|
257801
|
- |
|
preprojects
|
pre_e-learning_portal
|
SQL injection vulnerability in search_result.asp in Pre Projects Pre E-Learning Portal allows remote attackers to execute arbitrary SQL commands via the course_ID parameter.
|
CWE-89
SQL Injection
|
CVE-2010-0954
|
2017-08-17 10:32 |
2010-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257802
|
- |
|
media-products
|
bild_flirt_community
|
SQL injection vulnerability in index.php in Bild Flirt Community 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2010-0955
|
2017-08-17 10:32 |
2010-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257803
|
- |
|
saskia_bruckner
|
saskias_shopsystem
|
Directory traversal vulnerability in content.php in Saskia's Shopsystem beta1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the…
|
CWE-22
Path Traversal
|
CVE-2010-0957
|
2017-08-17 10:32 |
2010-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257804
|
- |
|
media-products
|
eros_webkatalog
|
SQL injection vulnerability in start.php in Eros Webkatalog allows remote attackers to execute arbitrary SQL commands via the id parameter in a rubrik action.
|
CWE-89
SQL Injection
|
CVE-2010-0964
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257805
|
- |
|
jevci.net
|
jevci_siparis_formu_scripti
|
Jevci Siparis Formu Scripti stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for siparis.mdb.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-0965
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257806
|
- |
|
geekhelps
|
admp
|
Multiple directory traversal vulnerabilities in Geekhelps ADMP 1.01, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via directory traversal seq…
|
CWE-22
Path Traversal
|
CVE-2010-0967
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257807
|
- |
|
jorik_berkepas
|
phpmylogon
|
SQL injection vulnerability in phpmylogon.php in PhpMyLogon 2 allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from thir…
|
CWE-89
SQL Injection
|
CVE-2010-0970
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257808
|
- |
|
atutor
|
atutor
|
Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.6.4 allow remote authenticated users, with Instructor privileges, to inject arbitrary web script or HTML via the (1) Question and (2) C…
|
CWE-79
Cross-site Scripting
|
CVE-2010-0971
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257809
|
- |
|
g4j.laoneo
|
com_gcalendar
|
Directory traversal vulnerability in the GCalendar (com_gcalendar) component 2.1.5 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controlle…
|
CWE-22
Path Traversal
|
CVE-2010-0972
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257810
|
- |
|
scripteverkauf
|
domain_verkaus_and_auktions_portal
|
SQL injection vulnerability in index.php in phppool media Domain Verkaus and Auktions Portal allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2010-0973
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
