Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-1660 | 1 Clscript | 1 Clscript Classifieds Script | 2017-08-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in help-details.php in CLScript Classifieds Script allows remote attackers to execute arbitrary SQL commands via the hpId parameter. | |||||
| CVE-2010-1661 | 1 Jcink | 1 Php-quick-arcade | 2017-08-16 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in PHP-Quick-Arcade (PHPQA) 3.0.21 allow remote attackers to execute arbitrary SQL commands via the (1) phpqa_user_c parameter to Arcade.php and the (2) id parameter to acpmoderate.php. | |||||
| CVE-2010-1662 | 1 Jcink | 1 Php-quick-arcade | 2017-08-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in acpmoderate.php in PHP-Quick-Arcade (PHPQA) 3.0.21 allows remote attackers to inject arbitrary web script or HTML via the serv parameter. | |||||
| CVE-2010-1667 | 1 Mahara | 1 Mahara | 2017-08-16 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Mahara before 1.0.15, 1.1.x before 1.1.9, and 1.2.x before 1.2.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-1668 | 1 Mahara | 1 Mahara | 2017-08-16 | 6.8 MEDIUM | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in Mahara before 1.0.15, 1.1.x before 1.1.9, and 1.2.x before 1.2.5 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors. | |||||
| CVE-2010-1669 | 1 Mahara | 1 Mahara | 2017-08-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Mahara 1.1.x before 1.1.9 and 1.2.x before 1.2.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-1677 | 1 Mhonarc | 1 Mhonarc | 2017-08-16 | 5.0 MEDIUM | N/A |
| MHonArc 2.6.16 allows remote attackers to cause a denial of service (CPU consumption) via start tags that are placed within other start tags, as demonstrated by a <bo<bo<bo<bo<body>dy>dy>dy>dy> sequence, a different vulnerability than CVE-2010-4524. | |||||
| CVE-2010-1679 | 1 Debian | 1 Dpkg | 2017-08-16 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted remote attackers to modify arbitrary files via directory traversal sequences in a patch for a source-format 3.0 package. | |||||
| CVE-2010-1688 | 1 2brightsparks | 1 Syncback | 2017-08-16 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in 2BrightSparks SyncBack Freeware 3.2.20.0, and possibly other versions before 3.2.21, allows user-assisted remote attackers to execute arbitrary code via a long filename in a (1) .sps or (2) zip profile. | |||||
| CVE-2010-1693 | 1 Openfabrics | 1 Enterprise Distribution | 2017-08-16 | 6.3 MEDIUM | N/A |
| openibd in OpenFabrics Enterprise Distribution (OFED) 1.5.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/ib_set_node_desc.sh temporary file. | |||||
| CVE-2010-1702 | 1 Whmcs | 1 Whmcs | 2017-08-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in submitticket.php in WHMCompleteSolution (WHMCS) 4.2 allows remote attackers to execute arbitrary SQL commands via the deptid parameter. | |||||
| CVE-2010-1703 | 1 2daybiz | 1 Polls Script | 2017-08-16 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index_search.php in 2daybiz Polls (aka Advanced Poll) Script allow remote attackers to inject arbitrary web script or HTML via the (1) category parameter or (2) search field. | |||||
| CVE-2010-1704 | 1 2daybiz | 1 Polls Script | 2017-08-16 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in 2daybiz Polls (aka Advanced Poll) Script allow remote attackers to execute arbitrary SQL commands via (1) the password field to login.php, (2) the login field (aka email parameter) to login.php, (3) the password field (aka pass parameter) to the default URI under admin/, and possibly (4) the login field to the default URI under admin/. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-1706 | 1 2daybiz | 1 Auction Script | 2017-08-16 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in login.php in 2daybiz Auction Script allow remote attackers to execute arbitrary SQL commands via (1) the login field (aka the username parameter), and possibly (2) the password field, to index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-1708 | 1 Freerealty.rwcinc | 1 Free Realty | 2017-08-16 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in agentadmin.php in Free Realty allow remote attackers to execute arbitrary SQL commands via the (1) login field (aka agentname parameter) or (2) password field (aka agentpassword parameter). | |||||
| CVE-2010-1709 | 1 G5-scripts | 1 Auto-img-gallery | 2017-08-16 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in upload.cgi in G5-Scripts Auto-Img-Gallery 1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) user and (2) pass parameters. | |||||
| CVE-2010-1710 | 1 Ramoncastro | 1 Siestta | 2017-08-16 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in login.php in Siestta 2.0, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the idioma parameter. | |||||
| CVE-2010-1711 | 1 Ramoncastro | 1 Siestta | 2017-08-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in carga_foto_al.php in Siestta 2.0, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the usuario parameter. | |||||
| CVE-2010-1712 | 1 Webmobo | 1 Wbnews | 2017-08-16 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in base/Comments.php in Webmobo WB News 2.3.3 allow remote attackers to inject arbitrary web script or HTML via the (1) name and possibly (2) message parameters. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-1713 | 1 Postnuke | 1 Postnuke | 2017-08-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in modules.php in PostNuke 0.764 allows remote attackers to execute arbitrary SQL commands via the sid parameter in a News article modload action. | |||||