|
260671
|
- |
|
mhd_zaher_ghaibeh
|
arab_cart
|
Cross-site scripting (XSS) vulnerability in showimg.php in Arab Cart 1.0.2.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2010-0725
|
2010-04-15 14:41 |
2010-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260672
|
- |
|
blender
|
blender
|
Untrusted search path vulnerability in BPY_interface in Blender 2.46 allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to an errone…
|
NVD-CWE-Other
|
CVE-2008-4863
|
2010-04-15 14:27 |
2008-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260673
|
- |
|
preprojects
|
pre_classified_listings_asp
|
Cross-site scripting (XSS) vulnerability in signup.asp in Pre Classified Listings ASP allows remote attackers to inject arbitrary web script or HTML via the address parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2010-1371
|
2010-04-15 06:03 |
2010-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260674
|
- |
|
preprojects
|
pre_classified_listings_asp
|
SQL injection vulnerability in signup.asp in Pre Classified Listings ASP allows remote attackers to execute arbitrary SQL commands via the email parameter.
|
CWE-89
SQL Injection
|
CVE-2010-1369
|
2010-04-15 05:58 |
2010-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260675
|
- |
|
uiga
|
fan_club
|
Multiple SQL injection vulnerabilities in admin/admin_login.php in Uiga Fan Club 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) admin_name and (2) admin_password…
|
CWE-89
SQL Injection
|
CVE-2010-1366
|
2010-04-15 05:49 |
2010-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260676
|
- |
|
uiga
|
personal_portal
|
SQL injection vulnerability in index.php in Uiga Personal Portal, as downloaded on 20100301, allows remote attackers to execute arbitrary SQL commands via the id parameter in a photos action. NOTE: …
|
CWE-89
SQL Injection
|
CVE-2010-1364
|
2010-04-15 04:37 |
2010-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260677
|
- |
|
ben_jeavons
|
ownterm
|
Cross-site scripting (XSS) vulnerability in the Own Term module 6.x-1.0 for Drupal allows remote authenticated users, with "create additional terms" privileges, to inject arbitrary web script or HTML…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1362
|
2010-04-14 22:59 |
2010-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260678
|
- |
|
yasirpro
|
ms-pro_portal_scripti
|
YP Portal MS-Pro Surumu (aka MS-Pro Portal Scripti) 1.0 and 1.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-4766
|
2010-04-14 21:44 |
2010-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260679
|
- |
|
ron_jerome
|
bibliography
|
Cross-site scripting (XSS) vulnerability in the Bibliography (Biblio) module 5.x through 5.x-1.17 and 6.x through 6.x-1.9 for Drupal allows remote authenticated users, with "administer biblio" privil…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1358
|
2010-04-14 13:00 |
2010-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260680
|
- |
|
uiga
|
fan_club
|
SQL injection vulnerability in index.php in Uiga Fan Club, as downloaded on 20100310, allows remote attackers to execute arbitrary SQL commands via the id parameter in a photos action.
|
CWE-89
SQL Injection
|
CVE-2010-1365
|
2010-04-14 13:00 |
2010-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
