|
257901
|
- |
|
systemsoftware
|
erotik_auktionshaus
|
SQL injection vulnerability in news.php in Erotik Auktionshaus allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2010-0720
|
2017-08-17 10:32 |
2010-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257902
|
- |
|
systemsoftware
|
auktionshaus_gelb
|
SQL injection vulnerability in news.php in Auktionshaus Gelb 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2010-0721
|
2017-08-17 10:32 |
2010-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257903
|
- |
|
mhproducts
|
php_auktion_pro
|
SQL injection vulnerability in news.php in Php Auktion Pro allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2010-0722
|
2017-08-17 10:32 |
2010-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257904
|
- |
|
mhproducts
|
ero_auktion
|
SQL injection vulnerability in news.php in Ero Auktion 2.0 and 2010 allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2010-0723
|
2017-08-17 10:32 |
2010-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257905
|
- |
|
freedesktop
|
policykit
|
pkexec.c in pkexec in libpolkit in PolicyKit 0.96 allows local users to determine the existence of arbitrary files via the argument.
|
CWE-200
Information Exposure
|
CVE-2010-0750
|
2017-08-17 10:32 |
2010-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257906
|
- |
|
earl_dunovant
|
week
|
The week_post_page function in the Weekly Archive by Node Type module 6.x before 6.x-2.7 for Drupal does not properly implement node access restrictions when constructing SQL queries, which allows re…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-0752
|
2017-08-17 10:32 |
2010-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257907
|
- |
|
componentslab
|
com_sqlreport
|
SQL injection vulnerability in the SQL Reports (com_sqlreport) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter to ajax/print.php. NOTE: …
|
CWE-89
SQL Injection
|
CVE-2010-0753
|
2017-08-17 10:32 |
2010-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257908
|
- |
|
wikyblog
|
wikyblog
|
PHP remote file inclusion vulnerability in include/WBmap.php in WikyBlog 1.7.3 rc2 allows remote attackers to execute arbitrary PHP code via a URL in the langFile parameter.
|
CWE-94
Code Injection
|
CVE-2010-0755
|
2017-08-17 10:32 |
2010-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257909
|
- |
|
wikyblog
|
wikyblog
|
Session fixation vulnerability in WikyBlog 1.7.3 rc2 allows remote attackers to hijack web sessions by setting the jsessionid parameter to (1) index.php/Comment/Main, (2) index.php/Comment/Main/Home_…
|
CWE-287
Improper Authentication
|
CVE-2010-0756
|
2017-08-17 10:32 |
2010-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257910
|
- |
|
wikyblog
|
wikyblog
|
Unrestricted file upload vulnerability in index.php/Attach in WikyBlog 1.7.3rc2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension using the …
|
NVD-CWE-Other
|
CVE-2010-0757
|
2017-08-17 10:32 |
2010-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
