Search
Total
86024 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-4921 | 1 Dmxready | 1 Polling Booth Manager | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in inc_pollingboothmanager.asp in DMXReady Polling Booth Manager allows remote attackers to execute arbitrary SQL commands via the QuestionID parameter in a results action. | |||||
| CVE-2010-4925 | 1 Nuked-klan | 2 Nuked-klan, Partenaires Module | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in clic.php in the Partenaires module 1.5 for Nuked-Klan allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-4940 | 1 Wanewsletter | 1 Wanewsletter | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in WAnewsletter 2.1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-4942 | 1 E-xoopport | 1 Samsara | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in location.php in the eCal module in E-Xoopport Samsara 3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the lid parameter. | |||||
| CVE-2010-4944 | 2 Joomla, Mambo-foundation | 3 Com Elite Experts, Joomla\!, Mambo | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Elite Experts (com_elite_experts) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showExpertProfileDetailed action to index.php. | |||||
| CVE-2010-4945 | 1 Joomla | 2 Com Camelcitydb2, Joomla\! | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the CamelcityDB (com_camelcitydb2) component 2.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | |||||
| CVE-2010-4949 | 2 Evnix, Joomla | 3 Freichat, Freichatpure, Joomla\! | 2017-08-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the (1) FreiChat component before 2.1.2 for Joomla! and the (2) FreiChatPure component before 1.2.2 for Joomla! allows remote attackers to inject arbitrary web script or HTML by entering it in an unspecified window. | |||||
| CVE-2010-4952 | 2 Joachim Ruhs, Typo3 | 2 Festat, Typo3 | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the FE user statistic (festat) extension before 0.2.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-4953 | 2 Jw Calendar, Typo3 | 2 Jw Calendar, Typo3 | 2017-08-29 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the JW Calendar (jw_calendar) extension 1.3.20 and earlier for TYPO3 allows remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2010-4954 | 1 Gambio | 1 Xt\ | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in product_reviews_info.php in xt:Commerce Gambio 2008 allows remote attackers to execute arbitrary SQL commands via the products_id parameter. | |||||
| CVE-2010-4955 | 1 Php-programs | 1 Apboard Developers Apboard | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in board/board.php in APBoard Developers APBoard 2.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2006-3078. | |||||
| CVE-2010-4956 | 2 Nadine Schwingler, Typo3 | 2 Ke Questionnaire, Typo3 | 2017-08-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Questionnaire (ke_questionnaire) extension before 2.2.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-4957 | 2 Nadine Schwingler, Typo3 | 2 Ke Questionnaire, Typo3 | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Questionnaire (ke_questionnaire) extension before 2.2.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-4959 | 1 Preproject | 1 Pre Podcast Portal | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the login feature in Pre Projects Pre Podcast Portal allows remote attackers to execute arbitrary SQL commands via the password parameter. | |||||
| CVE-2010-4960 | 2 Martin Hesse, Typo3 | 2 Mh Branchenbuch, Typo3 | 2017-08-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Branchenbuch (aka Yellow Pages or mh_branchenbuch) extension before 0.9.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-4961 | 2 Dev-team Typoheads, Typo3 | 2 Webkitpdf, Typo3 | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Webkit PDFs (webkitpdf) extension before 1.1.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-4962 | 2 Dev-team Typoheads, Typo3 | 2 Webkitpdf, Typo3 | 2017-08-29 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the Webkit PDFs (webkitpdf) extension before 1.1.4 for TYPO3 allows remote attackers to execute arbitrary commands via unknown vectors. | |||||
| CVE-2010-4967 | 1 Atcom | 1 Netvolution | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in ATCOM Netvolution 2.5.6 allows remote attackers to execute arbitrary SQL commands via the artID parameter. | |||||
| CVE-2010-4971 | 2 Joomla, Videowhisper | 2 Joomla\!, Php 2 Way Video Chat | 2017-08-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in VideoWhisper PHP 2 Way Video Chat component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the r parameter to index.php. | |||||
| CVE-2010-4972 | 1 Ypninc | 1 Jokescript | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in YPNinc JokeScript allows remote attackers to execute arbitrary SQL commands via the ypncat_id parameter. | |||||
| CVE-2010-4974 | 1 Brotherscripts | 1 Auto Dealer | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in info.php in BrotherScripts (BS) and ScriptsFeed Auto Dealer allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-4975 | 2 Joomla, Techjoomla | 2 Joomla\!, Com Socialads | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Techjoomla SocialAds For JomSocial (com_socialads) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the ads description field in a showad action to index.php. | |||||
| CVE-2010-4976 | 1 Metinfo | 1 Metinfo | 2017-08-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search/search.php in MetInfo 3.0 allows remote attackers to inject arbitrary web script or HTML via the searchword parameter (aka Search Box field). NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-4978 | 1 Nicholas Berry | 1 Candid | 2017-08-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in image/view.php in CANDID allows remote attackers to inject arbitrary web script or HTML via the image_id parameter. | |||||
| CVE-2010-4979 | 1 Nicholas Berry | 1 Candid | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in image/view.php in CANDID allows remote attackers to execute arbitrary SQL commands via the image_id parameter. | |||||
