|
300311
|
- |
|
enanocms
|
enano_cms
|
index.php in Enano CMS 1.1.7pl1, and possibly other versions before 1.1.8, 1.0.6pl3, and 1.1.7pl2, allows remote attackers to obtain sensitive information via a crafted title parameter, which reveals…
|
CWE-200
Information Exposure
|
CVE-2010-4781
|
2024-11-21 10:21 |
2011-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300312
|
- |
|
enanocms
|
enano_cms
|
SQL injection vulnerability in the check_banlist function in includes/sessions.php in Enano CMS 1.1.7pl1; 1.0.6pl2; and possibly other versions before 1.1.8, 1.0.6pl3, and 1.1.7pl2 allows remote atta…
|
CWE-89
SQL Injection
|
CVE-2010-4780
|
2024-11-21 10:21 |
2011-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300313
|
- |
|
bravenewcode
|
wptouch
|
Cross-site scripting (XSS) vulnerability in lib/includes/auth.inc.php in the WPtouch plugin 1.9.19.4 and 1.9.20 for WordPress allows remote attackers to inject arbitrary web script or HTML via the wp…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4779
|
2024-11-21 10:21 |
2011-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300314
|
- |
|
horde
|
imp
groupware
|
Multiple cross-site scripting (XSS) vulnerabilities in fetchmailprefs.php in Horde IMP before 4.3.8, and Horde Groupware Webmail Edition before 1.2.7, allow remote attackers to inject arbitrary web s…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4778
|
2024-11-21 10:21 |
2011-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300315
|
- |
|
realnetworks
|
helix_server
helix_mobile_server
|
Stack-based buffer overflow in RealNetworks Helix Server 12.x, 13.x, and 14.x before 14.2, and Helix Mobile Server 12.x, 13.x, and 14.x before 14.2, allows remote attackers to execute arbitrary code …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-4596
|
2024-11-21 10:21 |
2011-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300316
|
- |
|
preprojects
|
pre_online_tests_generator
|
SQL injection vulnerability in takefreestart.php in PreProjects Pre Online Tests Generator Pro allows remote attackers to execute arbitrary SQL commands via the tid2 parameter.
|
CWE-89
SQL Injection
|
CVE-2010-4776
|
2024-11-21 10:21 |
2011-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300317
|
- |
|
nicholas_thompson
|
relevant_content
|
The Relevant Content module 5.x before 5.x-1.4 and 6.x before 6.x-1.5 for Drupal does not properly implement node access logic, which allows remote attackers to discover restricted node titles and re…
|
CWE-20
Improper Input Validation
|
CVE-2010-4775
|
2024-11-21 10:21 |
2011-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300318
|
- |
|
auracms
|
auracms
|
SQL injection vulnerability in pdf.php in AuraCMS 1.62 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2007-4804 and CVE-2007-4171.
|
CWE-89
SQL Injection
|
CVE-2010-4774
|
2024-11-21 10:21 |
2011-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300319
|
- |
|
hitachi
|
eur_form_client
eur_form_service
ucosminexus_eur_form_service
|
Unspecified vulnerability in Hitachi EUR Form Client before 05-10 -/D 2010.11.15 and 05-10-CA (* 2) 2010.11.15; Hitachi EUR Form Service before 05-10 -/D 2010.11.15; and uCosminexus EUR Form Service …
|
NVD-CWE-noinfo
|
CVE-2010-4773
|
2024-11-21 10:21 |
2011-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300320
|
- |
|
matteoiammarrone
|
s-cms
|
Cross-site scripting (XSS) vulnerability in blocks/lang.php in S-CMS 2.5 allows remote attackers to inject arbitrary web script or HTML via the id parameter to viewforum.php.
|
CWE-79
Cross-site Scripting
|
CVE-2010-4772
|
2024-11-21 10:21 |
2011-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
