|
305491
|
- |
|
2daybiz
|
video_community_portal_script
|
SQL injection vulnerability in video.php in 2daybiz Video Community Portal Script 1.0 allows remote attackers to execute arbitrary SQL commands via the videoid parameter.
|
CWE-89
SQL Injection
|
CVE-2010-2459
|
2024-11-21 10:16 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305492
|
- |
|
2daybiz
|
video_community_portal_script
|
Cross-site scripting (XSS) vulnerability in video.php in 2daybiz Video Community Portal Script 1.0 allows remote attackers to inject arbitrary web script or HTML via the videoid parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2010-2458
|
2024-11-21 10:16 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305493
|
- |
|
qsoft-inc
|
k-search
|
Cross-site scripting (XSS) vulnerability in index.php in K-Search allows remote attackers to inject arbitrary web script or HTML via the term parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2010-2457
|
2024-11-21 10:16 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305494
|
- |
|
codelib
|
linker_img
|
Multiple directory traversal vulnerabilities in index.php in Linker IMG 1.0 and earlier allow remote attackers to read and execute arbitrary local files via a URL in the (1) cook_lan cookie parameter…
|
CWE-22
Path Traversal
|
CVE-2010-2456
|
2024-11-21 10:16 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305495
|
- |
|
opera
|
opera_browser
|
Opera does not properly manage the address bar between the request to open a URL and the retrieval of the new document's content, which might allow remote attackers to conduct spoofing attacks via a …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-2455
|
2024-11-21 10:16 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305496
|
- |
|
apple
|
safari
|
Apple Safari does not properly manage the address bar between the request to open a URL and the retrieval of the new document's content, which might allow remote attackers to conduct spoofing attacks…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-2454
|
2024-11-21 10:16 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305497
|
- |
|
maradns
|
maradns
|
parse/Csv2_parse.c in MaraDNS 1.3.03, and other versions before 1.4.03, does not properly handle hostnames that do not end in a "." (dot) character, which allows remote attackers to cause a denial of…
|
NVD-CWE-Other
|
CVE-2010-2444
|
2024-11-21 10:16 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305498
|
- |
|
ponsoftware
|
explzh
|
Buffer overflow in Arcext.dll 2.16.1 and earlier in pon software Explzh 5.62 and earlier allows remote attackers to execute arbitrary code via an LZH LHA file with a crafted header that is not proper…
|
CWE-120
Classic Buffer Overflow
|
CVE-2010-2434
|
2024-11-21 10:16 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305499
|
- |
|
libtiff
|
libtiff
|
The OJPEGReadBufferFill function in tif_ojpeg.c in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an OJPEG image with u…
|
NVD-CWE-Other
|
CVE-2010-2443
|
2024-11-21 10:16 |
2010-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305500
|
- |
|
microsoft
|
internet_explorer
|
Microsoft Internet Explorer, possibly 8, does not properly restrict focus changes, which allows remote attackers to read keystrokes via "cross-domain IFRAME gadgets."
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-2442
|
2024-11-21 10:16 |
2010-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