| CVE-2010-4981 | 1 Yourfreeworld | 1 Banner Management | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in trackads.php in YourFreeWorld Banner Management allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-4982 | 1 Mykazaam | 1 Address \& Contact Organizer | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in address_book/contacts.php in My Kazaam Address & Contact Organizer allows remote attackers to execute arbitrary SQL commands via the var1 parameter. | |||||
| CVE-2010-4984 | 1 Mykazaam | 1 Notes Management System | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in notes.php in My Kazaam Notes Management System allows remote attackers to execute arbitrary SQL commands via vectors involving the "Enter Reference Number Below" text box. | |||||
| CVE-2010-4985 | 1 Mykazaam | 1 Notes Management System | 2017-08-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in notes.php in My Kazaam Notes Management System allows remote attackers to inject arbitrary web script or HTML via vectors involving the "Enter Reference Number Below" text box. | |||||
| CVE-2010-4987 | 1 Kmsoft | 1 Guestbook | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in KMSoft Guestbook (aka GBook) allows remote attackers to execute arbitrary SQL commands via the p parameter. | |||||
| CVE-2010-4988 | 1 Familycms | 1 Family Connections Who Is Chatting | 2017-08-29 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in mod_chatting/themes/default/header.php in Family Connections Who is Chatting 2.2.3 allows remote attackers to execute arbitrary PHP code via a URL in the TMPL[path] parameter. | |||||
| CVE-2010-4989 | 1 Farsi-cms | 1 Ziggurat Farsi Cms | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in main.asp in Ziggurat Farsi CMS allows remote attackers to execute arbitrary SQL commands via the grp parameter. | |||||
| CVE-2010-4990 | 2 B-elektro, Joomla | 2 Com Addressbook, Joomla\! | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Front-edit Address Book (com_addressbook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a contact action to index.php. | |||||
| CVE-2010-4991 | 2 Joomla, Ninjaforge | 2 Joomla\!, Ninjamonials | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the NinjaMonials (com_ninjamonials) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a display action to index.php. | |||||
| CVE-2010-4992 | 2 Joomla, Paymentsplus | 2 Joomla\!, Payments Plus | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Payments Plus component 2.1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the type parameter to add.html. | |||||
| CVE-2010-4993 | 2 Joomla, Kay Messerschmidt | 2 Joomla\!, Com Eventcal | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the eventcal (com_eventcal) component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. | |||||
| CVE-2010-4994 | 2 Instantphp, Joomla | 2 Jobs Pro, Joomla\! | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Jobs Pro component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the detailed_results parameter to search_jobs.html. | |||||
| CVE-2010-4995 | 2 Joomla, Neojoomla | 2 Joomla\!, Com Neorecruit | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the NeoRecruit (com_neorecruit) component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in an offer_view action to index.php, a different vector than CVE-2007-4506. | |||||
| CVE-2010-4996 | 1 Esoftpro | 1 Online Guestbook Pro | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ogp_show.php in esoftpro Online Guestbook Pro 5.1 allows remote attackers to execute arbitrary SQL commands via the search parameter. | |||||
| CVE-2010-4999 | 1 Esoftpro | 1 Online Photo Pro | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in esoftpro Online Photo Pro 2.0 allows remote attackers to execute arbitrary SQL commands via the section parameter. | |||||
| CVE-2010-5001 | 1 Esoftpro | 1 Online Contact Manager | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view.php in esoftpro Online Contact Manager 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-5003 | 2 Autartica, Joomla | 2 Com Autartimonial, Joomla\! | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the AutarTimonial (com_autartimonial) component 1.0.8 for Joomla! allows remote attackers to execute arbitrary SQL commands via the limit parameter in an autartimonial action to index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-5007 | 1 Ut-files | 1 Utstats | 2017-08-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in pages/match_report.php in UTStats Beta 4 and earlier allows remote attackers to inject arbitrary web script or HTML via the mid parameter. | |||||
| CVE-2010-5009 | 1 Ut-files | 1 Utstats | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in UTStats Beta 4 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter in a matchp action. | |||||
| CVE-2010-5010 | 1 Schoolmation | 1 Schoolmation | 2017-08-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in schoolmv2/html/studentmain.php in SchoolMation 2.3 allows remote attackers to inject arbitrary web script or HTML via the session parameter. | |||||
| CVE-2010-5011 | 1 Schoolmation | 1 Schoolmation | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in schoolmv2/html/studentmain.php in SchoolMation 2.3 allows remote attackers to execute arbitrary SQL commands via the session parameter. | |||||
| CVE-2010-5012 | 1 David Noguera Gutierrez | 1 Dalogin | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in new.php in DaLogin 2.2 and 2.2.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-5013 | 1 Mckenziecreations | 1 Virtual Real Estate Manager | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in listing_detail.asp in Mckenzie Creations Virtual Real Estate Manager (VRM) 3.5 allows remote attackers to execute arbitrary SQL commands via the Lid parameter. | |||||
| CVE-2010-5014 | 1 Eliteladders | 1 Elite Gaming Ladders | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in standings.php in Elite Gaming Ladders 3.5 allows remote attackers to execute arbitrary SQL commands via the ladder[id] parameter. | |||||
| CVE-2010-5015 | 1 2daybiz | 1 Network Community Script | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view_photo.php in 2daybiz Network Community Script allows remote attackers to execute arbitrary SQL commands via the alb parameter. | |||||