|
266851
|
- |
|
dotnetnuke
|
dotnetnuke
|
Cross-site scripting (XSS) vulnerability in Install/InstallWizard.aspx in DotNetNuke 5.05.01 and 5.06.00 allows remote attackers to inject arbitrary web script or HTML via the __VIEWSTATE parameter. …
|
CWE-79
Cross-site Scripting
|
CVE-2010-4514
|
2010-12-10 14:00 |
2010-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266852
|
- |
|
harmistechnology
|
com_jeauto
|
SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) component 1.0 for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cha…
|
CWE-89
SQL Injection
|
CVE-2010-4517
|
2010-12-10 14:00 |
2010-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266853
|
- |
|
mono
|
mono
|
Untrusted search path vulnerability in metadata/loader.c in Mono 2.8 and earlier allows local users to gain privileges via a Trojan horse shared library in the current working directory.
|
NVD-CWE-Other
|
CVE-2010-4159
|
2010-12-9 17:36 |
2010-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266854
|
- |
|
mono
|
mono
|
Per: http://cwe.mitre.org/data/definitions/426.html
'CWE-426: Untrusted Search Path'
|
NVD-CWE-Other
|
CVE-2010-4159
|
2010-12-9 17:36 |
2010-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266855
|
- |
|
apple
|
iphone_os
|
Race condition in Apple iOS 4.0 through 4.1 for iPhone 3G and later allows physically proximate attackers to bypass the passcode lock by making a call from the Emergency Call screen, then quickly pre…
|
CWE-362
Race Condition
|
CVE-2010-4012
|
2010-12-9 14:00 |
2010-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266856
|
- |
|
mrcgiguy
|
freeticket
|
Multiple SQL injection vulnerabilities in contact.php in MRCGIGUY (MCG) FreeTicket 1.0.0, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) name,…
|
CWE-89
SQL Injection
|
CVE-2010-4500
|
2010-12-9 14:00 |
2010-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266857
|
- |
|
ca
|
internet_security_suite_plus_2010
|
Integer overflow in KmxSbx.sys 6.2.0.22 in CA Internet Security Suite Plus 2010 allows local users to cause a denial of service (pool corruption) and execute arbitrary code via crafted arguments to t…
|
CWE-189
Numeric Errors
|
CVE-2010-4502
|
2010-12-9 14:00 |
2010-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266858
|
- |
|
aigaion
|
aigaion
|
SQL injection vulnerability in indexlight.php in Aigaion 1.3.4 allows remote attackers to execute arbitrary SQL commands via the ID parameter in an export action.
|
CWE-89
SQL Injection
|
CVE-2010-4503
|
2010-12-9 14:00 |
2010-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266859
|
- |
|
intelliants
|
esyndicat
|
Multiple cross-site scripting (XSS) vulnerabilities in eSyndiCat Directory 2.3 allow remote attackers to inject arbitrary web script or HTML via the title parameter to (1) suggest-category.php and (2…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4504
|
2010-12-9 14:00 |
2010-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266860
|
- |
|
injader
|
injader
|
Multiple SQL injection vulnerabilities in login.php in Injader 2.4.4, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) un and (2) pw parameters.
|
CWE-89
SQL Injection
|
CVE-2010-4505
|
2010-12-9 14:00 |
2010-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
