|
306811
|
- |
|
bluecms_project
|
bluecms
|
SQL injection vulnerability in comment.php in BlueCMS 1.6 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header in a send action.
|
CWE-89
SQL Injection
|
CVE-2010-4897
|
2024-11-21 10:22 |
2011-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306812
|
- |
|
expinion.net
|
member_management_system
|
Cross-site scripting (XSS) vulnerability in admin/index.asp in Member Management System 4.0 allows remote attackers to inject arbitrary web script or HTML via the REF_URL parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2010-4896
|
2024-11-21 10:22 |
2011-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306813
|
- |
|
chillycms
|
chillycms
|
Cross-site scripting (XSS) vulnerability in core/showsite.php in chillyCMS 1.1.3 allows remote attackers to inject arbitrary web script or HTML via the name parameter (aka the username field). NOTE:…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4895
|
2024-11-21 10:22 |
2011-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306814
|
- |
|
chillycms
|
chillycms
|
SQL injection vulnerability in core/showsite.php in chillyCMS 1.1.3 allows remote attackers to execute arbitrary SQL commands via the name parameter. NOTE: some of these details are obtained from th…
|
CWE-89
SQL Injection
|
CVE-2010-4894
|
2024-11-21 10:22 |
2011-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306815
|
- |
|
festengine
|
festos
|
Cross-site scripting (XSS) vulnerability in foodvendors.php in FestOS 2.3b allows remote attackers to inject arbitrary web script or HTML via the category parameter in a details action.
|
CWE-79
Cross-site Scripting
|
CVE-2010-4893
|
2024-11-21 10:22 |
2011-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306816
|
- |
|
alex_kellner
|
powermail
|
Cross-site scripting (XSS) vulnerability in the powermail extension before 1.5.5 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2010-4892
|
2024-11-21 10:22 |
2011-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306817
|
- |
|
andreas_kiefer
|
ke_yac
|
SQL injection vulnerability in the Yet Another Calendar (ke_yac) extension before 1.1.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2010-4891
|
2024-11-21 10:22 |
2011-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306818
|
- |
|
andreas_kiefer
|
ke_yac
|
Cross-site scripting (XSS) vulnerability in the Yet Another Calendar (ke_yac) extension before 1.1.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2010-4890
|
2024-11-21 10:22 |
2011-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306819
|
- |
|
marco_hezel
|
hm_tinymarket
|
Unspecified vulnerability in the Tiny Market (hm_tinymarket) extension 0.5.4 and earlier for TYPO3 allows attackers to execute arbitrary code via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2010-4889
|
2024-11-21 10:22 |
2011-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306820
|
7.5 |
HIGH
Network
|
openbsd
|
openbsd
|
It was found in FreeBSD 8.0, 6.3 and 4.9, and OpenBSD 4.6 that a null pointer dereference in ftpd/popen.c may lead to remote denial of service of the ftpd service.
|
-
|
CVE-2010-4816
|
2024-11-21 10:21 |
2021-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
