Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-0688 | 1 Orbitals | 1 Orbital Viewer | 2017-08-16 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Orbital Viewer 1.04 allows user-assisted remote attackers to execute arbitrary code via a crafted (1) .orb or (2) .ov file. | |||||
| CVE-2010-0690 | 1 Commodityrentals | 1 Video Games Rentals | 2017-08-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in CommodityRentals Video Games Rentals allows remote attackers to execute arbitrary SQL commands via the pfid parameter in a catalog action. | |||||
| CVE-2010-0693 | 1 Commodityrentals | 1 Trade Manager Script | 2017-08-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in products.php in CommodityRentals Trade Manager Script allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2010-0694 | 2 Joomla, Percha | 2 Joomla, Com Perchagallery | 2017-08-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the PerchaGallery (com_perchagallery) component before 1.5b for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an editunidad action to index.php. | |||||
| CVE-2010-0697 | 2 Drupal, Ilya Ivanchenko | 2 Drupal, Itweak Upload | 2017-08-16 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the iTweak Upload module 6.x-1.x before 6.x-1.2 and 6.x-2.x before 6.x-2.3 for Drupal allows remote authenticated users, with create content and upload file permissions, to inject arbitrary web script or HTML via the file name of an uploaded file. | |||||
| CVE-2010-0698 | 1 Dynamicsoft | 1 Wsc Cms | 2017-08-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in backoffice/login.asp in Dynamicsoft WSC CMS 2.2 allows remote attackers to execute arbitrary SQL commands via the Password parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-0700 | 1 Wampserver | 1 Wampserver | 2017-08-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in WampServer 2.0i allows remote attackers to inject arbitrary web script or HTML via the lang parameter. | |||||
| CVE-2010-0701 | 1 Newgensoft | 1 Omnidocs | 2017-08-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ForceChangePassword.jsp in Newgen Software OmniDocs allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-0706 | 1 Subexworld | 1 Nikira Fraud Management System | 2017-08-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the login/prompt component in Subex Nikira Fraud Management System allows remote attackers to inject arbitrary web script or HTML via the message parameter. | |||||
| CVE-2010-0707 | 1 Timeclock-software | 1 Employee Timeclock Software | 2017-08-16 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in add_user.php in Employee Timeclock Software 0.99 allows remote attackers to hijack the authentication of an administrator for requests that create new administrative users. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-0708 | 1 Sun | 1 Java System Directory Server | 2017-08-16 | 5.0 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in (1) ns-slapd and (2) slapd.exe in Sun Directory Server Enterprise Edition 7.0, Sun Java System Directory Server 5.2, and Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 allow remote attackers to cause a denial of service (daemon crash) via a crafted LDAP search request. | |||||
| CVE-2010-0709 | 1 Limny | 1 Limny | 2017-08-16 | 6.8 MEDIUM | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in Limny 2.0 allow remote attackers to (1) hijack the authentication of users or administrators for requests that change the email address or password via the user action to index.php, and (2) hijack the authentication of the administrator for requests that create a new user via the admin/modules/user/new action to limny/index.php. | |||||
| CVE-2010-0712 | 1 Zenoss | 1 Zenoss | 2017-08-16 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in zport/dmd/Events/getJSONEventsInfo in Zenoss 2.3.3, and other versions before 2.5, allow remote authenticated users to execute arbitrary SQL commands via the (1) severity, (2) state, (3) filter, (4) offset, and (5) count parameters. | |||||
| CVE-2010-0717 | 1 Moinmo | 1 Moinmoin | 2017-08-16 | 7.5 HIGH | N/A |
| The default configuration of cfg.packagepages_actions_excluded in MoinMoin before 1.8.7 does not prevent unsafe package actions, which has unspecified impact and attack vectors. | |||||
| CVE-2010-0718 | 1 Microsoft | 1 Windows Media Player | 2017-08-16 | 4.3 MEDIUM | N/A |
| Buffer overflow in Microsoft Windows Media Player 9 and 11.0.5721.5145 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted .mpg file. | |||||
| CVE-2010-0719 | 1 Microsoft | 6 Windows 2000, Windows 2003 Server, Windows 7 and 3 more | 2017-08-16 | 4.7 MEDIUM | N/A |
| An unspecified API in Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, and Windows 7 does not validate arguments, which allows local users to cause a denial of service (system crash) via a crafted application. | |||||
| CVE-2010-0720 | 1 Systemsoftware | 1 Erotik Auktionshaus | 2017-08-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in news.php in Erotik Auktionshaus allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-0721 | 1 Systemsoftware | 1 Auktionshaus Gelb | 2017-08-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in news.php in Auktionshaus Gelb 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-0722 | 1 Mhproducts | 1 Php Auktion Pro | 2017-08-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in news.php in Php Auktion Pro allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-0723 | 1 Mhproducts | 1 Ero Auktion | 2017-08-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in news.php in Ero Auktion 2.0 and 2010 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||