|
310121
|
- |
|
squirrelmail
|
squirrelmail
|
functions/page_header.php in SquirrelMail 1.4.21 and earlier does not prevent page rendering inside a frame in a third-party HTML document, which makes it easier for remote attackers to conduct click…
|
CWE-20
Improper Input Validation
|
CVE-2010-4554
|
2024-11-21 10:21 |
2011-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310122
|
- |
|
bestsoftinc
|
advance_hotel_booking_system
|
SQL injection vulnerability in index1.php in Best Soft Inc. (BSI) Advance Hotel Booking System 1.0 allows remote attackers to execute arbitrary SQL commands via the page parameter.
|
CWE-89
SQL Injection
|
CVE-2010-4814
|
2024-11-21 10:21 |
2011-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310123
|
- |
|
category_tokens_project
|
category_tokens
|
Cross-site scripting (XSS) vulnerability in the Category Tokens module 6.x before 6.x-1.1 for Drupal allows remote authenticated users with administer taxonomy permissions to inject arbitrary web scr…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4813
|
2024-11-21 10:21 |
2011-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310124
|
- |
|
6kbbs
|
6kbbs
|
Multiple SQL injection vulnerabilities in 6kbbs 8.0 build 20100901 allow remote attackers to execute arbitrary SQL commands via the (1) tids[] parameter to ajaxadmin.php and the (2) msgids[] paramete…
|
CWE-89
SQL Injection
|
CVE-2010-4812
|
2024-11-21 10:21 |
2011-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310125
|
- |
|
6kbbs
|
6kbbs
|
Multiple cross-site scripting (XSS) vulnerabilities in ajaxmember.php in 6kbbs 8.0 build 20100901 allow remote attackers to inject arbitrary web script or HTML via the (1) user[msn], (2) user[email],…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4811
|
2024-11-21 10:21 |
2011-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310126
|
- |
|
awcm-cms
|
ar_web_content_manager
|
Multiple PHP remote file inclusion vulnerabilities in AR Web Content Manager (AWCM) 2.1 final allow remote attackers to execute arbitrary PHP code via a URL in the theme_file parameter to (1) include…
|
CWE-94
Code Injection
|
CVE-2010-4810
|
2024-11-21 10:21 |
2011-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310127
|
- |
|
liberologico
|
dbsite
|
SQL injection vulnerability in index.php in DBSite 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter.
|
CWE-89
SQL Injection
|
CVE-2010-4809
|
2024-11-21 10:21 |
2011-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310128
|
- |
|
valarsoft
|
webmatic
|
SQL injection vulnerability in index.php in Webmatic allows remote attackers to execute arbitrary SQL commands via the p parameter.
|
CWE-89
SQL Injection
|
CVE-2010-4808
|
2024-11-21 10:21 |
2011-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310129
|
- |
|
coppermine-gallery
|
coppermine_photo_gallery
|
Cross-site scripting (XSS) vulnerability in Coppermine Photo Gallery (CPG) before 1.4.27 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2010-4667
|
2024-11-21 10:21 |
2011-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310130
|
- |
|
google
|
android
|
The Android browser in Android before 2.3.4 allows remote attackers to obtain SD card contents via crafted content:// URIs, related to (1) BrowserActivity.java and (2) BrowserSettings.java in com/and…
|
CWE-200
Information Exposure
|
CVE-2010-4804
|
2024-11-21 10:21 |
2011-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
