|
266891
|
- |
|
uiga
|
fan_club
|
SQL injection vulnerability in index.php in Uiga Fan Club, as downloaded on 20100310, allows remote attackers to execute arbitrary SQL commands via the id parameter in a photos action.
|
CWE-89
SQL Injection
|
CVE-2010-1365
|
2010-04-14 13:00 |
2010-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266892
|
- |
|
uiga
|
fan_club
|
Multiple cross-site scripting (XSS) vulnerabilities in admin/admin_login.php in Uiga Fan Club, as downloaded on 20100310, allow remote attackers to inject arbitrary web script or HTML via the (1) adm…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1367
|
2010-04-14 13:00 |
2010-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266893
|
- |
|
preprojects
|
pre_classified_listings_asp
|
SQL injection vulnerability in detailad.asp in Pre Classified Listings ASP allows remote attackers to execute arbitrary SQL commands via the siteid parameter.
|
CWE-89
SQL Injection
|
CVE-2010-1370
|
2010-04-14 13:00 |
2010-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266894
|
- |
|
cnr.somee
|
hikaye_portal
|
CNR Hikaye Portal 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/hikaye.mdb.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-4765
|
2010-04-14 13:00 |
2010-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266895
|
- |
|
jooforge
|
com_jukebox
|
Directory traversal vulnerability in the JOOFORGE Jutebox (com_jukebox) component 1.0 and 1.7 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller paramete…
|
CWE-22
Path Traversal
|
CVE-2010-1352
|
2010-04-14 06:31 |
2010-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266896
|
- |
|
cisco
|
ios
|
The SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to cause a denial of service (device reload) via a malformed SIP message, aka Bug ID CSCtb93416, the "SIP Message Handling De…
|
NVD-CWE-Other
|
CVE-2010-0579
|
2010-04-13 14:43 |
2010-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266897
|
- |
|
cisco
|
ios
|
Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to execute arbitrary code via a malformed SIP message, aka Bug ID CSCsz48680, the "SIP Message P…
|
NVD-CWE-noinfo
|
CVE-2010-0580
|
2010-04-13 14:43 |
2010-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266898
|
- |
|
cisco
|
ios
|
Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to execute arbitrary code via a malformed SIP message, aka Bug ID CSCsz89904, the "SIP Packet Pa…
|
NVD-CWE-noinfo
|
CVE-2010-0581
|
2010-04-13 14:43 |
2010-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266899
|
- |
|
cisco
|
ios
|
Cisco IOS 12.1 through 12.4, and 15.0M before 15.0(1)M1, allows remote attackers to cause a denial of service (interface queue wedge) via malformed H.323 packets, aka Bug ID CSCta19962.
|
NVD-CWE-noinfo
|
CVE-2010-0582
|
2010-04-13 14:43 |
2010-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266900
|
- |
|
freedesktop
|
udisks
|
probers/udisks-dm-export.c in udisks before 1.0.1 exports UDISKS_DM_TARGETS_PARAMS information to udev even for a crypt UDISKS_DM_TARGETS_TYPE, which allows local users to discover encryption keys by…
|
CWE-200
Information Exposure
|
CVE-2010-1149
|
2010-04-13 13:00 |
2010-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
