|
302831
|
- |
|
apphp
|
php_microcms
|
Multiple SQL injection vulnerabilities in login.php in ApPHP PHP MicroCMS 1.0.1, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) user_name and …
|
CWE-89
SQL Injection
|
CVE-2010-3481
|
2024-11-21 10:18 |
2010-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302832
|
- |
|
apphp
|
php_microcms
|
Directory traversal vulnerability in index.php in ApPHP PHP MicroCMS 1.0.1, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) …
|
CWE-22
Path Traversal
|
CVE-2010-3480
|
2024-11-21 10:18 |
2010-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302833
|
- |
|
boutikone
|
boutikone
|
SQL injection vulnerability in list.php in BoutikOne 1.0 allows remote attackers to execute arbitrary SQL commands via the page parameter.
|
CWE-89
SQL Injection
|
CVE-2010-3479
|
2024-11-21 10:18 |
2010-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302834
|
- |
|
microsoft
|
.net_framework
|
Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5 SP1, 3.5.1, and 4.0, as used for ASP.NET in Microsoft Internet Information Services (IIS), provides detailed error codes during decryption …
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2010-3332
|
2024-11-21 10:18 |
2010-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302835
|
- |
|
egroupware
|
egroupware
|
Cross-site scripting (XSS) vulnerability in login.php in EGroupware 1.4.001+.002; 1.6.001+.002 and possibly other versions before 1.6.003; and EPL 9.1 before 9.1.20100309 and 9.2 before 9.2.20100309;…
|
CWE-79
Cross-site Scripting
|
CVE-2010-3314
|
2024-11-21 10:18 |
2010-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302836
|
- |
|
egroupware
|
egroupware
|
phpgwapi/js/fckeditor/editor/dialog/fck_spellerpages/spellerpages/serverscripts/spellchecker.php in EGroupware 1.4.001+.002; 1.6.001+.002 and possibly other versions before 1.6.003; and EPL 9.1 befor…
|
CWE-94
Code Injection
|
CVE-2010-3313
|
2024-11-21 10:18 |
2010-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302837
|
- |
|
linux
suse
canonical
|
linux_kernel
linux_enterprise_real_time_extension
ubuntu_linux
|
The IA32 system call emulation functionality in arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.36-rc4-git2 on the x86_64 platform does not zero extend the %eax register after the 32-bit ent…
|
CWE-269
Improper Privilege Management
|
CVE-2010-3301
|
2024-11-21 10:18 |
2010-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302838
|
- |
|
linux
debian
canonical
|
linux_kernel
debian_linux
ubuntu_linux
|
The tcf_act_police_dump function in net/sched/act_police.c in the actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc4 does not properly initialize certa…
|
CWE-399
Resource Management Errors
|
CVE-2010-3477
|
2024-11-21 10:18 |
2010-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302839
|
- |
|
drupal
|
drupal
|
Multiple cross-site scripting (XSS) vulnerabilities in Drupal 6.x before 6.18 allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via (1) an action descrip…
|
CWE-79
Cross-site Scripting
|
CVE-2010-3094
|
2024-11-21 10:18 |
2010-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302840
|
- |
|
drupal
|
drupal
|
The comment module in Drupal 5.x before 5.23 and 6.x before 6.18 allows remote authenticated users with certain privileges to bypass intended access restrictions and reinstate removed comments via a …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3093
|
2024-11-21 10:18 |
2010-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
