|
302911
|
- |
|
tycoon
|
baseball_script
|
SQL injection vulnerability in index.php in Tycoon Baseball Script 1.0.9 allows remote attackers to execute arbitrary SQL commands via the game_id parameter in a game_player action.
|
CWE-89
SQL Injection
|
CVE-2010-3027
|
2024-11-21 10:17 |
2010-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302912
|
- |
|
tomaz-muraus
|
open_blog
|
Cross-site request forgery (CSRF) vulnerability in application/modules/admin/controllers/users.php in Tomaz Muraus Open Blog 1.2.1, and possibly earlier, allows remote attackers to hijack the authent…
|
CWE-352
Origin Validation Error
|
CVE-2010-3026
|
2024-11-21 10:17 |
2010-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302913
|
- |
|
tomaz-muraus
|
open_blog
|
Multiple cross-site scripting (XSS) vulnerabilities in Tomaz Muraus Open Blog 1.2.1, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) excerpt parameter …
|
CWE-79
Cross-site Scripting
|
CVE-2010-3025
|
2024-11-21 10:17 |
2010-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302914
|
- |
|
hulihanapplications
|
diamondlist
|
Multiple cross-site request forgery (CSRF) vulnerabilities in user/main/update_user in DiamondList 0.1.6, and possibly earlier, allow remote attackers to hijack the authentication of administrators f…
|
CWE-352
Origin Validation Error
|
CVE-2010-3024
|
2024-11-21 10:17 |
2010-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302915
|
- |
|
hulihanapplications
|
diamondlist
|
Multiple cross-site scripting (XSS) vulnerabilities in DiamondList 0.1.6, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) category[description] paramet…
|
CWE-79
Cross-site Scripting
|
CVE-2010-3023
|
2024-11-21 10:17 |
2010-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302916
|
- |
|
drupal
|
devel_module
|
Cross-site scripting (XSS) vulnerability in the Performance logging module in the Devel module 5.x before 5.x-1.3 and 6.x before 6.x-1.21 for Drupal allows remote authenticated users, with add url al…
|
CWE-79
Cross-site Scripting
|
CVE-2010-3022
|
2024-11-21 10:17 |
2010-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302917
|
- |
|
opera
|
opera_browser
|
Unspecified vulnerability in Opera before 10.61 allows remote attackers to cause a denial of service (CPU consumption and application hang) via an animated PNG image.
|
CWE-399
Resource Management Errors
|
CVE-2010-3021
|
2024-11-21 10:17 |
2010-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302918
|
- |
|
opera
|
opera_browser
|
The news-feed preview feature in Opera before 10.61 does not properly remove scripts, which allows remote attackers to force subscriptions to arbitrary feeds via crafted content.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3020
|
2024-11-21 10:17 |
2010-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302919
|
- |
|
opera
|
opera_browser
|
Heap-based buffer overflow in Opera before 10.61 allows remote attackers to execute arbitrary code or cause a denial of service (application crash or hang) via vectors related to HTML5 canvas paintin…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-3019
|
2024-11-21 10:17 |
2010-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302920
|
- |
|
cisco
|
ios
|
Cisco IOS 15.1(2)T allows remote attackers to cause a denial of service (resource consumption and TCP outage) via spoofed TCP packets, related to embryonic TCP connections that remain in the SYN_RCVD…
|
CWE-20
Improper Input Validation
|
CVE-2010-2827
|
2024-11-21 10:17 |
2010-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
