|
300101
|
- |
|
atcom
|
netvolution
|
SQL injection vulnerability in default.asp in ATCOM Netvolution 2.5.6 allows remote attackers to execute arbitrary SQL commands via the artID parameter.
|
CWE-89
SQL Injection
|
CVE-2010-4967
|
2024-11-21 10:22 |
2011-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300102
|
- |
|
atcom
|
netvolution
|
Cross-site scripting (XSS) vulnerability in default.asp in ATCOM Netvolution allows remote attackers to inject arbitrary web script or HTML via the query parameter in a Search action.
|
CWE-79
Cross-site Scripting
|
CVE-2010-4966
|
2024-11-21 10:22 |
2011-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300103
|
- |
|
dlink
|
dcs-2121_firmware
dcs-2121
|
/etc/rc.d/rc.local on the D-Link DCS-2121 camera with firmware 1.04 configures a hardcoded password of admin for the root account, which makes it easier for remote attackers to obtain shell access by…
|
CWE-255
Credentials Management
|
CVE-2010-4965
|
2024-11-21 10:22 |
2011-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300104
|
- |
|
dlink
|
dcs-2121_firmware
dcs-2121
|
recorder_test.cgi on the D-Link DCS-2121 camera with firmware 1.04 allows remote attackers to execute arbitrary commands via shell metacharacters in the Password field, related to a "semicolon inject…
|
CWE-94
Code Injection
|
CVE-2010-4964
|
2024-11-21 10:22 |
2011-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300105
|
- |
|
hulihanapplications
|
hulihan_bxr
|
SQL injection vulnerability in folder/list in Hulihan BXR 0.6.8 allows remote attackers to execute arbitrary SQL commands via the order_by parameter.
|
CWE-89
SQL Injection
|
CVE-2010-4963
|
2024-11-21 10:22 |
2011-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300106
|
- |
|
dev-team_typoheads
|
webkitpdf
|
Unspecified vulnerability in the Webkit PDFs (webkitpdf) extension before 1.1.4 for TYPO3 allows remote attackers to execute arbitrary commands via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2010-4962
|
2024-11-21 10:22 |
2011-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300107
|
- |
|
dev-team_typoheads
|
webkitpdf
|
SQL injection vulnerability in the Webkit PDFs (webkitpdf) extension before 1.1.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2010-4961
|
2024-11-21 10:22 |
2011-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300108
|
- |
|
martin_hesse
|
mh_branchenbuch
|
Cross-site scripting (XSS) vulnerability in the Branchenbuch (aka Yellow Pages or mh_branchenbuch) extension before 0.9.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via …
|
CWE-79
Cross-site Scripting
|
CVE-2010-4960
|
2024-11-21 10:22 |
2011-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300109
|
- |
|
preproject
|
pre_podcast_portal
|
SQL injection vulnerability in the login feature in Pre Projects Pre Podcast Portal allows remote attackers to execute arbitrary SQL commands via the password parameter.
|
CWE-89
SQL Injection
|
CVE-2010-4959
|
2024-11-21 10:22 |
2011-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300110
|
- |
|
pradoportal
|
prado_portal
|
SQL injection vulnerability in index.php in Prado Portal 1.2.0 allows remote attackers to execute arbitrary SQL commands via the page parameter.
|
CWE-89
SQL Injection
|
CVE-2010-4958
|
2024-11-21 10:22 |
2011-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
