|
257811
|
- |
|
phpcityportal
|
phpcityportal
|
Multiple SQL injection vulnerabilities in PHPCityPortal allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) video_show.php, (2) spotlight_detail.php, (3) real_estate_…
|
CWE-89
SQL Injection
|
CVE-2010-0974
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257812
|
- |
|
phpcityportal
|
phpcityportal
|
PHP remote file inclusion vulnerability in external.php in PHPCityPortal allows remote attackers to execute arbitrary PHP code via a URL in the url parameter.
|
CWE-94
Code Injection
|
CVE-2010-0975
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257813
|
- |
|
acidcat
|
acidcat_cms
|
Acidcat CMS 3.5.x does not prevent access to install.asp after installation finishes, which might allow remote attackers to restart the installation process and have unspecified other impact via requ…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-0976
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257814
|
- |
|
kmsoft
|
guestbook
|
KMSoft Guestbook (aka GBook) 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/db.…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-0978
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257815
|
- |
|
mitchell_sleeper
|
l4d_stats
|
SQL injection vulnerability in player.php in Left 4 Dead (L4D) Stats 1.1 allows remote attackers to execute arbitrary SQL commands via the steamid parameter.
|
CWE-89
SQL Injection
|
CVE-2010-0980
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257816
|
- |
|
templateplazza
|
com_tpjobs
|
SQL injection vulnerability in the TPJobs (com_tpjobs) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id_c[] parameter in a resadvsearch action to index.php.
|
CWE-89
SQL Injection
|
CVE-2010-0981
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257817
|
- |
|
utilo
|
rezervi
|
PHP remote file inclusion vulnerability in include/mail.inc.php in Rezervi 3.0.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the …
|
CWE-94
Code Injection
|
CVE-2010-0983
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257818
|
- |
|
acidcat
|
acidcat_cms
|
Acidcat CMS 3.5.3 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing credentials via a direc…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-0984
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257819
|
- |
|
chris_simon
|
com_abbrev
|
Directory traversal vulnerability in the Abbreviations Manager (com_abbrev) component 1.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the co…
|
CWE-22
Path Traversal
|
CVE-2010-0985
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257820
|
- |
|
chris_wederka
|
tgm_newsletter
|
SQL injection vulnerability in the TGM-Newsletter (tgm_newsletter) extension 0.0.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2010-1024
|
2017-08-17 10:32 |
2010-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
