|
347001
|
- |
|
masa2el
|
music_city
|
SQL injection vulnerability in index.php in MASA2EL Music City 1.0 and 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter in a singer action.
|
CWE-89
SQL Injection
|
CVE-2010-1047
|
2017-08-17 10:32 |
2010-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347002
|
- |
|
zentracking
|
zen_time_tracking
|
Multiple SQL injection vulnerabilities in Zen Time Tracking 2.2 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) p…
|
CWE-89
SQL Injection
|
CVE-2010-1053
|
2017-08-17 10:32 |
2010-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347003
|
- |
|
tufat
|
osdate
|
Multiple PHP remote file inclusion vulnerabilities in osDate 2.1.9 and 2.5.4, when magic_quotes_gpc is disabled and register_globals is enabled, allow remote attackers to execute arbitrary PHP code v…
|
CWE-94
Code Injection
|
CVE-2010-1055
|
2017-08-17 10:32 |
2010-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347004
|
- |
|
rockettheme
|
com_rokdownloads
|
Directory traversal vulnerability in the RokDownloads (com_rokdownloads) component before 1.0.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in …
|
CWE-22
Path Traversal
|
CVE-2010-1056
|
2017-08-17 10:32 |
2010-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347005
|
- |
|
phpkobo
|
adfreely
|
Multiple directory traversal vulnerabilities in Phpkobo AdFreely (aka Ad Board Script) 1.01, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via…
|
CWE-22
Path Traversal
|
CVE-2010-1057
|
2017-08-17 10:32 |
2010-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347006
|
- |
|
phpkobo
|
address_book_script
|
Directory traversal vulnerability in codelib/cfg/common.inc.php in Phpkobo Address Book Script 1.09, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local …
|
CWE-22
Path Traversal
|
CVE-2010-1058
|
2017-08-17 10:32 |
2010-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347007
|
- |
|
aspindir
|
erolife_ajxgaleri_vt
|
Erolife AjxGaleri VT stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/ajxgaleri.mdb.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-1064
|
2017-08-17 10:32 |
2010-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347008
|
- |
|
lebisoft
|
ziyaretci_defteri
|
Lebisoft Ziyaretci Defteri 7.4 and 7.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-1065
|
2017-08-17 10:32 |
2010-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347009
|
- |
|
the-ghost
|
ar_web_content_manager
|
AR Web Content Manager (AWCM) 2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for contr…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-1066
|
2017-08-17 10:32 |
2010-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347010
|
- |
|
hasmir_alic
|
e-membres
|
E-membres 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/bdEMembres.mdb.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-1067
|
2017-08-17 10:32 |
2010-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
