|
305181
|
- |
|
openwebanalytics
|
open_web_analytics
|
Multiple directory traversal vulnerabilities in index.php in Open Web Analytics (OWA) 1.2.3 might allow remote attackers to read arbitrary files via directory traversal sequences in the (1) owa_actio…
|
CWE-22
Path Traversal
|
CVE-2010-2676
|
2024-11-21 10:17 |
2010-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305182
|
- |
|
alanzard
|
tsoka\
|
Cross-site scripting (XSS) vulnerability in index.php in TSOKA:CMS 1.1, 1.9, and 2.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter in an articolo action.
|
CWE-79
Cross-site Scripting
|
CVE-2010-2675
|
2024-11-21 10:17 |
2010-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305183
|
- |
|
alanzard
|
tsoka\
|
SQL injection vulnerability in index.php in TSOKA:CMS 1.1, 1.9, and 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in an articolo action.
|
CWE-89
SQL Injection
|
CVE-2010-2674
|
2024-11-21 10:17 |
2010-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305184
|
- |
|
devana
|
devana
|
SQL injection vulnerability in profile_view.php in Devana 1.6.6 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2010-2673
|
2024-11-21 10:17 |
2010-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305185
|
- |
|
ez
|
ez_publish
|
Multiple SQL injection vulnerabilities in eZ Publish 3.7.0 through 4.2.0 allow remote attackers to execute arbitrary SQL commands via the (1) SectionID and (2) SearchTimestamp parameters to the searc…
|
CWE-89
SQL Injection
|
CVE-2010-2672
|
2024-11-21 10:17 |
2010-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305186
|
- |
|
ez
|
ez_publish
|
Cross-site scripting (XSS) vulnerability in advancedsearch.php in eZ Publish 3.7.0 through 4.2.0 allows remote attackers to inject arbitrary web script or HTML via the subTreeItem parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2010-2671
|
2024-11-21 10:17 |
2010-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305187
|
- |
|
brotherscripts
|
recipe_website
|
SQL injection vulnerability in recipedetail.php in BrotherScripts Recipe Website allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2010-2670
|
2024-11-21 10:17 |
2010-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305188
|
- |
|
novo-ws
|
orbis_cms
|
Cross-site scripting (XSS) vulnerability in admin/editors/text/editor-body.php in Orbis CMS 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the s parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2010-2669
|
2024-11-21 10:17 |
2010-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305189
|
- |
|
adaptivedisplays
|
alpha_ethernet_adapter_ii_web_manager
alpha_ethernet_adapter_ii
|
Unspecified vulnerability in Adaptive Micro Systems ALPHA Ethernet Adapter II Web-Manager 3.40.2 allows remote attackers to bypass authentication and read or write configuration files via unknown vec…
|
CWE-287
NVD-CWE-noinfo
Improper Authentication
|
CVE-2010-2668
|
2024-11-21 10:17 |
2010-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305190
|
- |
|
opera
|
opera_browser
|
Opera before 10.54 on Windows and Mac OS X does not properly enforce permission requirements for widget filesystem access and directory selection, which allows user-assisted remote attackers to creat…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-2666
|
2024-11-21 10:17 |
2010-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
