|
260561
|
- |
|
mega-nerd
|
libsndfile
|
The (1) htk_read_header, (2) alaw_init, (3) ulaw_init, (4) pcm_init, (5) float32_init, and (6) sds_read_header functions in libsndfile 1.0.20 allow context-dependent attackers to cause a denial of se…
|
CWE-189
Numeric Errors
|
CVE-2009-4835
|
2010-05-11 13:00 |
2010-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260562
|
- |
|
phpscripte24
|
pay_per_watch_\&_bid_auktions_system
|
Cross-site scripting (XSS) vulnerability in auktion.php in Pay Per Watch & Bid Auktions System allows remote attackers to inject arbitrary web script or HTML via the id_auk parameter, which is not pr…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1854
|
2010-05-10 13:00 |
2010-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260563
|
- |
|
realitymedias
|
repairshop2
|
Cross-site scripting (XSS) vulnerability in index.php in RepairShop2 1.9.023 Trial, when magic_quotes_gpc is disabled, allows remote attackers to inject arbitrary web script or HTML via the prod para…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1856
|
2010-05-10 13:00 |
2010-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260564
|
- |
|
deluxebb
|
deluxebb
|
SQL injection vulnerability in newpost.php in DeluxeBB 1.3 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the membercookie cookie when a…
|
CWE-89
SQL Injection
|
CVE-2010-1859
|
2010-05-10 13:00 |
2010-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260565
|
- |
|
php
|
php
|
The sysvshm extension for PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to write to arbitrary memory addresses by using an object's __sleep function to interrupt an …
|
CWE-399
Resource Management Errors
|
CVE-2010-1861
|
2010-05-10 13:00 |
2010-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260566
|
- |
|
clantiger
|
clantiger
|
SQL injection vulnerability in the shoutbox module (modules/shoutbox.php) in ClanTiger 1.1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the s_email parameter.
|
CWE-89
SQL Injection
|
CVE-2010-1863
|
2010-05-10 13:00 |
2010-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260567
|
- |
|
festic
|
semanticscuttle
|
Multiple cross-site scripting (XSS) vulnerabilities in SemanticScuttle before 0.94.1 allow remote attackers to inject arbitrary web script or HTML via the sort parameter to index.php, and other unspe…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4852
|
2010-05-10 13:00 |
2010-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260568
|
- |
|
roshan_singh
|
open_direct_connect_hub
|
Stack-based buffer overflow in Open Direct Connect Hub (aka Open DC Hub or OpenDCHub) 0.8.1 allows remote authenticated users to execute arbitrary code via a long MyINFO message.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-1147
|
2010-05-8 14:57 |
2010-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260569
|
- |
|
lexmark
|
25xxn
c510
c52x
c53x
c540
c543
c544
c546
c73x
c77x
c78x
c920
c935dn
e120
e238
e23x
e240
e240n
e250
e260
e33x
e34x
e350
e360d
e3…
|
The embedded HTTP server in multiple Lexmark laser and inkjet printers and MarkNet devices, including X94x, W840, T656, N4000, E462, C935dn, 25xxN, and other models, allows remote attackers to cause …
|
CWE-20
Improper Input Validation
|
CVE-2010-0101
|
2010-05-7 13:00 |
2010-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260570
|
- |
|
carlos_eduardo_sotelo_pinto
|
0.1.0
|
PHP remote file inclusion vulnerability in core/includes/gfw_smarty.php in Gallo 0.1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the confi…
|
CWE-94
Code Injection
|
CVE-2010-1737
|
2010-05-7 13:00 |
2010-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
