|
260871
|
- |
|
commodityrentals
|
vacation_rental_software
|
SQL injection vulnerability in index.php in CommodityRentals Vacation Rental Software allows remote attackers to execute arbitrary SQL commands via the rental_id parameter in a CalendarView action.
|
CWE-89
SQL Injection
|
CVE-2010-0763
|
2010-03-3 14:00 |
2010-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260872
|
- |
|
snowflake
|
t3blog
|
Cross-site scripting (XSS) vulnerability in the T3BLOG extension 0.6.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2010-0797
|
2010-03-3 14:00 |
2010-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260873
|
- |
|
snowflake
|
t3blog
|
SQL injection vulnerability in the T3BLOG extension 0.6.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2010-0798
|
2010-03-3 14:00 |
2010-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260874
|
- |
|
perlunity
|
phpunity.newsmanager
|
Directory traversal vulnerability in misc/tell_a_friend/tell.php in phpunity.newsmanager allows remote attackers to read arbitrary files via a .. (dot dot) in the id parameter.
|
CWE-22
Path Traversal
|
CVE-2010-0799
|
2010-03-3 14:00 |
2010-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260875
|
- |
|
autartica
|
com_autartitarot
|
Directory traversal vulnerability in the AutartiTarot (com_autartitarot) component 1.0.3 for Joomla! allows remote authenticated users, with "Public Back-end" group permissions, to read arbitrary fil…
|
CWE-22
Path Traversal
|
CVE-2010-0801
|
2010-03-3 14:00 |
2010-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260876
|
- |
|
aleinbeen
|
\(nv2\)_awards
|
SQL injection vulnerability in index.php in (nv2) Awards 1.1.0, a modification for Invision Power Board, allows remote attackers to execute arbitrary SQL commands via the id parameter in a view actio…
|
CWE-89
SQL Injection
|
CVE-2010-0802
|
2010-03-3 14:00 |
2010-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260877
|
- |
|
sun
|
java_system_application_server
|
Cross-site scripting (XSS) vulnerability in Sun Java System Application Server 7 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
|
NVD-CWE-Other
|
CVE-2005-0742
|
2010-03-2 14:36 |
2005-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260878
|
- |
|
basic-cms
|
basic-cms
|
Cross-site scripting (XSS) vulnerability in pages/index.php in BASIC-CMS allows remote attackers to inject arbitrary web script or HTML via the nav_id parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2010-0695
|
2010-03-2 14:00 |
2010-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260879
|
- |
|
ibm
|
websphere_portal
|
Cross-site scripting (XSS) vulnerability in the Portlet Palette in IBM WebSphere Portal 6.0.1.5 wp6015_008_01 allows remote attackers to inject arbitrary web script or HTML via the search field.
|
CWE-79
Cross-site Scripting
|
CVE-2010-0704
|
2010-03-2 14:00 |
2010-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260880
|
- |
|
moinmo
|
moinmoin
|
MoinMoin 1.9 before 1.9.1 does not perform the expected clearing of the sys.argv array in situations where the GATEWAY_INTERFACE environment variable is set, which allows remote attackers to obtain s…
|
CWE-200
Information Exposure
|
CVE-2010-0667
|
2010-03-1 14:00 |
2010-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
