|
300221
|
- |
|
xondie
|
vodpod_video_gallery
|
Cross-site scripting (XSS) vulnerability in vodpod-video-gallery/vodpod_gallery_thumbs.php in the Vodpod Video Gallery Plugin 3.1.5 for WordPress allows remote attackers to inject arbitrary web scrip…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4875
|
2024-11-21 10:21 |
2011-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300222
|
- |
|
ninkobb
|
ninkobb
|
Multiple cross-site scripting (XSS) vulnerabilities in users.php in NinkoBB 1.3 RC5 allow remote attackers to inject arbitrary web script or HTML via the (1) first_name, (2) last_name, (3) msn, or (4…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4874
|
2024-11-21 10:21 |
2011-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300223
|
- |
|
webidsupport
|
webid
|
Cross-site scripting (XSS) vulnerability in confirm.php in WeBid 0.8.5 P1 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2010-4873
|
2024-11-21 10:21 |
2011-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300224
|
- |
|
pilotcart
|
pilot_cart
|
SQL injection vulnerability in newsroom.asp in ASPilot Pilot Cart 7.3 allows remote attackers to execute arbitrary SQL commands via the specific parameter.
|
CWE-89
SQL Injection
|
CVE-2010-4872
|
2024-11-21 10:21 |
2011-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300225
|
- |
|
smartftp
|
smartftp
|
Unspecified vulnerability in SmartFTP before 4.0 Build 1142 allows attackers to have an unknown impact via a long filename.
|
NVD-CWE-noinfo
|
CVE-2010-4871
|
2024-11-21 10:21 |
2011-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300226
|
- |
|
bloofox
|
bloofoxcms
|
SQL injection vulnerability in index.php in BloofoxCMS 0.3.5 allows remote attackers to execute arbitrary SQL commands via the gender parameter.
|
CWE-89
SQL Injection
|
CVE-2010-4870
|
2024-11-21 10:21 |
2011-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300227
|
- |
|
drbenhur
|
dbhcms
|
SQL injection vulnerability in index.php in DBHcms 1.1.4 allows remote attackers to execute arbitrary SQL commands via the editmenu parameter.
|
CWE-89
SQL Injection
|
CVE-2010-4869
|
2024-11-21 10:21 |
2011-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300228
|
- |
|
w-agora
|
w-agora
|
Cross-site scripting (XSS) vulnerability in search.php3 (aka search.php) in W-Agora 4.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the bn parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2010-4868
|
2024-11-21 10:21 |
2011-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300229
|
- |
|
w-agora
|
w-agora
|
Directory traversal vulnerability in search.php3 (aka search.php) in W-Agora 4.2.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the bn parame…
|
CWE-22
Path Traversal
|
CVE-2010-4867
|
2024-11-21 10:21 |
2011-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300230
|
- |
|
chipmunk-scripts
|
chipmunk_board
|
SQL injection vulnerability in index.php in Chipmunk Board 1.3 allows remote attackers to execute arbitrary SQL commands via the forumID parameter.
|
CWE-89
SQL Injection
|
CVE-2010-4866
|
2024-11-21 10:21 |
2011-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
