|
257701
|
- |
|
aspindir
|
erolife_ajxgaleri_vt
|
Erolife AjxGaleri VT stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/ajxgaleri.mdb.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-1064
|
2017-08-17 10:32 |
2010-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257702
|
- |
|
lebisoft
|
ziyaretci_defteri
|
Lebisoft Ziyaretci Defteri 7.4 and 7.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-1065
|
2017-08-17 10:32 |
2010-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257703
|
- |
|
the-ghost
|
ar_web_content_manager
|
AR Web Content Manager (AWCM) 2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for contr…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-1066
|
2017-08-17 10:32 |
2010-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257704
|
- |
|
hasmir_alic
|
e-membres
|
E-membres 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/bdEMembres.mdb.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-1067
|
2017-08-17 10:32 |
2010-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257705
|
- |
|
netwin
|
surgeftp
|
Multiple cross-site scripting (XSS) vulnerabilities in surgeftpmgr.cgi in NetWin SurgeFTP 2.3a6 allow remote attackers to inject arbitrary web script or HTML via the (1) domainid or (2) classid param…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1068
|
2017-08-17 10:32 |
2010-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257706
|
- |
|
imagoscripts
|
deviant_art_clone
|
SQL injection vulnerability in index.php in ImagoScripts Deviant Art Clone allows remote attackers to execute arbitrary SQL commands via the seid parameter in a forums viewcat action.
|
CWE-89
SQL Injection
|
CVE-2010-1070
|
2017-08-17 10:32 |
2010-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257707
|
- |
|
phpmdj
|
phpmdj
|
SQL injection vulnerability in profil.php in phpMDJ 1.0.3 allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2010-1071
|
2017-08-17 10:32 |
2010-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257708
|
- |
|
sniggabo
|
sniggabo_cms
|
Cross-site scripting (XSS) vulnerability in search.php in Sniggabo CMS 2.21 allows remote attackers to inject arbitrary web script or HTML via the q parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2010-1072
|
2017-08-17 10:32 |
2010-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257709
|
- |
|
joshprakash
|
com_jembed
|
SQL injection vulnerability in the jEmbed-Embed Anything (com_jembed) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a summary action to in…
|
CWE-89
SQL Injection
|
CVE-2010-1073
|
2017-08-17 10:32 |
2010-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257710
|
- |
|
2bits
|
currency
|
Cross-site scripting (XSS) vulnerability in the Currency Exchange module before 6.x-1.2 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to w…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1074
|
2017-08-17 10:32 |
2010-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
