|
260211
|
- |
|
pacifictimesheet
|
pacific_timesheet
|
Cross-site request forgery (CSRF) vulnerability in user/user-set.do in Pacific Timesheet 6.74 build 363 allows remote attackers to hijack the authentication of administrators for requests that create…
|
CWE-352
Origin Validation Error
|
CVE-2010-2111
|
2017-08-17 10:32 |
2010-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260212
|
- |
|
uniformserver
|
uniformserver
|
Multiple cross-site request forgery (CSRF) vulnerabilities in The Uniform Server 5.6.5 allow remote attackers to hijack the authentication of administrators for requests that change passwords via (1)…
|
CWE-352
Origin Validation Error
|
CVE-2010-2113
|
2017-08-17 10:32 |
2010-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260213
|
- |
|
bartels-schoene
|
conpresso
|
SQL injection vulnerability in firma.php in Bartels Schone ConPresso 4.0.7 allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2010-2124
|
2017-08-17 10:32 |
2010-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260214
|
- |
|
speedtech
|
storm
|
Multiple cross-site scripting (XSS) vulnerabilities in the Storm module 5.x and 6.x before 6.x-1.33 for Drupal allow remote authenticated users, with certain module privileges, to inject arbitrary we…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2123
|
2017-08-17 10:32 |
2010-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260215
|
- |
|
systemseed
|
rotor
|
Multiple cross-site scripting (XSS) vulnerabilities in the Rotor Banner module 5.x before 5.x-1.8 and 6.x before 6.x-2.5 for Drupal allow remote authenticated users, with "create rotor item" or "edit…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2125
|
2017-08-17 10:32 |
2010-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260216
|
- |
|
snipegallery
|
snipe_gallery
|
Multiple PHP remote file inclusion vulnerabilities in Snipe Gallery 3.1.5 allow remote attackers to execute arbitrary PHP code via a URL in the cfg_admin_path parameter to (1) index.php, (2) view.php…
|
CWE-94
Code Injection
|
CVE-2010-2126
|
2017-08-17 10:32 |
2010-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260217
|
- |
|
jv2design
|
jv2_folder_gallery
|
PHP remote file inclusion vulnerability in gallery.php in JV2 Folder Gallery 3.1 allows remote attackers to execute arbitrary PHP code via a URL in the lang_file parameter.
|
CWE-94
Code Injection
|
CVE-2010-2127
|
2017-08-17 10:32 |
2010-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260218
|
- |
|
harmistechnology
|
com_jequoteform
|
Directory traversal vulnerability in the JE Quotation Form (com_jequoteform) component 1.0b1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via…
|
CWE-22
Path Traversal
|
CVE-2010-2128
|
2017-08-17 10:32 |
2010-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260219
|
- |
|
harmistechnology
|
com_jeajaxeventcalendar
|
Directory traversal vulnerability in the JE Ajax Event Calendar (com_jeajaxeventcalendar) component 1.0.1 and 1.0.3 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in t…
|
CWE-22
Path Traversal
|
CVE-2010-2129
|
2017-08-17 10:32 |
2010-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260220
|
- |
|
danny_ho
|
oes
|
Multiple PHP remote file inclusion vulnerabilities in Open Education System (OES) 0.1 beta allow remote attackers to execute arbitrary PHP code via a URL in the CONF_INCLUDE_PATH parameter to (1) for…
|
CWE-94
Code Injection
|
CVE-2010-2132
|
2017-08-17 10:32 |
2010-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
