|
303491
|
- |
|
google
|
chrome
|
Google Chrome before 6.0.472.53 does not properly handle the _blank value for the target attribute of unspecified elements, which allows remote attackers to bypass the pop-up blocker via unknown vect…
|
NVD-CWE-noinfo
|
CVE-2010-3246
|
2024-11-21 10:18 |
2010-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303492
|
- |
|
blackboard
|
transact_suite
|
The automated-backup functionality in Blackboard Transact Suite (formerly Blackboard Commerce Suite) stores the (1) database username and (2) database password in cleartext in (a) script and (b) batc…
|
CWE-200
Information Exposure
|
CVE-2010-3245
|
2024-11-21 10:18 |
2010-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303493
|
- |
|
blackboard
|
transact_suite
|
BbtsConnection_Edit.exe in Blackboard Transact Suite (formerly Blackboard Commerce Suite) before 3.6.0.2 relies on field names when determining whether it is appropriate to decrypt a connection.xml f…
|
CWE-200
Information Exposure
|
CVE-2010-3244
|
2024-11-21 10:18 |
2010-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303494
|
- |
|
microsoft
|
outlook_web_access
|
Cross-site request forgery (CSRF) vulnerability in Microsoft Outlook Web Access (owa/ev.owa) 2007 through SP2 allows remote attackers to hijack the authentication of e-mail users for requests that pe…
|
CWE-352
Origin Validation Error
|
CVE-2010-3213
|
2024-11-21 10:18 |
2010-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303495
|
- |
|
seagullproject.org
|
seagull
|
SQL injection vulnerability in index.php in Seagull 0.6.7 and earlier allows remote attackers to execute arbitrary SQL commands via the frmQuestion parameter in a retrieve action, in conjunction with…
|
CWE-89
SQL Injection
|
CVE-2010-3212
|
2024-11-21 10:18 |
2010-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303496
|
- |
|
jextn
|
com_jefaqpro
|
Multiple SQL injection vulnerabilities in the JE FAQ Pro (com_jefaqpro) component 1.5.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via category categorylist operations with …
|
CWE-89
SQL Injection
|
CVE-2010-3211
|
2024-11-21 10:18 |
2010-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303497
|
- |
|
martin_lee
|
multi-lingual_e-commerce_system
|
Multiple PHP remote file inclusion vulnerabilities in Multi-lingual E-Commerce System 0.2 allow remote attackers to execute arbitrary PHP code via a URL in the include_path parameter to (1) checkout2…
|
CWE-94
Code Injection
|
CVE-2010-3210
|
2024-11-21 10:18 |
2010-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303498
|
- |
|
seagullproject.org
|
seagull
|
Multiple PHP remote file inclusion vulnerabilities in Seagull 0.6.7 allow remote attackers to execute arbitrary PHP code via a URL in the includeFile parameter to (1) Config/Container.php and (2) HTM…
|
CWE-94
Code Injection
|
CVE-2010-3209
|
2024-11-21 10:18 |
2010-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303499
|
- |
|
wiccle
|
wiccle_web_builder
|
Cross-site scripting (XSS) vulnerability in ajax.php in Wiccle Web Builder (WWB) 1.00 and 1.0.1 allows remote attackers to inject arbitrary web script or HTML via the post_text parameter in a site cu…
|
CWE-79
Cross-site Scripting
|
CVE-2010-3208
|
2024-11-21 10:18 |
2010-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303500
|
- |
|
galeriashqip
|
galeriashqip
|
SQL injection vulnerability in index.php in GaleriaSHQIP 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the album_id parameter. NOTE: some of t…
|
CWE-89
SQL Injection
|
CVE-2010-3207
|
2024-11-21 10:18 |
2010-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
