|
260161
|
- |
|
geekhelps
|
admp
|
Multiple directory traversal vulnerabilities in Geekhelps ADMP 1.01, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via directory traversal seq…
|
CWE-22
Path Traversal
|
CVE-2010-0967
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260162
|
- |
|
jorik_berkepas
|
phpmylogon
|
SQL injection vulnerability in phpmylogon.php in PhpMyLogon 2 allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from thir…
|
CWE-89
SQL Injection
|
CVE-2010-0970
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260163
|
- |
|
atutor
|
atutor
|
Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.6.4 allow remote authenticated users, with Instructor privileges, to inject arbitrary web script or HTML via the (1) Question and (2) C…
|
CWE-79
Cross-site Scripting
|
CVE-2010-0971
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260164
|
- |
|
g4j.laoneo
|
com_gcalendar
|
Directory traversal vulnerability in the GCalendar (com_gcalendar) component 2.1.5 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controlle…
|
CWE-22
Path Traversal
|
CVE-2010-0972
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260165
|
- |
|
scripteverkauf
|
domain_verkaus_and_auktions_portal
|
SQL injection vulnerability in index.php in phppool media Domain Verkaus and Auktions Portal allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2010-0973
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260166
|
- |
|
phpcityportal
|
phpcityportal
|
Multiple SQL injection vulnerabilities in PHPCityPortal allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) video_show.php, (2) spotlight_detail.php, (3) real_estate_…
|
CWE-89
SQL Injection
|
CVE-2010-0974
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260167
|
- |
|
phpcityportal
|
phpcityportal
|
PHP remote file inclusion vulnerability in external.php in PHPCityPortal allows remote attackers to execute arbitrary PHP code via a URL in the url parameter.
|
CWE-94
Code Injection
|
CVE-2010-0975
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260168
|
- |
|
acidcat
|
acidcat_cms
|
Acidcat CMS 3.5.x does not prevent access to install.asp after installation finishes, which might allow remote attackers to restart the installation process and have unspecified other impact via requ…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-0976
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260169
|
- |
|
kmsoft
|
guestbook
|
KMSoft Guestbook (aka GBook) 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/db.…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-0978
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260170
|
- |
|
mitchell_sleeper
|
l4d_stats
|
SQL injection vulnerability in player.php in Left 4 Dead (L4D) Stats 1.1 allows remote attackers to execute arbitrary SQL commands via the steamid parameter.
|
CWE-89
SQL Injection
|
CVE-2010-0980
|
2017-08-17 10:32 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
