|
310111
|
- |
|
odcms
|
odcms
|
Multiple cross-site scripting (XSS) vulnerabilities in odCMS 1.06, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the Page parameter to (1) _main/index.php, (…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2344
|
2024-11-21 10:16 |
2010-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310112
|
- |
|
dennisre
|
audio_converter
|
Stack-based buffer overflow in D.R. Software Audio Converter 8.1, 2007, and 8.05 allows remote attackers to execute arbitrary code via a crafted pls playlist file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-2343
|
2024-11-21 10:16 |
2010-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310113
|
- |
|
dmxready
|
online_notebook_manager
|
SQL injection vulnerability in onlinenotebookmanager.asp in DMXReady Online Notebook Manager 1.0 allows remote attackers to execute arbitrary SQL commands via the ItemID parameter.
|
CWE-89
SQL Injection
|
CVE-2010-2342
|
2024-11-21 10:16 |
2010-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310114
|
- |
|
ezpx
|
ezpx_photoblog
|
PHP remote file inclusion vulnerability in system/application/views/public/commentform.php in EZPX Photoblog 1.2 beta allows remote attackers to execute arbitrary PHP code via a URL in the tpl_base_d…
|
CWE-94
Code Injection
|
CVE-2010-2341
|
2024-11-21 10:16 |
2010-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310115
|
- |
|
arabportal
|
arab_portal
|
SQL injection vulnerability in members.php in Arab Portal 2.2, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the by parameter in the msearch action.
|
CWE-89
SQL Injection
|
CVE-2010-2340
|
2024-11-21 10:16 |
2010-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310116
|
- |
|
subdreamer
|
subdreamer
|
SQL injection vulnerability in admin/pages.php in Subdreamer CMS 3.x.x allows remote attackers to execute arbitrary SQL commands via the categoryids[] parameter in an update_pages action.
|
CWE-89
SQL Injection
|
CVE-2010-2339
|
2024-11-21 10:16 |
2010-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310117
|
- |
|
vunet
|
vu_web_visitor_analyst
|
Multiple SQL injection vulnerabilities in redir.asp in VU Web Visitor Analyst allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter. NOTE: some of t…
|
CWE-89
SQL Injection
|
CVE-2010-2338
|
2024-11-21 10:16 |
2010-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310118
|
- |
|
yamamah
|
yamamah
|
index.php in Yamamah Photo Gallery 1.00 allows remote attackers to obtain the source code of executable files within the web document root via the download parameter.
|
CWE-200
Information Exposure
|
CVE-2010-2336
|
2024-11-21 10:16 |
2010-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310119
|
- |
|
yamamah
|
yamamah
|
SQL injection vulnerability in index.php in Yamamah Photo Gallery 1.00, as distributed before 20100618, allows remote attackers to execute arbitrary SQL commands via the news parameter.
|
CWE-89
SQL Injection
|
CVE-2010-2335
|
2024-11-21 10:16 |
2010-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310120
|
- |
|
yamamah
|
yamamah
|
Directory traversal vulnerability in themes/default/download.php in Yamamah Photo Gallery 1.00, as distributed before 20100618, allows remote attackers to read arbitrary files via a .. (dot dot) in t…
|
CWE-22
Path Traversal
|
CVE-2010-2334
|
2024-11-21 10:16 |
2010-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
