267371
|
- |
|
sk-typo3
|
sk_simplegallery
|
SQL injection vulnerability in the Simple Gallery (sk_simplegallery) extension 0.0.9 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2010-1019
|
2010-03-22 13:00 |
2010-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267372
|
- |
|
mads_brunn
|
t3quixplorer
|
Cross-site scripting (XSS) vulnerability in the Typo3 Quixplorer (t3quixplorer) extension before 1.7.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2010-1021
|
2010-03-22 13:00 |
2010-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267373
|
- |
|
gnome
|
screensaver
|
gnome-screensaver 2.26.1 relies on the gnome-session D-Bus interface to determine session idle time, even when an Xfce desktop such as Xubuntu or Mythbuntu is used, which allows physically proximate …
|
NVD-CWE-Other
|
CVE-2009-4642
|
2010-03-22 13:00 |
2010-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267374
|
- |
|
dmanager
|
documentmanager
|
Unspecified vulnerability in DocumentManager before 4.0 has unknown impact and attack vectors, related to file rights.
|
NVD-CWE-noinfo
|
CVE-2010-0612
|
2010-03-18 13:00 |
2010-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267375
|
- |
|
citrix
|
xenserver
|
Unspecified vulnerability in Citrix XenServer 5.0 Update 3 and earlier, and 5.5, allows local users to bypass authentication and execute unspecified Xen API (XAPI) calls via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2010-0633
|
2010-03-18 13:00 |
2010-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267376
|
- |
|
joomlamo
|
com_cartweberp
|
Directory traversal vulnerability in the CARTwebERP (com_cartweberp) component 1.56.75 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to in…
|
CWE-22
Path Traversal
|
CVE-2010-0982
|
2010-03-18 03:44 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267377
|
- |
|
dzcp
|
dev\!l\'z_clanportal
|
PHP remote file inclusion vulnerability in inc/config.php in deV!L`z Clanportal (DZCP) 1.5.2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the …
|
CWE-94
Code Injection
|
CVE-2010-0966
|
2010-03-17 22:27 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267378
|
- |
|
geekhelps
|
admp
|
SQL injection vulnerability in bannershow.php in Geekhelps ADMP 1.01 allows remote attackers to execute arbitrary SQL commands via the click parameter.
|
CWE-89
SQL Injection
|
CVE-2010-0968
|
2010-03-17 13:00 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267379
|
- |
|
pordus
|
pd_portal
|
PD PORTAL 4.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/db.mdb.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-0977
|
2010-03-17 13:00 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267380
|
- |
|
obsession-design
|
image-gallery
|
Cross-site scripting (XSS) vulnerability in display.php in Obsession-Design Image-Gallery (ODIG) 1.1 allows remote attackers to inject arbitrary web script or HTML via the folder parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2010-0979
|
2010-03-17 13:00 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|