|
355421
|
- |
|
preprojects
|
pre_classified_listings_asp
|
Cross-site scripting (XSS) vulnerability in signup.asp in Pre Classified Listings ASP allows remote attackers to inject arbitrary web script or HTML via the address parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2010-1371
|
2010-04-15 06:03 |
2010-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355422
|
- |
|
preprojects
|
pre_classified_listings_asp
|
SQL injection vulnerability in signup.asp in Pre Classified Listings ASP allows remote attackers to execute arbitrary SQL commands via the email parameter.
|
CWE-89
SQL Injection
|
CVE-2010-1369
|
2010-04-15 05:58 |
2010-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355423
|
- |
|
uiga
|
fan_club
|
Multiple SQL injection vulnerabilities in admin/admin_login.php in Uiga Fan Club 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) admin_name and (2) admin_password…
|
CWE-89
SQL Injection
|
CVE-2010-1366
|
2010-04-15 05:49 |
2010-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355424
|
- |
|
uiga
|
personal_portal
|
SQL injection vulnerability in index.php in Uiga Personal Portal, as downloaded on 20100301, allows remote attackers to execute arbitrary SQL commands via the id parameter in a photos action. NOTE: …
|
CWE-89
SQL Injection
|
CVE-2010-1364
|
2010-04-15 04:37 |
2010-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355425
|
- |
|
ben_jeavons
|
ownterm
|
Cross-site scripting (XSS) vulnerability in the Own Term module 6.x-1.0 for Drupal allows remote authenticated users, with "create additional terms" privileges, to inject arbitrary web script or HTML…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1362
|
2010-04-14 22:59 |
2010-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355426
|
- |
|
yasirpro
|
ms-pro_portal_scripti
|
YP Portal MS-Pro Surumu (aka MS-Pro Portal Scripti) 1.0 and 1.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-4766
|
2010-04-14 21:44 |
2010-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355427
|
- |
|
ron_jerome
|
bibliography
|
Cross-site scripting (XSS) vulnerability in the Bibliography (Biblio) module 5.x through 5.x-1.17 and 6.x through 6.x-1.9 for Drupal allows remote authenticated users, with "administer biblio" privil…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1358
|
2010-04-14 13:00 |
2010-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355428
|
- |
|
uiga
|
fan_club
|
SQL injection vulnerability in index.php in Uiga Fan Club, as downloaded on 20100310, allows remote attackers to execute arbitrary SQL commands via the id parameter in a photos action.
|
CWE-89
SQL Injection
|
CVE-2010-1365
|
2010-04-14 13:00 |
2010-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355429
|
- |
|
uiga
|
fan_club
|
Multiple cross-site scripting (XSS) vulnerabilities in admin/admin_login.php in Uiga Fan Club, as downloaded on 20100310, allow remote attackers to inject arbitrary web script or HTML via the (1) adm…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1367
|
2010-04-14 13:00 |
2010-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355430
|
- |
|
preprojects
|
pre_classified_listings_asp
|
SQL injection vulnerability in detailad.asp in Pre Classified Listings ASP allows remote attackers to execute arbitrary SQL commands via the siteid parameter.
|
CWE-89
SQL Injection
|
CVE-2010-1370
|
2010-04-14 13:00 |
2010-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
