Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-10-08 | CVE-2010-4904 | SQL Injection vulnerability in Simon Philips COM Aardvertiser 2.1/2.1.1 SQL injection vulnerability in the Aardvertiser (com_aardvertiser) component 2.1 and 2.1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat_name parameter in a view action to index.php. | 7.5 |
2011-10-08 | CVE-2010-4903 | SQL Injection vulnerability in Cubecart 4.3.3 SQL injection vulnerability in index.php in CubeCart 4.3.3 allows remote attackers to execute arbitrary SQL commands via the searchStr parameter. | 7.5 |
2011-10-08 | CVE-2010-4902 | SQL Injection vulnerability in Joomla-Clantools Clantools Comclantools Multiple SQL injection vulnerabilities in the Clantools (com_clantools) component 1.2.3 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) squad or (2) showgame parameter to index.php. | 7.5 |
2011-10-08 | CVE-2010-4901 | Cross-Site Scripting vulnerability in Squiz Mysource Matrix 3.28.3 Multiple cross-site scripting (XSS) vulnerabilities in char_map.php in MySource Matrix 3.28.3 allow remote attackers to inject arbitrary web script or HTML via the (1) height or (2) width parameter. | 4.3 |
2011-10-08 | CVE-2010-4900 | Improper Input Validation vulnerability in Webmanager-Pro CMS Webmanager-Pro 7.4.3 Open redirect vulnerability in c.php in CMS WebManager-Pro 8.1 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter. | 5.8 |
2011-10-08 | CVE-2010-4899 | SQL Injection vulnerability in Webmanager-Pro CMS Webmanager-Pro SQL injection vulnerability in c.php in CMS WebManager-Pro before 8.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2011-10-08 | CVE-2010-4898 | SQL Injection vulnerability in Gantry-Framework COM Gantry 3.0.10 SQL injection vulnerability in the Gantry (com_gantry) component 3.0.10 for Joomla! allows remote attackers to execute arbitrary SQL commands via the moduleid parameter to index.php. | 7.5 |
2011-10-08 | CVE-2010-4897 | SQL Injection vulnerability in Bluecms Project Bluecms 1.6 SQL injection vulnerability in comment.php in BlueCMS 1.6 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header in a send action. | 7.5 |
2011-10-08 | CVE-2010-4896 | Cross-Site Scripting vulnerability in Expinion.Net Member Management System 4.0 Cross-site scripting (XSS) vulnerability in admin/index.asp in Member Management System 4.0 allows remote attackers to inject arbitrary web script or HTML via the REF_URL parameter. | 4.3 |
2011-10-08 | CVE-2010-4895 | Cross-Site Scripting vulnerability in Chillycms 1.1.3 Cross-site scripting (XSS) vulnerability in core/showsite.php in chillyCMS 1.1.3 allows remote attackers to inject arbitrary web script or HTML via the name parameter (aka the username field). | 4.3 |