|
303041
|
- |
|
schlu.net
|
com_quickfaq
|
SQL injection vulnerability in the QuickFAQ (com_quickfaq) component 1.0.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a category action to index…
|
CWE-89
SQL Injection
|
CVE-2010-2845
|
2024-11-21 10:17 |
2010-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303042
|
- |
|
newanz
|
newsoffice
|
Cross-site scripting (XSS) vulnerability in news_show.php in Newanz NewsOffice 2.0.18 allows remote attackers to inject arbitrary web script or HTML via the n-cat parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2010-2844
|
2024-11-21 10:17 |
2010-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303043
|
7.8 |
HIGH
Local
|
siemens
|
simatic_wincc
simatic_pcs_7
|
Siemens Simatic WinCC and PCS 7 SCADA system uses a hard-coded password, which allows local users to access a back-end database and gain privileges, as demonstrated in the wild in July 2010 by the St…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2010-2772
|
2024-11-21 10:17 |
2010-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303044
|
- |
|
ibm
|
soliddb
|
solid.exe in IBM solidDB before 6.5 FP2 allows remote attackers to execute arbitrary code via a long username field in the first handshake packet.
|
CWE-94
Code Injection
|
CVE-2010-2771
|
2024-11-21 10:17 |
2010-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303045
|
- |
|
vmware
|
studio
|
Multiple unspecified vulnerabilities in the Virtual Appliance Management Infrastructure (VAMI) in VMware Studio 2.0 allow remote authenticated users to execute arbitrary commands via vectors involvin…
|
NVD-CWE-noinfo
|
CVE-2010-2667
|
2024-11-21 10:17 |
2010-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303046
|
- |
|
freebsd
|
freebsd
|
FreeBSD 7.1 through 8.1-PRERELEASE does not copy the read-only flag when creating a duplicate mbuf buffer reference, which allows local users to cause a denial of service (system file corruption) and…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-2693
|
2024-11-21 10:17 |
2010-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303047
|
- |
|
wimleers
|
hierarchical_select
|
Cross-site scripting (XSS) vulnerability in the Hierarchical Select module 5.x before 5.x-3.2 and 6.x before 6.x-3.2 for Drupal allows remote authenticated users, with administer taxonomy permissions…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2724
|
2024-11-21 10:17 |
2010-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303048
|
- |
|
lsoft
|
listserv
|
Cross-site scripting (XSS) vulnerability in LISTSERV 15 and 16 allows remote attackers to inject arbitrary web script or HTML via the T parameter. NOTE: the provenance of this information is unknown…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2723
|
2024-11-21 10:17 |
2010-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303049
|
- |
|
rightinpoint
|
lyrics_engine
|
Cross-site scripting (XSS) vulnerability in index.php in RightInPoint Lyrics Script 3.0 allows remote attackers to inject arbitrary web script or HTML via the artist_id parameter, which is not proper…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2722
|
2024-11-21 10:17 |
2010-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303050
|
- |
|
rightinpoint
|
lyrics_engine
|
SQL injection vulnerability in index.php in RightInPoint Lyrics Script 3.0 allows remote attackers to execute arbitrary SQL commands via the artist_id parameter in an addalbum action.
|
CWE-89
SQL Injection
|
CVE-2010-2721
|
2024-11-21 10:17 |
2010-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
