|
260501
|
- |
|
multishopcms
|
multishop_cms
|
SQL injection vulnerability in itemdetail.php in Multishop CMS allows remote attackers to execute arbitrary SQL commands via the itemid parameter. NOTE: the provenance of this information is unknown…
|
CWE-89
SQL Injection
|
CVE-2010-2140
|
2010-06-3 13:00 |
2010-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260502
|
- |
|
joaktree
|
com_joaktree
|
SQL injection vulnerability in the Joaktree (com_joaktree) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the treeId parameter to index.php.
|
CWE-89
SQL Injection
|
CVE-2009-4784
|
2010-06-3 13:00 |
2010-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260503
|
- |
|
bhavesh_chauhan
|
com_quicknews
|
SQL injection vulnerability in the Quick News (com_quicknews) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the newsid parameter in a view_item action to index.p…
|
CWE-89
SQL Injection
|
CVE-2009-4785
|
2010-06-3 13:00 |
2010-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260504
|
- |
|
pligg
|
pligg_cms
|
Multiple open redirect vulnerabilities in Pligg 1.0.2 and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the (1) return parameter to pligg/lo…
|
CWE-20
Improper Input Validation
|
CVE-2009-4788
|
2010-06-3 13:00 |
2010-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260505
|
- |
|
mojoblog
|
mojoblog
|
Multiple PHP remote file inclusion vulnerabilities in the MojoBlog component RC 0.15 for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path paramete…
|
CWE-94
Code Injection
|
CVE-2009-4789
|
2010-06-3 13:00 |
2010-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260506
|
- |
|
mojoblog
|
mojoblog
|
Per http://extensions.joomla.org/extensions/3374/details:
Editor's note
This extension has been unpublished for the following reason:
* This extension is not compatible with Joomla! 1.5
|
CWE-94
Code Injection
|
CVE-2009-4789
|
2010-06-3 13:00 |
2010-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260507
|
- |
|
sysax
|
multi_server
|
Multiple directory traversal vulnerabilities in Sysax Multi Server 4.5 allow remote authenticated users to read or modify arbitrary files via crafted FTP commands. NOTE: the provenance of this infor…
|
CWE-22
Path Traversal
|
CVE-2009-4790
|
2010-06-3 13:00 |
2010-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260508
|
- |
|
amsn
|
amsn
|
login_screen.tcl in aMSN (aka Alvaro's Messenger) before 0.97.1 saves a password after logout, which allows physically proximate attackers to hijack a session by visiting an unattended workstation.
|
CWE-255
Credentials Management
|
CVE-2008-7255
|
2010-06-3 13:00 |
2010-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260509
|
- |
|
lispeltuut
|
com_archeryscores
|
Directory traversal vulnerability in archeryscores.php in the Archery Scores (com_archeryscores) component 1.0.6 for Joomla! allows remote attackers to include and execute arbitrary local files via a…
|
CWE-22
Path Traversal
|
CVE-2010-1718
|
2010-06-1 13:00 |
2010-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260510
|
- |
|
freebsd
|
freebsd
|
jail.c in jail in FreeBSD 8.0 and 8.1-PRERELEASE, when the "-l -U root" options are omitted, does not properly restrict access to the current working directory, which might allow local users to read,…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-2022
|
2010-06-1 13:00 |
2010-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
