|
299811
|
- |
|
hp
|
insight_control_performance_management
|
Cross-site request forgery (CSRF) vulnerability in HP Insight Control Performance Management before 6.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
|
CWE-352
Origin Validation Error
|
CVE-2010-4032
|
2024-11-21 10:20 |
2010-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299812
|
- |
|
hp
|
insight_control_performance_management
|
Unspecified vulnerability in HP Insight Control Performance Management before 6.2 allows remote authenticated users to gain privileges via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2010-4031
|
2024-11-21 10:20 |
2010-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299813
|
- |
|
hp
|
insight_control_performance_management
|
Cross-site scripting (XSS) vulnerability in HP Insight Control Performance Management before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2010-4030
|
2024-11-21 10:20 |
2010-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299814
|
- |
|
freshwebmaster
|
fresh_ftp
|
Directory traversal vulnerability in FreshWebMaster Fresh FTP 5.36, 5.37, and possibly earlier, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename. NOTE…
|
CWE-22
Path Traversal
|
CVE-2010-4149
|
2024-11-21 10:20 |
2010-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299815
|
- |
|
anyconnect
|
anyconnect
|
Directory traversal vulnerability in AnyConnect 1.2.3.0, and possibly earlier, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename.
|
CWE-22
Path Traversal
|
CVE-2010-4148
|
2024-11-21 10:20 |
2010-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299816
|
- |
|
avactis
|
avactis_shopping_cart
|
Multiple SQL injection vulnerabilities in Pentasoft Avactis Shopping Cart 1.9.1 build 8356 free edition and earlier allow remote attackers to execute arbitrary SQL commands via the User-Agent header …
|
CWE-89
SQL Injection
|
CVE-2010-4147
|
2024-11-21 10:20 |
2010-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299817
|
- |
|
attachmate
|
reflection_for_the_web
|
Cross-site scripting (XSS) vulnerability in Attachmate Reflection for the Web 2008 R2 (builds 10.1.569 and earlier), 2008 R1, and 9.6 and earlier allows remote attackers to inject arbitrary web scrip…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4146
|
2024-11-21 10:20 |
2010-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299818
|
- |
|
aspindir
|
kisisel_radyo_script
|
Kisisel Radyo Script stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for sevvo/eco23.mdb.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-4145
|
2024-11-21 10:20 |
2010-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299819
|
- |
|
aspindir
|
kisisel_radyo_script
|
SQL injection vulnerability in radyo.asp in Kisisel Radyo Script allows remote attackers to execute arbitrary SQL commands via the Id parameter.
|
CWE-89
SQL Injection
|
CVE-2010-4144
|
2024-11-21 10:20 |
2010-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299820
|
- |
|
phpcheckz
|
phpcheckz
|
SQL injection vulnerability in chart.php in phpCheckZ 1.1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2010-4143
|
2024-11-21 10:20 |
2010-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
