|
346181
|
- |
|
bfs.kilu
|
bigforum
|
SQL injection vulnerability in profil.php in Bigforum 4.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2010-0948
|
2017-08-17 10:32 |
2010-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346182
|
- |
|
dev4u
|
dev4u_cms
|
SQL injection vulnerability in go_target.php in dev4u CMS allows remote attackers to execute arbitrary SQL commands via the kontent_id parameter.
|
CWE-89
SQL Injection
|
CVE-2010-0951
|
2017-08-17 10:32 |
2010-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346183
|
- |
|
insanevisions
|
onecms
|
SQL injection vulnerability in index.php in OneCMS 2.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the user parameter in an elite action.
|
CWE-89
SQL Injection
|
CVE-2010-0952
|
2017-08-17 10:32 |
2010-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346184
|
- |
|
phpcoin
|
phpcoin
|
Directory traversal vulnerability in mod.php in phpCOIN 1.2.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the mod parameter.
|
CWE-22
Path Traversal
|
CVE-2010-0953
|
2017-08-17 10:32 |
2010-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346185
|
- |
|
preprojects
|
pre_e-learning_portal
|
SQL injection vulnerability in search_result.asp in Pre Projects Pre E-Learning Portal allows remote attackers to execute arbitrary SQL commands via the course_ID parameter.
|
CWE-89
SQL Injection
|
CVE-2010-0954
|
2017-08-17 10:32 |
2010-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346186
|
- |
|
media-products
|
bild_flirt_community
|
SQL injection vulnerability in index.php in Bild Flirt Community 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2010-0955
|
2017-08-17 10:32 |
2010-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346187
|
- |
|
saskia_bruckner
|
saskias_shopsystem
|
Directory traversal vulnerability in content.php in Saskia's Shopsystem beta1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the…
|
CWE-22
Path Traversal
|
CVE-2010-0957
|
2017-08-17 10:32 |
2010-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346188
|
- |
|
media-products
|
eros_webkatalog
|
SQL injection vulnerability in start.php in Eros Webkatalog allows remote attackers to execute arbitrary SQL commands via the id parameter in a rubrik action.
|
CWE-89
SQL Injection
|
CVE-2010-0964
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346189
|
- |
|
jevci.net
|
jevci_siparis_formu_scripti
|
Jevci Siparis Formu Scripti stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for siparis.mdb.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-0965
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346190
|
- |
|
geekhelps
|
admp
|
Multiple directory traversal vulnerabilities in Geekhelps ADMP 1.01, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via directory traversal seq…
|
CWE-22
Path Traversal
|
CVE-2010-0967
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
