|
345801
|
- |
|
mgenti
|
tftputil_gui
|
Buffer overflow in k23productions TFTPUtil GUI (aka TFTPGUI) 1.4.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long transport mode.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-2028
|
2017-08-17 10:32 |
2010-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345802
|
- |
|
cybozu
|
cybozu_office
cybozu_dotsales
|
Cybozu Office 7 Ktai and Dotsales do not properly restrict access to the login page, which allows remote attackers to bypass authentication and obtain or modify sensitive information by using the uni…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-2029
|
2017-08-17 10:32 |
2010-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345803
|
- |
|
alan_palazzolo
|
external_link_page
|
Cross-site scripting (XSS) vulnerability in the External Link Page module 5.x before 5.x-1.0 and 6.x before 6.x-1.2 for Drupal allows remote attackers to inject arbitrary web script or HTML via vecto…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2030
|
2017-08-17 10:32 |
2010-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345804
|
- |
|
kingsoft
|
webshield
|
KAVSafe.sys 2010.4.14.609 and earlier, as used in Kingsoft Webshield 3.5.1.2 and earlier, allows local users to overwrite arbitrary kernel memory via a crafted request to IOCTL 0x830020d4 on the KAVS…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-2031
|
2017-08-17 10:32 |
2010-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345805
|
- |
|
gpeasy
|
gpeasy_cms
|
Cross-site request forgery (CSRF) vulnerability in gpEasy CMS 1.6.2, 1.6.1, and earlier allows remote attackers to hijack the authentication of administrators for requests that create new administrat…
|
CWE-352
Origin Validation Error
|
CVE-2010-2039
|
2017-08-17 10:32 |
2010-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345806
|
- |
|
v-eva
|
shopzilla_affiliate_script_php
|
Cross-site scripting (XSS) vulnerability in search.php in V-EVA Shopzilla Affiliate Script PHP allows remote attackers to inject arbitrary web script or HTML via the s parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2010-2040
|
2017-08-17 10:32 |
2010-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345807
|
- |
|
magnoware
|
datatrack_system
|
Cross-site scripting (XSS) vulnerability in Home.aspx in DataTrack System 3.5 and 3.5.8019.4 allows remote attackers to inject arbitrary web script or HTML via the Work_Order_Summary parameter (aka t…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2043
|
2017-08-17 10:32 |
2010-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345808
|
- |
|
adhie_utomo
|
com_konsultasi
|
SQL injection vulnerability in the Konsultasi (com_konsultasi) component 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the sid parameter in a detail action to index.…
|
CWE-89
SQL Injection
|
CVE-2010-2044
|
2017-08-17 10:32 |
2010-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345809
|
- |
|
dionesoft
|
com_dioneformwizard
|
Directory traversal vulnerability in the Dione Form Wizard (aka FDione or com_dioneformwizard) component 1.0.2 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequ…
|
CWE-22
Path Traversal
|
CVE-2010-2045
|
2017-08-17 10:32 |
2010-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345810
|
- |
|
joenasejes
|
je_cms
|
SQL injection vulnerability in index.php in JE CMS 1.0.0 and 1.1 allows remote attackers to execute arbitrary SQL commands via the categoryid parameter in a viewcategory action. NOTE: some of these …
|
CWE-89
SQL Injection
|
CVE-2010-2047
|
2017-08-17 10:32 |
2010-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
