|
310561
|
- |
|
netartmedia
|
real_estate_portal
|
Cross-site scripting (XSS) vulnerability in AGENTS/index.php in NetArt MEDIA Real Estate Portal 2.0 allows remote authenticated users to inject arbitrary web script or HTML via the id parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2010-3607
|
2024-11-21 10:19 |
2010-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310562
|
- |
|
netartmedia
|
real_estate_portal
|
Multiple directory traversal vulnerabilities in AGENTS/index.php in NetArt MEDIA Real Estate Portal 2.0 allow remote emote attackers to include and execute arbitrary local files via directory travers…
|
CWE-22
Path Traversal
|
CVE-2010-3606
|
2024-11-21 10:19 |
2010-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310563
|
- |
|
alex_kellner
|
powermail
|
Cross-site scripting (XSS) vulnerability in the powermail extension 1.5.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2010-3605
|
2024-11-21 10:19 |
2010-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310564
|
- |
|
alex_kellner
|
powermail
|
SQL injection vulnerability in the powermail extension 1.5.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2010-3604
|
2024-11-21 10:19 |
2010-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310565
|
- |
|
sourcetreesolutions
|
mojoportal
|
Cross-site request forgery (CSRF) vulnerability in the file manager service (Services/FileService.ashx) in mojoPortal 2.3.4.3 and 2.3.5.1 allows remote attackers to hijack the authentication of admin…
|
CWE-352
Origin Validation Error
|
CVE-2010-3603
|
2024-11-21 10:19 |
2010-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310566
|
- |
|
sourcetreesolutions
|
mojoportal
|
Cross-site scripting (XSS) vulnerability in ProfileView.aspx in mojoPortal 2.3.4.3 and 2.3.5.1 allows remote attackers to inject arbitrary web script or HTML via the User ID parameter. NOTE: some of…
|
CWE-79
Cross-site Scripting
|
CVE-2010-3602
|
2024-11-21 10:19 |
2010-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310567
|
- |
|
invisionpower
|
ibphotohost
|
SQL injection vulnerability in index.php in ibPhotohost 1.1.2 allows remote attackers to execute arbitrary SQL commands via the img parameter.
|
CWE-89
SQL Injection
|
CVE-2010-3601
|
2024-11-21 10:19 |
2010-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310568
|
5.9 |
MEDIUM
Network
|
owasp
|
enterprise_security_api_for_java
|
It was found that all OWASP ESAPI for Java up to version 2.0 RC2 are vulnerable to padding oracle attacks.
|
-
|
CVE-2010-3300
|
2024-11-21 10:18 |
2021-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310569
|
3.3 |
LOW
Local
|
hp
redhat
fedoraproject
|
hp-ux_directory_server
redhat_directory_server
389_directory_server
directory_server
|
389 Directory Server before 1.2.7.1 (aka Red Hat Directory Server 8.2) and HP-UX Directory Server before B.08.10.03, when audit logging is enabled, logs the Directory Manager password (nsslapd-rootpw…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2010-3282
|
2024-11-21 10:18 |
2020-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310570
|
5.5 |
MEDIUM
Local
|
babiloo_project
debian
|
babiloo
debian_linux
|
babiloo 2.0.9 before 2.0.11 creates temporary files with predictable names when downloading and unpacking dictionary files, allowing a local attacker to overwrite arbitrary files.
|
CWE-494
Download of Code Without Integrity Check
|
CVE-2010-3440
|
2024-11-21 10:18 |
2019-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
