|
304961
|
- |
|
laubrotel
|
g.cms_generator
|
SQL injection vulnerability in G.CMS generator allows remote attackers to execute arbitrary SQL commands via the lang parameter to the default URI, probably index.php.
|
CWE-89
SQL Injection
|
CVE-2010-2438
|
2024-11-21 10:16 |
2010-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304962
|
- |
|
anecms
|
anecms_blog
|
Cross-site scripting (XSS) vulnerability in class/tools.class.php in AneCMS Blog 1.3 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the comment variable to mo…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2437
|
2024-11-21 10:16 |
2010-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304963
|
- |
|
anecms
|
anecms_blog
|
SQL injection vulnerability in modules/blog/index.php in AneCMS Blog 1.3 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the PATH_INFO.
|
CWE-89
SQL Injection
|
CVE-2010-2436
|
2024-11-21 10:16 |
2010-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304964
|
- |
|
salvo_tomaselli
|
weborf_http_server
|
Weborf HTTP Server 0.12.1 and earlier allows remote attackers to cause a denial of service (crash) via Unicode characters in a Connection HTTP header, and possibly other headers.
|
CWE-20
Improper Input Validation
|
CVE-2010-2435
|
2024-11-21 10:16 |
2010-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304965
|
- |
|
redhat
|
enterprise_virtualization_manager
|
The snapshot merging functionality in Red Hat Enterprise Virtualization Manager (aka RHEV-M) before 2.2 does not properly pass the postzero parameter during operations on deleted volumes, which allow…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-2224
|
2024-11-21 10:16 |
2010-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304966
|
- |
|
redhat
|
enterprise_virtualization_hypervisor
|
Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H or rhev-hypervisor) before 5.5-2.2 does not properly perform VM post-zeroing after the removal of a v…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-2223
|
2024-11-21 10:16 |
2010-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304967
|
- |
|
php
|
php
|
Use-after-free vulnerability in the SplObjectStorage unserializer in PHP 5.2.x and 5.3.x through 5.3.2 allows remote attackers to execute arbitrary code or obtain sensitive information via serialized…
|
CWE-399
Resource Management Errors
|
CVE-2010-2225
|
2024-11-21 10:16 |
2010-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304968
|
- |
|
ibm
|
websphere_ilog_jrules
|
Multiple cross-site scripting (XSS) vulnerabilities in content/internalError.jsp in IBM WebSphere ILOG JRules 6.7 allow remote attackers to inject arbitrary web script or HTML via an RTS URL to (1) e…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2433
|
2024-11-21 10:16 |
2010-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304969
|
- |
|
splunk
|
splunk
|
Cross-site scripting (XSS) vulnerability in Splunk 4.0 through 4.1.2, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer in a "404 Not…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2429
|
2024-11-21 10:16 |
2010-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304970
|
- |
|
wftpserver
|
wing_ftp_server
|
Cross-site scripting (XSS) vulnerability in admin_loginok.html in the Administrator web interface in Wing FTP Server for Windows 3.5.0 and earlier allows remote attackers to inject arbitrary web scri…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2428
|
2024-11-21 10:16 |
2010-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
