|
263781
|
- |
|
phpgalleryscript
|
php_free_photo_gallery
|
PHP remote file inclusion vulnerability in libs/adodb/adodb.inc.php in PHP Free Photo Gallery script allows remote attackers to execute arbitrary PHP code via a URL in the path parameter.
|
CWE-94
Code Injection
|
CVE-2010-4948
|
2012-05-14 13:00 |
2011-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263782
|
- |
|
joachim_ruhs
|
event
|
SQL injection vulnerability in the Event (event) extension before 0.3.7 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2010-4950
|
2012-05-14 13:00 |
2011-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263783
|
- |
|
thomas_mammitzsch
|
vx_xajax_shoutbox
|
Cross-site scripting (XSS) vulnerability in the xaJax Shoutbox (vx_xajax_shoutbox) extension before 1.0.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vect…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4951
|
2012-05-14 13:00 |
2011-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263784
|
- |
|
dlink
|
dcs-2121_firmware
dcs-2121
|
recorder_test.cgi on the D-Link DCS-2121 camera with firmware 1.04 allows remote attackers to execute arbitrary commands via shell metacharacters in the Password field, related to a "semicolon inject…
|
CWE-94
Code Injection
|
CVE-2010-4964
|
2012-05-14 13:00 |
2011-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263785
|
- |
|
dlink
|
dcs-2121_firmware
dcs-2121
|
/etc/rc.d/rc.local on the D-Link DCS-2121 camera with firmware 1.04 configures a hardcoded password of admin for the root account, which makes it easier for remote attackers to obtain shell access by…
|
CWE-255
Credentials Management
|
CVE-2010-4965
|
2012-05-14 13:00 |
2011-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263786
|
- |
|
atcom
|
netvolution
|
Cross-site scripting (XSS) vulnerability in default.asp in ATCOM Netvolution allows remote attackers to inject arbitrary web script or HTML via the query parameter in a Search action.
|
CWE-79
Cross-site Scripting
|
CVE-2010-4966
|
2012-05-14 13:00 |
2011-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263787
|
- |
|
atcom
|
netvolution
|
SQL injection vulnerability in default.asp in ATCOM Netvolution 1.0 ASP allows remote attackers to execute arbitrary SQL commands via the bpe_nid parameter.
|
CWE-89
SQL Injection
|
CVE-2009-5102
|
2012-05-14 13:00 |
2011-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263788
|
- |
|
atcom
|
netvolution
|
Cross-site scripting (XSS) vulnerability in ATCOM Netvolution 1.0 ASP allows remote attackers to inject arbitrary web script or HTML via the email variable.
|
CWE-79
Cross-site Scripting
|
CVE-2009-5103
|
2012-05-14 13:00 |
2011-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263789
|
- |
|
sun
|
opensolaris
sunos
|
The labeled networking implementation in Solaris Trusted Extensions in Sun Solaris 10 and OpenSolaris snv_39 through snv_67, when a labeled zone is in the installed state, allows remote authenticated…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7300
|
2012-05-14 13:00 |
2011-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263790
|
- |
|
gnome
|
empathy
|
Cross-site scripting (XSS) vulnerability in the theme_adium_append_message function in empathy-theme-adium.c in the Adium theme in libempathy-gtk in Empathy 3.2.1 and earlier allows remote attackers …
|
CWE-79
Cross-site Scripting
|
CVE-2011-4170
|
2012-05-13 13:00 |
2011-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
