Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-10-08 | CVE-2010-4914 | Code Injection vulnerability in Deltascripts PHP Classifieds 7.3 PHP remote file inclusion vulnerability in tools/phpmailer/class.phpmailer.php in PHP Classifieds 7.3 allows remote attackers to execute arbitrary PHP code via a URL in the lang_path parameter. | 7.5 |
2011-10-08 | CVE-2010-4913 | Cross-Site Scripting vulnerability in Coldgen Coldusergroup 1.06 Cross-site scripting (XSS) vulnerability in the search feature in ColdGen ColdUserGroup 1.06 allows remote attackers to inject arbitrary web script or HTML via the Keywords parameter. | 4.3 |
2011-10-08 | CVE-2010-4912 | SQL Injection vulnerability in Discuz Ucenter Home 2.0 SQL injection vulnerability in shop.php in UCenter Home 2.0 allows remote attackers to execute arbitrary SQL commands via the shopid parameter in a view action. | 7.5 |
2011-10-08 | CVE-2010-4911 | SQL Injection vulnerability in Sellatsite PHP Classifieds ADS SQL injection vulnerability in classi/detail.php in PHP Classifieds Ads allows remote attackers to execute arbitrary SQL commands via the sid parameter. | 7.5 |
2011-10-08 | CVE-2010-4910 | SQL Injection vulnerability in Coldgen Coldcalendar 2.06 SQL injection vulnerability in index.cfm in ColdGen ColdCalendar 2.06 allows remote attackers to execute arbitrary SQL commands via the EventID parameter in a ViewEventDetails action. | 7.5 |
2011-10-08 | CVE-2010-4909 | Cross-Site Scripting vulnerability in Mechbunny Paysitereviewcms 1.1 Multiple cross-site scripting (XSS) vulnerabilities in PaysiteReviewCMS 1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) q parameter to search.php or the (2) image parameter to image.php. | 4.3 |
2011-10-08 | CVE-2010-4908 | SQL Injection vulnerability in Virtuenetz Virtue Shopping Mall SQL injection vulnerability in detail.php in Virtue Shopping Mall allows remote attackers to execute arbitrary SQL commands via the prodid parameter. | 7.5 |
2011-10-08 | CVE-2010-4907 | Cross-Site Scripting vulnerability in Zenphoto 1.3 Cross-site scripting (XSS) vulnerability in zp-core/admin.php in Zenphoto 1.3 allows remote attackers to inject arbitrary web script or HTML via the user parameter. | 4.3 |
2011-10-08 | CVE-2010-4906 | SQL Injection vulnerability in Zenphoto 1.3/1.3.1.2 SQL injection vulnerability in zp-core/full-image.php in Zenphoto 1.3 and 1.3.1.2 allows remote attackers to execute arbitrary SQL commands via the a parameter. | 7.5 |
2011-10-08 | CVE-2010-4905 | SQL Injection vulnerability in Softbizscripts Article Directory Script SQL injection vulnerability in article_details.php in Softbiz Article Directory Script allows remote attackers to execute arbitrary SQL commands via the sbiz_id parameter. | 7.5 |