266311
|
- |
|
awstats
|
awstats
|
awstats.cgi in AWStats before 7.0 on Windows accepts a configdir parameter in the URL, which allows remote attackers to execute arbitrary commands via a crafted configuration file located at a UNC sh…
|
CWE-94
Code Injection
|
CVE-2010-4368
|
2010-12-3 14:00 |
2010-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266312
|
- |
|
awstats
|
awstats
|
Open redirect vulnerability in awredir.pl in AWStats before 6.95 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
|
CWE-20
Improper Input Validation
|
CVE-2009-5020
|
2010-12-3 01:22 |
2010-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266313
|
- |
|
site2nite
|
big_truck_broker
|
SQL injection vulnerability in news_default.asp in Site2Nite Big Truck Broker allows remote attackers to execute arbitrary SQL commands via the txtSiteId parameter.
|
CWE-89
SQL Injection
|
CVE-2010-4356
|
2010-12-2 14:00 |
2010-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266314
|
- |
|
boka
|
siteengine
|
SQL injection vulnerability in comments.php in SiteEngine 7.1 allows remote attackers to execute arbitrary SQL commands via the module parameter.
|
CWE-89
SQL Injection
|
CVE-2010-4357
|
2010-12-2 14:00 |
2010-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266315
|
- |
|
jurpo
|
jurpopage
|
SQL injection vulnerability in index.php in Jurpopage 0.2.0 allows remote attackers to execute arbitrary SQL commands via the category parameter.
|
CWE-89
SQL Injection
|
CVE-2010-4359
|
2010-12-2 14:00 |
2010-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266316
|
- |
|
jurpo
|
jurpopage
|
Multiple SQL injection vulnerabilities in index.php in Jurpopage 0.2.0 allow remote attackers to execute arbitrary SQL commands via the (1) note and (2) pg parameters, different vectors than CVE-2010…
|
CWE-89
SQL Injection
|
CVE-2010-4360
|
2010-12-2 14:00 |
2010-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266317
|
- |
|
jurpo
|
jurpopage
|
Cross-site scripting (XSS) vulnerability in url-gateway.php in Jurpopage 0.2.0 allows remote attackers to inject arbitrary web script or HTML via the url parameter. NOTE: the provenance of this info…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4361
|
2010-12-2 14:00 |
2010-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266318
|
- |
|
harmistechnology
|
com_jeajaxeventcalendar
|
SQL injection vulnerability in JE Ajax Event Calendar (com_jeajaxeventcalendar) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the event_id parameter in an alleve…
|
CWE-89
SQL Injection
|
CVE-2010-4365
|
2010-12-2 14:00 |
2010-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266319
|
- |
|
cisco
|
asa_5500 pix_500 vpn_3000_concentrator vpn_3005_concentrator vpn_3015_concentrator vpn_3020_concentrator vpn_3030_concentator vpn_3060_concentrator vpn_3080_concentrator
|
The remote-access IPSec VPN implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices, PIX Security Appliances 500 series devices, and VPN Concentrators 3000 series devices respo…
|
CWE-200
Information Exposure
|
CVE-2010-4354
|
2010-12-1 14:00 |
2010-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266320
|
- |
|
mozilla
|
firefox
|
Mozilla Firefox before 3.6 Beta 3 does not properly handle overlong UTF-8 encoding, which makes it easier for remote attackers to bypass cross-site scripting (XSS) protection mechanisms via a crafted…
|
CWE-79
Cross-site Scripting
|
CVE-2009-5017
|
2010-12-1 14:00 |
2010-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|