|
257961
|
- |
|
saskia_bruckner
|
saskias_shopsystem
|
Directory traversal vulnerability in content.php in Saskia's Shopsystem beta1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the…
|
CWE-22
Path Traversal
|
CVE-2010-0957
|
2017-08-17 10:32 |
2010-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257962
|
- |
|
media-products
|
eros_webkatalog
|
SQL injection vulnerability in start.php in Eros Webkatalog allows remote attackers to execute arbitrary SQL commands via the id parameter in a rubrik action.
|
CWE-89
SQL Injection
|
CVE-2010-0964
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257963
|
- |
|
jevci.net
|
jevci_siparis_formu_scripti
|
Jevci Siparis Formu Scripti stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for siparis.mdb.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-0965
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257964
|
- |
|
geekhelps
|
admp
|
Multiple directory traversal vulnerabilities in Geekhelps ADMP 1.01, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via directory traversal seq…
|
CWE-22
Path Traversal
|
CVE-2010-0967
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257965
|
- |
|
jorik_berkepas
|
phpmylogon
|
SQL injection vulnerability in phpmylogon.php in PhpMyLogon 2 allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from thir…
|
CWE-89
SQL Injection
|
CVE-2010-0970
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257966
|
- |
|
atutor
|
atutor
|
Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.6.4 allow remote authenticated users, with Instructor privileges, to inject arbitrary web script or HTML via the (1) Question and (2) C…
|
CWE-79
Cross-site Scripting
|
CVE-2010-0971
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257967
|
- |
|
g4j.laoneo
|
com_gcalendar
|
Directory traversal vulnerability in the GCalendar (com_gcalendar) component 2.1.5 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controlle…
|
CWE-22
Path Traversal
|
CVE-2010-0972
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257968
|
- |
|
scripteverkauf
|
domain_verkaus_and_auktions_portal
|
SQL injection vulnerability in index.php in phppool media Domain Verkaus and Auktions Portal allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2010-0973
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257969
|
- |
|
phpcityportal
|
phpcityportal
|
Multiple SQL injection vulnerabilities in PHPCityPortal allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) video_show.php, (2) spotlight_detail.php, (3) real_estate_…
|
CWE-89
SQL Injection
|
CVE-2010-0974
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257970
|
- |
|
phpcityportal
|
phpcityportal
|
PHP remote file inclusion vulnerability in external.php in PHPCityPortal allows remote attackers to execute arbitrary PHP code via a URL in the url parameter.
|
CWE-94
Code Injection
|
CVE-2010-0975
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
