|
258751
|
- |
|
phpmysite
|
phpmysite
|
Multiple cross-site scripting (XSS) vulnerabilities in contact.php in phpMySite allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) city, (3) email, (4) state, and (5)…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1091
|
2017-08-17 10:32 |
2010-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258752
|
- |
|
scriptsfeed
|
business_directory_software
|
Multiple SQL injection vulnerabilities in login.php in ScriptsFeed Business Directory Software allow remote attackers to execute arbitrary SQL commands via the (1) us and (2) ps parameters.
|
CWE-89
SQL Injection
|
CVE-2010-1092
|
2017-08-17 10:32 |
2010-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258753
|
- |
|
miethner-scripting
|
dz_erotik_auktionshaus_v4rgo
|
SQL injection vulnerability in news.php in DZ EROTIK Auktionshaus V4rgo allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2010-1094
|
2017-08-17 10:32 |
2010-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258754
|
- |
|
zope
|
zope
|
Cross-site scripting (XSS) vulnerability in Zope 2.8.x before 2.8.12, 2.9.x before 2.9.12, 2.10.x before 2.10.11, 2.11.x before 2.11.6, and 2.12.x before 2.12.3 allows remote attackers to inject arbi…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1104
|
2017-08-17 10:32 |
2010-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258755
|
- |
|
advertisementmanager
|
advertisementmanager
|
Cross-site scripting (XSS) vulnerability in cgi/index.php in AdvertisementManager 3.1.0 and 3.6 allows remote attackers to inject arbitrary web script or HTML via the usr parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2010-1105
|
2017-08-17 10:32 |
2010-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258756
|
- |
|
advertisementmanager
|
advertisementmanager
|
PHP remote file inclusion vulnerability in cgi/index.php in AdvertisementManager 3.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the req parameter. NOTE: this can also be le…
|
CWE-94
Code Injection
|
CVE-2010-1106
|
2017-08-17 10:32 |
2010-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258757
|
- |
|
fourkitchens
|
recent_comments
|
Cross-site scripting (XSS) vulnerability in the Recent Comments module 5.x through 5.x-1.2 and 6.x through 6.x-1.0 for Drupal allows remote authenticated users to inject arbitrary web script or HTML …
|
CWE-79
Cross-site Scripting
|
CVE-2010-1107
|
2017-08-17 10:32 |
2010-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258758
|
- |
|
hashmarkconsulting
|
controlpanel
|
Cross-site scripting (XSS) vulnerability in the Control Panel module 5.x through 5.x-1.5 and 6.x through 6.x-1.2 for Drupal allows remote authenticated users, with "administer blocks" privileges, to …
|
CWE-79
Cross-site Scripting
|
CVE-2010-1108
|
2017-08-17 10:32 |
2010-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258759
|
- |
|
djayp
|
phpmysport
|
Multiple SQL injection vulnerabilities in index.php in phpMySport 1.4, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) v2 parameter in a member…
|
CWE-89
SQL Injection
|
CVE-2010-1109
|
2017-08-17 10:32 |
2010-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258760
|
- |
|
djayp
|
phpmysport
|
Directory traversal vulnerability in index.php in phpMySport 1.4 allows remote attackers to list arbitrary directories via a .. (dot dot) in the current_folder parameter.
|
CWE-22
Path Traversal
|
CVE-2010-1110
|
2017-08-17 10:32 |
2010-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
