|
305311
|
- |
|
getsymphony
|
symphony
|
Multiple cross-site scripting (XSS) vulnerabilities in Symphony CMS 2.0.7 and 2.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) fields[website] parameter in the post com…
|
CWE-79
Cross-site Scripting
|
CVE-2010-3457
|
2024-11-21 10:18 |
2010-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305312
|
- |
|
energyscripts
|
simple_download
|
Directory traversal vulnerability in download.php in EnergyScripts (ES) Simple Download 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
|
CWE-22
Path Traversal
|
CVE-2010-3456
|
2024-11-21 10:18 |
2010-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305313
|
- |
|
atutor
|
achecker
|
Cross-site scripting (XSS) vulnerability in index.php in AChecker 1.0 allows remote attackers to inject arbitrary web script or HTML via the uri parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2010-3455
|
2024-11-21 10:18 |
2010-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305314
|
- |
|
microsoft
|
sharepoint_services
groove_server
internet_explorer
sharepoint_server
sharepoint_foundation
web_apps
|
The toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2, SharePoint Foundation 2010, Office SharePoint Server 2007 SP2, …
|
CWE-79
Cross-site Scripting
|
CVE-2010-3324
|
2024-11-21 10:18 |
2010-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305315
|
- |
|
intermesh
|
group-office
|
SQL injection vulnerability in modules/notes/json.php in Intermesh Group-Office 3.5.9 allows remote attackers to execute arbitrary SQL commands via the category_id parameter in a category action.
|
CWE-89
SQL Injection
|
CVE-2010-3428
|
2024-11-21 10:18 |
2010-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305316
|
- |
|
open-classifieds
|
open_classifieds
|
Multiple cross-site scripting (XSS) vulnerabilities in Open Classifieds 1.7.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) desc, (2) price, (3) title, and (4) place par…
|
CWE-79
Cross-site Scripting
|
CVE-2010-3427
|
2024-11-21 10:18 |
2010-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305317
|
- |
|
4you-studio
|
com_jphone
|
Directory traversal vulnerability in jphone.php in the JPhone (com_jphone) component 1.0 Alpha 3 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in…
|
CWE-22
Path Traversal
|
CVE-2010-3426
|
2024-11-21 10:18 |
2010-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305318
|
- |
|
smartertools
|
smarterstats
|
Cross-site scripting (XSS) vulnerability in UserControls/Popups/frmHelp.aspx in SmarterStats 5.3, 5.3.3819, and possibly other 5.3 versions, allows remote attackers to inject arbitrary web script or …
|
CWE-79
Cross-site Scripting
|
CVE-2010-3425
|
2024-11-21 10:18 |
2010-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305319
|
- |
|
invisioncommunity
|
invision_power_board
|
Cross-site scripting (XSS) vulnerability in admin/sources/classes/bbcode/custom/defaults.php in Invision Power Board (IP.Board) 3.1.2 allows remote attackers to inject arbitrary web script or HTML vi…
|
CWE-79
Cross-site Scripting
|
CVE-2010-3424
|
2024-11-21 10:18 |
2010-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305320
|
- |
|
freka
|
yr_verdata
|
SQL injection vulnerability in the Yr Weatherdata module for Drupal 6.x before 6.x-1.6 allows remote attackers to execute arbitrary SQL commands via the sorting method.
|
CWE-89
SQL Injection
|
CVE-2010-3423
|
2024-11-21 10:18 |
2010-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
