|
300941
|
- |
|
hp
|
insight_control_performance_management
|
Cross-site scripting (XSS) vulnerability in HP Insight Control Performance Management before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2010-4030
|
2024-11-21 10:20 |
2010-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300942
|
- |
|
freshwebmaster
|
fresh_ftp
|
Directory traversal vulnerability in FreshWebMaster Fresh FTP 5.36, 5.37, and possibly earlier, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename. NOTE…
|
CWE-22
Path Traversal
|
CVE-2010-4149
|
2024-11-21 10:20 |
2010-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300943
|
- |
|
anyconnect
|
anyconnect
|
Directory traversal vulnerability in AnyConnect 1.2.3.0, and possibly earlier, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename.
|
CWE-22
Path Traversal
|
CVE-2010-4148
|
2024-11-21 10:20 |
2010-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300944
|
- |
|
avactis
|
avactis_shopping_cart
|
Multiple SQL injection vulnerabilities in Pentasoft Avactis Shopping Cart 1.9.1 build 8356 free edition and earlier allow remote attackers to execute arbitrary SQL commands via the User-Agent header …
|
CWE-89
SQL Injection
|
CVE-2010-4147
|
2024-11-21 10:20 |
2010-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300945
|
- |
|
attachmate
|
reflection_for_the_web
|
Cross-site scripting (XSS) vulnerability in Attachmate Reflection for the Web 2008 R2 (builds 10.1.569 and earlier), 2008 R1, and 9.6 and earlier allows remote attackers to inject arbitrary web scrip…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4146
|
2024-11-21 10:20 |
2010-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300946
|
- |
|
aspindir
|
kisisel_radyo_script
|
Kisisel Radyo Script stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for sevvo/eco23.mdb.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-4145
|
2024-11-21 10:20 |
2010-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300947
|
- |
|
aspindir
|
kisisel_radyo_script
|
SQL injection vulnerability in radyo.asp in Kisisel Radyo Script allows remote attackers to execute arbitrary SQL commands via the Id parameter.
|
CWE-89
SQL Injection
|
CVE-2010-4144
|
2024-11-21 10:20 |
2010-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300948
|
- |
|
phpcheckz
|
phpcheckz
|
SQL injection vulnerability in chart.php in phpCheckZ 1.1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2010-4143
|
2024-11-21 10:20 |
2010-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300949
|
- |
|
adobe
|
shockwave_player
|
Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-4090
|
2024-11-21 10:20 |
2010-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300950
|
- |
|
adobe
|
shockwave_player
|
IML32.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a .dir file containing "duplicated LCSM entries i…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-4089
|
2024-11-21 10:20 |
2010-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
