Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-5036 | 1 Iscripts | 1 Eswap | 2017-08-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in addsale.php in iScripts eSwap 2.0 allows remote attackers to execute arbitrary SQL commands via the type parameter. | |||||
| CVE-2010-5039 | 1 Scriptsfeed | 1 Recipes Listing Portal | 2017-08-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in control/admin_login.php in ScriptsFeed Recipes Listing Portal 1.0 allows remote attackers to execute arbitrary SQL commands via the loginid parameter (aka the UserName field). NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-5041 | 2 John Bradshaw, Nucleuscms | 2 Np Gallery Plugin, Nucleus | 2017-08-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the NP_Gallery plugin 0.94 for Nucleus allows remote attackers to execute arbitrary SQL commands via the id parameter in a plugin action. | |||||
| CVE-2010-5042 | 2 Blueconstantmedia, Joomla | 2 Com Djartgallery, Joomla\! | 2017-08-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the DJ-ArtGallery (com_djartgallery) component 0.9.1 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the cid[] parameter in an editItem action to administrator/index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-5043 | 2 Blueconstantmedia, Joomla | 2 Com Djartgallery, Joomla\! | 2017-08-28 | 6.0 MEDIUM | N/A |
| SQL injection vulnerability in the DJ-ArtGallery (com_djartgallery) component 0.9.1 for Joomla! allows remote authenticated users to execute arbitrary SQL commands via the cid[] parameter in an editItem action to administrator/index.php. | |||||
| CVE-2010-5044 | 2 Joomla, Kanich | 2 Joomla\!, Com Searchlog | 2017-08-28 | 6.0 MEDIUM | N/A |
| SQL injection vulnerability in models/log.php in the Search Log (com_searchlog) component 3.1.0 for Joomla! allows remote authenticated users, with Public Back-end privileges, to execute arbitrary SQL commands via the search parameter in a log action to administrator/index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-5045 | 1 Sellatsite | 1 Smart Asp Survey | 2017-08-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in poll/default.asp in Smart ASP Survey allows remote attackers to inject arbitrary web script or HTML via the catid parameter. | |||||
| CVE-2010-5047 | 1 V-eva | 1 Press Release Script | 2017-08-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in page.php in V-EVA Press Release Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-5050 | 1 Zohocorp | 1 Manageengine Admanager Plus | 2017-08-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in jsp/admin/tools/remote_share.jsp in ManageEngine ADManager Plus 4.4.0 allows remote attackers to inject arbitrary web script or HTML via the computerName parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2010-5055 | 1 Almnzm | 1 Almnzm | 2017-08-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Almnzm 2.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-5056 | 2 Gbu Grafici, Joomla | 2 Com Gbufacebook, Joomla\! | 2017-08-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the GBU Facebook (com_gbufacebook) component 1.0.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the face_id parameter in a show_face action to index.php. | |||||
| CVE-2010-5057 | 1 Alephsystem | 1 Cms Ariadna | 2017-08-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in detResolucion.php in CMS Ariadna 1.1 allows remote attackers to execute arbitrary SQL commands via the tipodoc_id parameter. | |||||
| CVE-2010-5058 | 1 Alephsystem | 1 Cms Ariadna | 2017-08-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in detResolucion.php in CMS Ariadna 1.1 allows remote attackers to execute arbitrary SQL commands via the res_id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2010-5060 | 1 Internet-works | 1 Nus Newssystem | 2017-08-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Nus.php in NUs Newssystem 1.02 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-5061 | 1 Rsstatic | 1 Rsstatic | 2017-08-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in RSStatic allows remote attackers to execute arbitrary SQL commands via the maxarticles parameter. | |||||
| CVE-2010-5062 | 1 Mh Products | 1 Kleinanzeigenmarkt | 2017-08-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in search.php in MH Products kleinanzeigenmarkt allows remote attackers to execute arbitrary SQL commands via the c parameter. | |||||
| CVE-2010-5078 | 1 Silverstripe | 1 Silverstripe | 2017-08-28 | 5.0 MEDIUM | N/A |
| SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain version information via a direct request to (1) apphire/silverstripe_version or (2) cms/silverstripe_version. | |||||
| CVE-2010-5085 | 1 Hulihanapplications | 1 Amethyst | 2017-08-28 | 6.8 MEDIUM | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in admin/update_user in Hulihan Amethyst 0.1.5, and possibly earlier, allow remote attackers to hijack the authentication of administrators for requests that (1) change the administrative password or (2) change the site's configuration. | |||||
| CVE-2010-5088 | 1 Silverstripe | 1 Silverstripe | 2017-08-28 | 6.8 MEDIUM | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in SilverStripe 2.3.x before 2.3.9 and 2.4.x before 2.4.3 allow remote attackers to hijack the authentication of administrators via destructive controller actions, a different vulnerability than CVE-2010-5087. | |||||
| CVE-2010-5095 | 1 Silverstripe | 1 Silverstripe | 2017-08-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in SilverStripe 2.3.x before 2.3.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to DataObjectSet pagination. | |||||