|
257611
|
- |
|
zipgenius
|
zipgenius
|
Stack-based buffer overflow in zgtips.dll in ZipGenius 6.3.1.2552 allows user-assisted remote attackers to execute arbitrary code via a ZIP file containing an entry with a long filename.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-1597
|
2017-08-17 10:32 |
2010-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257612
|
- |
|
silisoftware
|
phpthumb\(\)
|
phpThumb.php in phpThumb() 1.7.9 and possibly other versions, when ImageMagick is installed, allows remote attackers to execute arbitrary commands via the fltr[] parameter, as discovered in the wild …
|
CWE-20
Improper Input Validation
|
CVE-2010-1598
|
2017-08-17 10:32 |
2010-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257613
|
- |
|
nkinfoweb
|
nkinfoweb
|
SQL injection vulnerability in loadorder.php in NKInFoWeb 2.5 and 5.2.2.0 allows remote attackers to execute arbitrary SQL commands via the id_sp parameter.
|
CWE-89
SQL Injection
|
CVE-2010-1599
|
2017-08-17 10:32 |
2010-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257614
|
- |
|
thefactory
|
com_mediamall
|
SQL injection vulnerability in the Media Mall Factory (com_mediamall) component 1.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter to index.php.
|
CWE-89
SQL Injection
|
CVE-2010-1600
|
2017-08-17 10:32 |
2010-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257615
|
- |
|
joomlamart
|
com_jacomment
|
Directory traversal vulnerability in the JA Comment (com_jacomment) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php.
|
CWE-22
Path Traversal
|
CVE-2010-1601
|
2017-08-17 10:32 |
2010-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257616
|
- |
|
ncrypted
|
nct_jobs_portal_script
|
Multiple SQL injection vulnerabilities in admin_login.php in NCT Jobs Portal Script allow remote attackers to execute arbitrary SQL commands via the (1) user parameter (aka login field) and (2) passw…
|
CWE-89
SQL Injection
|
CVE-2010-1604
|
2017-08-17 10:32 |
2010-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257617
|
- |
|
ncrypted
|
nct_jobs_portal_script
|
Multiple SQL injection vulnerabilities in isearch.php in NCT Jobs Portal Script allow remote attackers to execute arbitrary SQL commands via the (1) anyword and (2) cityname parameters. NOTE: the pr…
|
CWE-89
SQL Injection
|
CVE-2010-1605
|
2017-08-17 10:32 |
2010-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257618
|
- |
|
ncrypted
|
nct_jobs_portal_script
|
Multiple cross-site scripting (XSS) vulnerabilities in NCT Jobs Portal Script allow remote attackers to inject arbitrary web script or HTML via the (1) search, (2) Keywords, (3) Tags, or (4) Desired …
|
CWE-79
Cross-site Scripting
|
CVE-2010-1606
|
2017-08-17 10:32 |
2010-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257619
|
- |
|
paysyspro
|
com_wmi
|
Directory traversal vulnerability in wmi.php in the Webmoney Web Merchant Interface (aka WMI or com_wmi) component 1.5.0 for Joomla! allows remote attackers to include and execute arbitrary local fil…
|
CWE-22
Path Traversal
|
CVE-2010-1607
|
2017-08-17 10:32 |
2010-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257620
|
- |
|
alegrocart
|
alegrocart
|
Cross-site request forgery (CSRF) vulnerability in AlegroCart 1.1 allows remote attackers to hijack the authentication of the administrator for requests that reset the administrator password via a PO…
|
CWE-352
Origin Validation Error
|
CVE-2010-1611
|
2017-08-17 10:32 |
2010-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
