260401
|
- |
|
extensiondepot
|
com_jsupport
|
SQL injection vulnerability in the JSupport (com_jsupport) component 1.5.6 for Joomla! allows remote authenticated users, with Public Back-end permissions, to execute arbitrary SQL commands via the a…
|
CWE-89
SQL Injection
|
CVE-2010-4838
|
2012-02-14 13:02 |
2011-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260402
|
- |
|
diferior
|
diferior
|
Multiple cross-site scripting (XSS) vulnerabilities in Diferior 8.03 allow remote attackers to inject arbitrary web script or HTML via the (1) post_content parameter to post/edit/2/p1.html, related t…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4850
|
2012-02-14 13:02 |
2011-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260403
|
- |
|
eclime
|
eclime
|
Multiple SQL injection vulnerabilities in Eclime 1.1.2b allow remote attackers to execute arbitrary SQL commands via the (1) ref or (2) poll_id parameter to index.php, or the (3) country parameter to…
|
CWE-89
SQL Injection
|
CVE-2010-4851
|
2012-02-14 13:02 |
2011-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260404
|
- |
|
eclime
|
eclime
|
Cross-site scripting (XSS) vulnerability in login.php in Eclime 1.1.2b allows remote attackers to inject arbitrary web script or HTML via the reason parameter in a fail action.
|
CWE-79
Cross-site Scripting
|
CVE-2010-4852
|
2012-02-14 13:02 |
2011-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260405
|
- |
|
aspindir
|
xweblog
|
SQL injection vulnerability in oku.asp in xWeblog 2.2 allows remote attackers to execute arbitrary SQL commands via the makale_id parameter.
|
CWE-89
SQL Injection
|
CVE-2010-4855
|
2012-02-14 13:02 |
2011-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260406
|
- |
|
joerg_risse
|
dnet_live-stats
|
Directory traversal vulnerability in team.rc5-72.php in DNET Live-Stats 0.8 allows remote attackers to read arbitrary files via a .. (dot dot) in the showlang parameter.
|
CWE-22
Path Traversal
|
CVE-2010-4858
|
2012-02-14 13:02 |
2011-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260407
|
- |
|
webasyst
|
shop-script
|
SQL injection vulnerability in index.php in WebAsyst Shop-Script allows remote attackers to execute arbitrary SQL commands via the blog_id parameter in a news action.
|
CWE-89
SQL Injection
|
CVE-2010-4859
|
2012-02-14 13:02 |
2011-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260408
|
- |
|
danieljamesscott
|
com_clubmanager
|
SQL injection vulnerability in the Club Manager (com_clubmanager) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cm_id parameter in an equip presenta action t…
|
CWE-89
SQL Injection
|
CVE-2010-4864
|
2012-02-14 13:02 |
2011-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260409
|
- |
|
insanevisions
|
onecms
|
Cross-site scripting (XSS) vulnerability in index.php in OneCMS 2.6.1 allows remote attackers to inject arbitrary web script or HTML via the view parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2010-4877
|
2012-02-14 13:02 |
2011-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260410
|
- |
|
hinnendahl
|
gaestebuch
|
PHP remote file inclusion vulnerability in guestbook/gbook.php in Gaestebuch 1.2 allows remote attackers to execute arbitrary PHP code via a URL in the script_pfad parameter.
|
CWE-94
Code Injection
|
CVE-2010-4884
|
2012-02-14 13:02 |
2011-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|