|
310541
|
- |
|
smartertools
|
smartermail
|
Directory traversal vulnerability in FileStorageUpload.ashx in SmarterMail 7.1.3876 allows remote attackers to read arbitrary files via a (1) ../ (dot dot slash), (2) %5C (encoded backslash), or (3) …
|
CWE-22
Path Traversal
|
CVE-2010-3486
|
2024-11-21 10:18 |
2010-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310542
|
- |
|
lightneasy
|
lightneasy
|
SQL injection vulnerability in common.php in LightNEasy 3.2.1 allows remote attackers to execute arbitrary SQL commands via the userhandle cookie to LightNEasy.php, a different vector than CVE-2008-6…
|
CWE-89
SQL Injection
|
CVE-2010-3485
|
2024-11-21 10:18 |
2010-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310543
|
- |
|
lightneasy
|
lightneasy
|
SQL injection vulnerability in common.php in LightNEasy 3.2.1 allows remote attackers to execute arbitrary SQL commands via the handle parameter to LightNEasy.php, a different vector than CVE-2008-65…
|
CWE-89
SQL Injection
|
CVE-2010-3484
|
2024-11-21 10:18 |
2010-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310544
|
- |
|
bouzouste
|
primitive_cms
|
cms_write.php in Primitive CMS 1.0.9 does not properly restrict access, which allows remote attackers to gain administrative privileges via a direct request. NOTE: this vulnerability can be leverage…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3483
|
2024-11-21 10:18 |
2010-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310545
|
- |
|
bouzouste
|
primitive_cms
|
Multiple SQL injection vulnerabilities in cms_write.php in Primitive CMS 1.0.9 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) title and (2) menutitle paramete…
|
CWE-89
SQL Injection
|
CVE-2010-3482
|
2024-11-21 10:18 |
2010-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310546
|
- |
|
apphp
|
php_microcms
|
Multiple SQL injection vulnerabilities in login.php in ApPHP PHP MicroCMS 1.0.1, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) user_name and …
|
CWE-89
SQL Injection
|
CVE-2010-3481
|
2024-11-21 10:18 |
2010-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310547
|
- |
|
apphp
|
php_microcms
|
Directory traversal vulnerability in index.php in ApPHP PHP MicroCMS 1.0.1, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) …
|
CWE-22
Path Traversal
|
CVE-2010-3480
|
2024-11-21 10:18 |
2010-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310548
|
- |
|
boutikone
|
boutikone
|
SQL injection vulnerability in list.php in BoutikOne 1.0 allows remote attackers to execute arbitrary SQL commands via the page parameter.
|
CWE-89
SQL Injection
|
CVE-2010-3479
|
2024-11-21 10:18 |
2010-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310549
|
- |
|
microsoft
|
.net_framework
|
Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5 SP1, 3.5.1, and 4.0, as used for ASP.NET in Microsoft Internet Information Services (IIS), provides detailed error codes during decryption …
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2010-3332
|
2024-11-21 10:18 |
2010-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310550
|
- |
|
egroupware
|
egroupware
|
Cross-site scripting (XSS) vulnerability in login.php in EGroupware 1.4.001+.002; 1.6.001+.002 and possibly other versions before 1.6.003; and EPL 9.1 before 9.1.20100309 and 9.2 before 9.2.20100309;…
|
CWE-79
Cross-site Scripting
|
CVE-2010-3314
|
2024-11-21 10:18 |
2010-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
