|
257681
|
- |
|
phpcityportal
|
phpcityportal
|
PHP remote file inclusion vulnerability in external.php in PHPCityPortal allows remote attackers to execute arbitrary PHP code via a URL in the url parameter.
|
CWE-94
Code Injection
|
CVE-2010-0975
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257682
|
- |
|
acidcat
|
acidcat_cms
|
Acidcat CMS 3.5.x does not prevent access to install.asp after installation finishes, which might allow remote attackers to restart the installation process and have unspecified other impact via requ…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-0976
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257683
|
- |
|
kmsoft
|
guestbook
|
KMSoft Guestbook (aka GBook) 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/db.…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-0978
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257684
|
- |
|
mitchell_sleeper
|
l4d_stats
|
SQL injection vulnerability in player.php in Left 4 Dead (L4D) Stats 1.1 allows remote attackers to execute arbitrary SQL commands via the steamid parameter.
|
CWE-89
SQL Injection
|
CVE-2010-0980
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257685
|
- |
|
templateplazza
|
com_tpjobs
|
SQL injection vulnerability in the TPJobs (com_tpjobs) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id_c[] parameter in a resadvsearch action to index.php.
|
CWE-89
SQL Injection
|
CVE-2010-0981
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257686
|
- |
|
utilo
|
rezervi
|
PHP remote file inclusion vulnerability in include/mail.inc.php in Rezervi 3.0.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the …
|
CWE-94
Code Injection
|
CVE-2010-0983
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257687
|
- |
|
acidcat
|
acidcat_cms
|
Acidcat CMS 3.5.3 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing credentials via a direc…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-0984
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257688
|
- |
|
chris_simon
|
com_abbrev
|
Directory traversal vulnerability in the Abbreviations Manager (com_abbrev) component 1.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the co…
|
CWE-22
Path Traversal
|
CVE-2010-0985
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257689
|
- |
|
chris_wederka
|
tgm_newsletter
|
SQL injection vulnerability in the TGM-Newsletter (tgm_newsletter) extension 0.0.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2010-1024
|
2017-08-17 10:32 |
2010-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257690
|
- |
|
chris_wederka
|
tgm_newsletter
|
Cross-site scripting (XSS) vulnerability in the TGM-Newsletter (tgm_newsletter) extension 0.0.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2010-1025
|
2017-08-17 10:32 |
2010-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
