 6.x-1.5 for Drupal does not properly implement node access logic, which allows remote attackers to discover restricted node titles and re…
|
CWE-20
Improper Input Validation
|
CVE-2010-4775
|
2024-11-21 10:21 |
2011-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301292
|
- |
|
auracms
|
auracms
|
SQL injection vulnerability in pdf.php in AuraCMS 1.62 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2007-4804 and CVE-2007-4171.
|
CWE-89
SQL Injection
|
CVE-2010-4774
|
2024-11-21 10:21 |
2011-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301293
|
- |
|
hitachi
|
eur_form_client
eur_form_service
ucosminexus_eur_form_service
|
Unspecified vulnerability in Hitachi EUR Form Client before 05-10 -/D 2010.11.15 and 05-10-CA (* 2) 2010.11.15; Hitachi EUR Form Service before 05-10 -/D 2010.11.15; and uCosminexus EUR Form Service …
|
NVD-CWE-noinfo
|
CVE-2010-4773
|
2024-11-21 10:21 |
2011-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301294
|
- |
|
matteoiammarrone
|
s-cms
|
Cross-site scripting (XSS) vulnerability in blocks/lang.php in S-CMS 2.5 allows remote attackers to inject arbitrary web script or HTML via the id parameter to viewforum.php.
|
CWE-79
Cross-site Scripting
|
CVE-2010-4772
|
2024-11-21 10:21 |
2011-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301295
|
- |
|
matteoiammarrone
|
s-cms
|
SQL injection vulnerability to viewforum.php in S-CMS 2.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2010-4771
|
2024-11-21 10:21 |
2011-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301296
|
- |
|
commodityrentals
|
dvd_rentals_script
|
SQL injection vulnerability in index.php in CommodityRentals DVD Rentals Script allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a catalog action.
|
CWE-89
SQL Injection
|
CVE-2010-4770
|
2024-11-21 10:21 |
2011-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301297
|
- |
|
janguo
|
com_jimtawl
|
Directory traversal vulnerability in the Jimtawl (com_jimtawl) component 1.0.2 Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in…
|
CWE-22
Path Traversal
|
CVE-2010-4769
|
2024-11-21 10:21 |
2011-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301298
|
- |
|
otrs
|
otrs
|
Open Ticket Request System (OTRS) before 2.3.5 does not properly disable hidden permissions, which allows remote authenticated users to bypass intended queue access restrictions in opportunistic circ…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-4768
|
2024-11-21 10:21 |
2011-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301299
|
- |
|
otrs
|
otrs
|
Open Ticket Request System (OTRS) before 2.3.6 does not properly handle e-mail messages in which the From line contains UTF-8 characters associated with diacritical marks and an invalid charset, whic…
|
CWE-20
Improper Input Validation
|
CVE-2010-4767
|
2024-11-21 10:21 |
2011-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301300
|
- |
|
otrs
|
otrs
|
The AgentTicketForward feature in Open Ticket Request System (OTRS) before 2.4.7 does not properly remove inline images from HTML e-mail messages, which allows remote attackers to obtain potentially …
|
CWE-20
Improper Input Validation
|
CVE-2010-4766
|
2024-11-21 10:21 |
2011-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
