267131
|
- |
|
rifat_kurban
|
tekno.portal
|
SQL injection vulnerability in makale.php in tekno.Portal 0.1b allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2006-2817.
|
CWE-89
SQL Injection
|
CVE-2010-1925
|
2010-05-13 13:00 |
2010-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267132
|
- |
|
openmairie
|
opencourrier
|
Directory traversal vulnerability in scr/soustab.php in openMairie openCourrier 2.02 and 2.03 beta, when register_globals is enabled, allows remote attackers to include and execute arbitrary local fi…
|
CWE-22
Path Traversal
|
CVE-2010-1926
|
2010-05-13 13:00 |
2010-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267133
|
- |
|
openmairie
|
opencourrier
|
Multiple PHP remote file inclusion vulnerabilities in openMairie openCourrier 2.02 and 2.03 beta, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in t…
|
CWE-94
Code Injection
|
CVE-2010-1927
|
2010-05-13 13:00 |
2010-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267134
|
- |
|
openmairie
|
openplanning
|
Multiple PHP remote file inclusion vulnerabilities in openMairie openPlanning 1.00, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the path_om par…
|
CWE-94
Code Injection
|
CVE-2010-1934
|
2010-05-13 13:00 |
2010-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267135
|
- |
|
xoops
|
xoops
|
The activation resend function in the Profiles module in XOOPS before 2.4.1 sends activation codes in response to arbitrary activation requests, which allows remote attackers to bypass administrative…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-4851
|
2010-05-13 13:00 |
2010-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267136
|
- |
|
gnustep
|
gnustep_base
|
Integer overflow in the load_iface function in Tools/gdomap.c in gdomap in GNUstep Base before 1.20.0 might allow context-dependent attackers to execute arbitrary code via a (1) file or (2) socket th…
|
CWE-189
Numeric Errors
|
CVE-2010-1620
|
2010-05-13 06:07 |
2010-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267137
|
- |
|
efrontlearning
|
efront
|
SQL injection vulnerability in ask_chat.php in eFront 3.6.2 and earlier allows remote attackers to execute arbitrary SQL commands via the chatrooms_ID parameter.
|
CWE-89
SQL Injection
|
CVE-2010-1918
|
2010-05-13 04:36 |
2010-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267138
|
- |
|
gnustep
|
gnustep_base
|
Tools/gdomap.c in gdomap in GNUstep Base before 1.20.0 allows local users to read arbitrary files via a (1) -c or (2) -a option, which prints file contents in an error message.
|
CWE-200
Information Exposure
|
CVE-2010-1457
|
2010-05-12 20:46 |
2010-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267139
|
- |
|
tufat
|
flashcard
|
Cross-site scripting (XSS) vulnerability in cPlayer.php in FlashCard 2.6.5 and 3.0.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: some of these details …
|
CWE-79
Cross-site Scripting
|
CVE-2010-1872
|
2010-05-12 20:46 |
2010-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267140
|
- |
|
abcbackup internet-soft
|
abc_backup urgent_backup
|
Stack-based buffer overflow in (1) Urgent Backup 3.20, and (2) ABC Backup Pro 5.20 and ABC Backup 5.50, allows user-assisted remote attackers to execute arbitrary code via a crafted ZIP archive.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-1686
|
2010-05-12 09:41 |
2010-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|