|
257711
|
- |
|
myshell
|
evalsmsi
|
Cross-site scripting (XSS) vulnerability in ajax.php in evalSMSI 2.1.03 allows remote attackers to inject arbitrary web script or HTML via the return parameter. NOTE: the provenance of this informat…
|
CWE-79
Cross-site Scripting
|
CVE-2010-0617
|
2017-08-17 10:32 |
2010-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257712
|
- |
|
evernewscripts
|
free_joke_script
|
SQL injection vulnerability in viewjokes.php in Evernew Free Joke Script 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2010-0630
|
2017-08-17 10:32 |
2010-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257713
|
- |
|
parkviewconsultants
|
com_simplefaq
|
SQL injection vulnerability in the Parkview Consultants SimpleFAQ (com_simplefaq) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a display …
|
CWE-89
SQL Injection
|
CVE-2010-0632
|
2017-08-17 10:32 |
2010-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257714
|
- |
|
cisco
|
collaboration_server
|
Cross-site scripting (XSS) vulnerability in webline/html/admin/wcs/LoginPage.jhtml in Cisco Collaboration Server (CCS) 5 allows remote attackers to inject arbitrary web script or HTML via the dest pa…
|
CWE-79
Cross-site Scripting
|
CVE-2010-0641
|
2017-08-17 10:32 |
2010-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257715
|
- |
|
cisco
|
collaboration_server
|
Cisco Collaboration Server (CCS) 5 allows remote attackers to read the source code of JHTML files via URL encoded characters in the filename extension, as demonstrated by (1) changing .jhtml to %2Ejh…
|
CWE-200
Information Exposure
|
CVE-2010-0642
|
2017-08-17 10:32 |
2010-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257716
|
- |
|
xs4all
|
jag
|
JAG (Just Another Guestbook) 1.14 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-0665
|
2017-08-17 10:32 |
2010-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257717
|
- |
|
moinmo
|
moinmoin
|
Unspecified vulnerability in MoinMoin 1.5.x through 1.7.x, 1.8.x before 1.8.7, and 1.9.x before 1.9.2 has unknown impact and attack vectors, related to configurations that have a non-empty superuser …
|
NVD-CWE-noinfo
|
CVE-2010-0668
|
2017-08-17 10:32 |
2010-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257718
|
- |
|
iptechinside
|
com_jquarks
|
Unspecified vulnerability in the IP-Tech JQuarks (com_jquarks) Component before 0.2.4 for Joomla! allows attackers to obtain the installation path for Joomla! via unknown vectors.
|
CWE-200
Information Exposure
|
CVE-2010-0670
|
2017-08-17 10:32 |
2010-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257719
|
- |
|
webmastersite
|
wsn_guest
|
SQL injection vulnerability in index.php in WSN Guest 1.02 allows remote attackers to execute arbitrary SQL commands via the orderlinks parameter.
|
CWE-89
SQL Injection
|
CVE-2010-0672
|
2017-08-17 10:32 |
2010-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257720
|
- |
|
2enetworx
|
statcountex
|
StatCounteX 3.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for path/stats.mdb.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-0674
|
2017-08-17 10:32 |
2010-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
