|
308581
|
- |
|
google
|
chrome
|
Google Chrome before 6.0.472.53 does not properly restrict the characters in URLs, which allows remote attackers to spoof the appearance of the URL bar via homographic sequences.
|
CWE-20
Improper Input Validation
|
CVE-2010-3247
|
2024-11-21 10:18 |
2010-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308582
|
- |
|
google
|
chrome
|
Google Chrome before 6.0.472.53 does not properly handle the _blank value for the target attribute of unspecified elements, which allows remote attackers to bypass the pop-up blocker via unknown vect…
|
NVD-CWE-noinfo
|
CVE-2010-3246
|
2024-11-21 10:18 |
2010-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308583
|
- |
|
blackboard
|
transact_suite
|
The automated-backup functionality in Blackboard Transact Suite (formerly Blackboard Commerce Suite) stores the (1) database username and (2) database password in cleartext in (a) script and (b) batc…
|
CWE-200
Information Exposure
|
CVE-2010-3245
|
2024-11-21 10:18 |
2010-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308584
|
- |
|
blackboard
|
transact_suite
|
BbtsConnection_Edit.exe in Blackboard Transact Suite (formerly Blackboard Commerce Suite) before 3.6.0.2 relies on field names when determining whether it is appropriate to decrypt a connection.xml f…
|
CWE-200
Information Exposure
|
CVE-2010-3244
|
2024-11-21 10:18 |
2010-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308585
|
- |
|
microsoft
|
outlook_web_access
|
Cross-site request forgery (CSRF) vulnerability in Microsoft Outlook Web Access (owa/ev.owa) 2007 through SP2 allows remote attackers to hijack the authentication of e-mail users for requests that pe…
|
CWE-352
Origin Validation Error
|
CVE-2010-3213
|
2024-11-21 10:18 |
2010-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308586
|
- |
|
seagullproject.org
|
seagull
|
SQL injection vulnerability in index.php in Seagull 0.6.7 and earlier allows remote attackers to execute arbitrary SQL commands via the frmQuestion parameter in a retrieve action, in conjunction with…
|
CWE-89
SQL Injection
|
CVE-2010-3212
|
2024-11-21 10:18 |
2010-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308587
|
- |
|
jextn
|
com_jefaqpro
|
Multiple SQL injection vulnerabilities in the JE FAQ Pro (com_jefaqpro) component 1.5.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via category categorylist operations with …
|
CWE-89
SQL Injection
|
CVE-2010-3211
|
2024-11-21 10:18 |
2010-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308588
|
- |
|
martin_lee
|
multi-lingual_e-commerce_system
|
Multiple PHP remote file inclusion vulnerabilities in Multi-lingual E-Commerce System 0.2 allow remote attackers to execute arbitrary PHP code via a URL in the include_path parameter to (1) checkout2…
|
CWE-94
Code Injection
|
CVE-2010-3210
|
2024-11-21 10:18 |
2010-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308589
|
- |
|
seagullproject.org
|
seagull
|
Multiple PHP remote file inclusion vulnerabilities in Seagull 0.6.7 allow remote attackers to execute arbitrary PHP code via a URL in the includeFile parameter to (1) Config/Container.php and (2) HTM…
|
CWE-94
Code Injection
|
CVE-2010-3209
|
2024-11-21 10:18 |
2010-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308590
|
- |
|
wiccle
|
wiccle_web_builder
|
Cross-site scripting (XSS) vulnerability in ajax.php in Wiccle Web Builder (WWB) 1.00 and 1.0.1 allows remote attackers to inject arbitrary web script or HTML via the post_text parameter in a site cu…
|
CWE-79
Cross-site Scripting
|
CVE-2010-3208
|
2024-11-21 10:18 |
2010-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
