|
299161
|
- |
|
mojolicious
|
mojolicious
|
Mojolicious before 0.999927 does not properly implement HMAC-MD5 checksums, which has unspecified impact and remote attack vectors.
|
CWE-20
Improper Input Validation
|
CVE-2010-4803
|
2024-11-21 10:21 |
2011-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299162
|
- |
|
mojolicious
|
mojolicious
|
Commands.pm in Mojolicious before 0.999928 does not properly perform CGI environment detection, which has unspecified impact and remote attack vectors.
|
CWE-20
Improper Input Validation
|
CVE-2010-4802
|
2024-11-21 10:21 |
2011-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299163
|
- |
|
baconmap
|
baconmap
|
Directory traversal vulnerability in admin/updatelist.php in BaconMap 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the filepath parameter.
|
CWE-22
Path Traversal
|
CVE-2010-4801
|
2024-11-21 10:21 |
2011-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299164
|
- |
|
baconmap
|
baconmap
|
SQL injection vulnerability in doadd.php in BaconMap 1.0 allows remote attackers to execute arbitrary SQL commands via the type parameter.
|
CWE-89
SQL Injection
|
CVE-2010-4800
|
2024-11-21 10:21 |
2011-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299165
|
- |
|
chipmunk-scripts
|
pwngame
|
Multiple SQL injection vulnerabilities in Chipmunk Pwngame 1.0, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password param…
|
CWE-89
SQL Injection
|
CVE-2010-4799
|
2024-11-21 10:21 |
2011-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299166
|
- |
|
orangehrm
|
orangehrm
|
Directory traversal vulnerability in index.php in OrangeHRM 2.6.0.1 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the uri parameter.
|
CWE-22
Path Traversal
|
CVE-2010-4798
|
2024-11-21 10:21 |
2011-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299167
|
- |
|
truworthit
|
flex_timesheet
|
Multiple SQL injection vulnerabilities in the log-in form in Truworth Flex Timesheet allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields.
|
CWE-89
SQL Injection
|
CVE-2010-4797
|
2024-11-21 10:21 |
2011-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299168
|
- |
|
phpyun
|
phpyun
|
Multiple SQL injection vulnerabilities in PHPYun 1.1.6 allow remote attackers to execute arbitrary SQL commands via the (1) provinceid parameter to search.php and the (2) e parameter to resumeview.ph…
|
CWE-89
SQL Injection
|
CVE-2010-4796
|
2024-11-21 10:21 |
2011-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299169
|
- |
|
joomlaseller
|
com_jscalendar
|
SQL injection vulnerability in the JS Calendar (com_jscalendar) component 1.5.1 and 1.5.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the ev_id parameter in a details ac…
|
CWE-89
SQL Injection
|
CVE-2010-4795
|
2024-11-21 10:21 |
2011-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299170
|
- |
|
joomlaseller
|
com_jscalendar
|
Multiple cross-site scripting (XSS) vulnerabilities in the JoomlaSeller JS Calendar (com_jscalendar) component 1.5.1 and 1.5.4 for Joomla! allow remote attackers to inject arbitrary web script or HTM…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4794
|
2024-11-21 10:21 |
2011-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
