Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-02-11 | CVE-2010-0613 | Path Traversal vulnerability in Arwscripts Fonts Script Directory traversal vulnerability in viewfile.php in ARWScripts Fonts Script allows remote attackers to read arbitrary local files via directory traversal sequences in a base64-encoded f parameter. | 5.0 |
2010-02-11 | CVE-2010-0612 | Unspecified vulnerability in Dmanager Documentmanager Unspecified vulnerability in DocumentManager before 4.0 has unknown impact and attack vectors, related to file rights. | 7.5 |
2010-02-11 | CVE-2010-0611 | SQL Injection vulnerability in Baalsystems Baal Systems 3.6/3.7 Multiple SQL injection vulnerabilities in adminlogin.php in Baal Systems 3.8 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. | 7.5 |
2010-02-11 | CVE-2010-0610 | SQL Injection vulnerability in Webguerilla COM Photoblog Multiple SQL injection vulnerabilities in the Photoblog (com_photoblog) component for Joomla! allow remote attackers to execute arbitrary SQL commands via the blog parameter in an images action to index.php. | 7.5 |
2010-02-11 | CVE-2010-0609 | SQL Injection vulnerability in Novaboard 1.1.2 SQL injection vulnerability in header.php in NovaBoard 1.1.2 allows remote attackers to execute arbitrary SQL commands via the nova_name cookie parameter. | 7.5 |
2010-02-11 | CVE-2010-0608 | SQL Injection vulnerability in Novaboard 1.1.2 SQL injection vulnerability in index.php in NovaBoard 1.1.2 allows remote attackers to execute arbitrary SQL commands via the forums[] parameter in a search action. | 7.5 |
2010-02-11 | CVE-2010-0607 | Cross-Site Scripting vulnerability in Sterlitetechnologies Sam300 AX Router Cross-site scripting (XSS) vulnerability in Forms/status_statistics_1 in the Sterlite SAM300 AX Router allows remote attackers to inject arbitrary web script or HTML via the Stat_Radio parameter. | 4.3 |
2010-02-11 | CVE-2010-0606 | Cross-Site Scripting vulnerability in Osticket Cross-site scripting (XSS) vulnerability in scp/ajax.php in osTicket before 1.6.0 Stable allows remote authenticated users to inject arbitrary web script or HTML via the f parameter, possibly related to an error message generated by scp/admin.php. | 3.5 |
2010-02-11 | CVE-2010-0605 | SQL Injection vulnerability in Osticket SQL injection vulnerability in scp/ajax.php in osTicket before 1.6.0 Stable allows remote authenticated users, with "Staff" permissions, to execute arbitrary SQL commands via the input parameter. | 7.5 |
2010-02-11 | CVE-2010-0445 | Unspecified vulnerability in HP Network Node Manager Unspecified vulnerability in HP Network Node Manager (NNM) 8.10, 8.11, 8.12, and 8.13 allows remote attackers to execute arbitrary commands via unknown vectors. | 10.0 |