|
267131
|
- |
|
zikula
|
zikula_application_framework
|
Cross-site request forgery (CSRF) vulnerability in the users module in Zikula Application Framework before 1.2.3 allows remote attackers to hijack the authentication of administrators for requests th…
|
CWE-352
Origin Validation Error
|
CVE-2010-1732
|
2010-05-11 13:00 |
2010-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267132
|
- |
|
transmissionbt
|
transmission
|
Multiple stack-based buffer overflows in the tr_magnetParse function in libtransmission/magnet.c in Transmission 1.91 allow remote attackers to cause a denial of service (crash) or possibly execute a…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-1853
|
2010-05-11 13:00 |
2010-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267133
|
- |
|
php
|
php
|
The (1) sqlite_single_query and (2) sqlite_array_query functions in ext/sqlite/sqlite.c in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to execute arbitrary code by …
|
CWE-94
Code Injection
|
CVE-2010-1868
|
2010-05-11 13:00 |
2010-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267134
|
- |
|
alienvault
|
open_source_security_information_management
|
SQL injection vulnerability in repository/repository_attachment.php in AlienVault Open Source Security Information Management (OSSIM) 2.1.5, and possibly other versions before 2.1.5-4, allows remote …
|
CWE-89
SQL Injection
|
CVE-2009-4375
|
2010-05-11 13:00 |
2009-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267135
|
- |
|
mega-nerd
|
libsndfile
|
The (1) htk_read_header, (2) alaw_init, (3) ulaw_init, (4) pcm_init, (5) float32_init, and (6) sds_read_header functions in libsndfile 1.0.20 allow context-dependent attackers to cause a denial of se…
|
CWE-189
Numeric Errors
|
CVE-2009-4835
|
2010-05-11 13:00 |
2010-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267136
|
- |
|
phpscripte24
|
pay_per_watch_\&_bid_auktions_system
|
Cross-site scripting (XSS) vulnerability in auktion.php in Pay Per Watch & Bid Auktions System allows remote attackers to inject arbitrary web script or HTML via the id_auk parameter, which is not pr…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1854
|
2010-05-10 13:00 |
2010-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267137
|
- |
|
realitymedias
|
repairshop2
|
Cross-site scripting (XSS) vulnerability in index.php in RepairShop2 1.9.023 Trial, when magic_quotes_gpc is disabled, allows remote attackers to inject arbitrary web script or HTML via the prod para…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1856
|
2010-05-10 13:00 |
2010-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267138
|
- |
|
deluxebb
|
deluxebb
|
SQL injection vulnerability in newpost.php in DeluxeBB 1.3 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the membercookie cookie when a…
|
CWE-89
SQL Injection
|
CVE-2010-1859
|
2010-05-10 13:00 |
2010-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267139
|
- |
|
php
|
php
|
The sysvshm extension for PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to write to arbitrary memory addresses by using an object's __sleep function to interrupt an …
|
CWE-399
Resource Management Errors
|
CVE-2010-1861
|
2010-05-10 13:00 |
2010-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267140
|
- |
|
clantiger
|
clantiger
|
SQL injection vulnerability in the shoutbox module (modules/shoutbox.php) in ClanTiger 1.1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the s_email parameter.
|
CWE-89
SQL Injection
|
CVE-2010-1863
|
2010-05-10 13:00 |
2010-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
