|
346971
|
- |
|
magnoware
|
datatrack_system
|
DataTrack System 3.5 allows remote attackers to bypass intended restrictions on file extensions, and read arbitrary files, via a trailing backslash in a URI, as demonstrated by (1) web.config\ and (2…
|
CWE-20
Improper Input Validation
|
CVE-2010-2079
|
2017-08-17 10:32 |
2010-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346972
|
- |
|
ibm
|
communications_server
|
The npb_protocol_error function in sna V5router64 in IBM Communications Server for Windows 6.1.3 and Communications Server for AIX (aka CSAIX or CS/AIX) in sna.rte before 6.3.1.2 allows remote attack…
|
CWE-20
Improper Input Validation
|
CVE-2010-2090
|
2017-08-17 10:32 |
2010-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346973
|
- |
|
pacifictimesheet
|
pacific_timesheet
|
Cross-site request forgery (CSRF) vulnerability in user/user-set.do in Pacific Timesheet 6.74 build 363 allows remote attackers to hijack the authentication of administrators for requests that create…
|
CWE-352
Origin Validation Error
|
CVE-2010-2111
|
2017-08-17 10:32 |
2010-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346974
|
- |
|
uniformserver
|
uniformserver
|
Multiple cross-site request forgery (CSRF) vulnerabilities in The Uniform Server 5.6.5 allow remote attackers to hijack the authentication of administrators for requests that change passwords via (1)…
|
CWE-352
Origin Validation Error
|
CVE-2010-2113
|
2017-08-17 10:32 |
2010-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346975
|
- |
|
speedtech
|
storm
|
Multiple cross-site scripting (XSS) vulnerabilities in the Storm module 5.x and 6.x before 6.x-1.33 for Drupal allow remote authenticated users, with certain module privileges, to inject arbitrary we…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2123
|
2017-08-17 10:32 |
2010-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346976
|
- |
|
bartels-schoene
|
conpresso
|
SQL injection vulnerability in firma.php in Bartels Schone ConPresso 4.0.7 allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2010-2124
|
2017-08-17 10:32 |
2010-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346977
|
- |
|
systemseed
|
rotor
|
Multiple cross-site scripting (XSS) vulnerabilities in the Rotor Banner module 5.x before 5.x-1.8 and 6.x before 6.x-2.5 for Drupal allow remote authenticated users, with "create rotor item" or "edit…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2125
|
2017-08-17 10:32 |
2010-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346978
|
- |
|
snipegallery
|
snipe_gallery
|
Multiple PHP remote file inclusion vulnerabilities in Snipe Gallery 3.1.5 allow remote attackers to execute arbitrary PHP code via a URL in the cfg_admin_path parameter to (1) index.php, (2) view.php…
|
CWE-94
Code Injection
|
CVE-2010-2126
|
2017-08-17 10:32 |
2010-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346979
|
- |
|
jv2design
|
jv2_folder_gallery
|
PHP remote file inclusion vulnerability in gallery.php in JV2 Folder Gallery 3.1 allows remote attackers to execute arbitrary PHP code via a URL in the lang_file parameter.
|
CWE-94
Code Injection
|
CVE-2010-2127
|
2017-08-17 10:32 |
2010-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346980
|
- |
|
harmistechnology
|
com_jequoteform
|
Directory traversal vulnerability in the JE Quotation Form (com_jequoteform) component 1.0b1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via…
|
CWE-22
Path Traversal
|
CVE-2010-2128
|
2017-08-17 10:32 |
2010-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
