Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-1714 | 2 Dev.pucit.edu.pk, Joomla | 2 Com Arcadegames, Joomla\! | 2017-08-16 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the Arcade Games (com_arcadegames) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | |||||
| CVE-2010-1715 | 2 Joomla, Pucit.edu | 2 Joomla\!, Com Onlineexam | 2017-08-16 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in the Online Examination (aka Online Exam or com_onlineexam) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-1716 | 2 Joomla, Joomlanetprojects | 2 Joomla\!, Com Agenda | 2017-08-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Agenda Address Book (com_agenda) component 1.0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | |||||
| CVE-2010-1719 | 2 Joomla, Moto-treks | 2 Joomla\!, Com Mtfireeagle | 2017-08-16 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in the MT Fire Eagle (com_mtfireeagle) component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | |||||
| CVE-2010-1720 | 2 Joomla, Qproje | 2 Joomla\!, Com Qpersonel | 2017-08-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Q-Personel (com_qpersonel) component 1.0.2 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the katid parameter in a qpListele action to index.php. | |||||
| CVE-2010-1721 | 2 Joomla, Thethinkery | 2 Joomla\!, Com Iproperty | 2017-08-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Intellectual Property (aka IProperty or com_iproperty) component 1.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an agentproperties action to index.php. | |||||
| CVE-2010-1722 | 2 Dev.pucit.edu.pk, Joomla | 2 Com Market, Joomla\! | 2017-08-16 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in the Online Market (com_market) component 2.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | |||||
| CVE-2010-1725 | 1 Alibabaclone | 1 Alibaba Clone Platinum | 2017-08-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in offers_buy.php in Alibaba Clone Platinum allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-1726 | 1 Alibabaclone | 1 Ec21 Clone | 2017-08-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in offers_buy.php in EC21 Clone 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-1727 | 1 Aspsiteware | 1 Jobpost | 2017-08-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in type.asp in JobPost 1.0 allows remote attackers to execute arbitrary SQL commands via the iType parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-1733 | 1 Ocsinventory-ng | 1 Ocs Inventory Ng | 2017-08-16 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in OCS Inventory NG before 1.02.3 allow remote attackers to execute arbitrary SQL commands via (1) multiple inventory fields to the search form, reachable through index.php; or (2) the "Software name" field to the "All softwares" search form, reachable through index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2010-1736 | 1 Aspindir | 1 Krm Haber | 2017-08-16 | 5.0 MEDIUM | N/A |
| KrM Haber 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for d_atabase/Krmdb.mdb. | |||||
| CVE-2010-1739 | 1 Joomla | 2 Com Newsfeeds, Joomla\! | 2017-08-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Newsfeeds (com_newsfeeds) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the feedid parameter in a categories action to index.php. | |||||
| CVE-2010-1740 | 1 Freeguppy | 1 Guppy | 2017-08-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in newsletter.php in GuppY 4.5.18 allows remote attackers to execute arbitrary SQL commands via the lng parameter. | |||||
| CVE-2010-1741 | 1 Billwerx | 1 Billwerx Rc | 2017-08-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in request_account.php in Billwerx RC 5.2.2 PL2 allows remote attackers to execute arbitrary SQL commands via the primary_number parameter. | |||||
| CVE-2010-1742 | 1 Satyadeep | 1 Scratcher | 2017-08-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in projects.php in Scratcher allows remote attackers to inject arbitrary web script or HTML via the show parameter. | |||||
| CVE-2010-1743 | 1 Satyadeep | 1 Scratcher | 2017-08-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in projects.php in Scratcher allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-1744 | 1 Alibabaclone | 1 B2b Gold Script | 2017-08-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in product.html in B2B Gold Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-1746 | 2 Joomla, Toolsjx | 2 Joomla\!, Com Grid | 2017-08-16 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Table JX (com_grid) component for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) data_search and (2) rpp parameters to index.php. | |||||
| CVE-2010-1855 | 1 Phpscripte24 | 1 Pay Per Watch \& Bid Auktions System | 2017-08-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in auktion.php in Pay Per Watch & Bid Auktions System allows remote attackers to execute arbitrary SQL commands via the id_auk parameter. | |||||