|
267611
|
- |
|
shopex
|
ecshop
|
SQL injection vulnerability in search.php in ECShop 2.7.2 allows remote attackers to execute arbitrary SQL commands via the encode parameter. NOTE: some of these details are obtained from third part…
|
CWE-89
SQL Injection
|
CVE-2010-2042
|
2010-05-26 13:00 |
2010-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267612
|
- |
|
activehelper
|
com_activehelper_livehelp
|
Multiple cross-site scripting (XSS) vulnerabilities in the ActiveHelper LiveHelp (com_activehelper_livehelp) component 2.0.3 for Joomla! allow remote attackers to inject arbitrary web script or HTML …
|
CWE-79
Cross-site Scripting
|
CVE-2010-2046
|
2010-05-26 13:00 |
2010-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267613
|
- |
|
manageengine
|
adaudit_plus
|
Cross-site scripting (XSS) vulnerability in jsp/audit/reports/ExportReport.jsp in ManageEngine ADAudit Plus 4.0.0 build 4043 allows remote attackers to inject arbitrary web script or HTML via the rep…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2049
|
2010-05-26 13:00 |
2010-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267614
|
- |
|
debliteck
|
dbcart
|
SQL injection vulnerability in article.php in Debliteck DBCart allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2010-2051
|
2010-05-26 13:00 |
2010-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267615
|
- |
|
andreas_schwarzkopf
|
accessibility_glossary
|
SQL injection vulnerability in the Accessibility Glossary (a21glossary) extension 0.4.10 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2009-4803
|
2010-05-26 13:00 |
2010-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267616
|
- |
|
andreas_schwarzkopf
|
accessibility_glossary
|
A fix for this vulnerability was included in 0.4.11. The latest release can be downloaded at:
http://typo3.org/extensions/repository/view/a21glossary/current/
|
CWE-89
SQL Injection
|
CVE-2009-4803
|
2010-05-26 13:00 |
2010-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267617
|
- |
|
sun
|
opensolaris
|
The default configuration of Oracle OpenSolaris snv_91 through snv_131 allows attackers to have an unspecified impact via vectors related to using kclient to join a Windows Active Directory domain.
|
CWE-16
Configuration
|
CVE-2010-0559
|
2010-05-25 14:51 |
2010-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267618
|
- |
|
zabbix
|
zabbix
|
The node_process_command function in Zabbix Server before 1.8 allows remote attackers to execute arbitrary commands via a crafted request.
|
CWE-78
OS Command
|
CVE-2009-4498
|
2010-05-25 14:49 |
2010-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267619
|
- |
|
sun
|
java_system_access_manager
|
Cross-site scripting (XSS) vulnerability in the Cross-Domain Controller (CDC) servlet in Sun Java System Access Manager 6 2005Q1, 7 2005Q4, and 7.1 allows remote attackers to inject arbitrary web scr…
|
CWE-79
Cross-site Scripting
|
CVE-2009-2268
|
2010-05-25 14:45 |
2009-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267620
|
- |
|
sun
|
java_system_access_manager
|
Per: http://secunia.com/advisories/35651
"NOTE: This only affects Sun Java System Access Manager if Cross-Domain Single Sign-On (CDSSO) functionality is enabled."
|
CWE-79
Cross-site Scripting
|
CVE-2009-2268
|
2010-05-25 14:45 |
2009-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
