Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-10-07 | CVE-2010-4885 | Cross-Site Scripting vulnerability in Peter Proell Xing 1.0.0 Cross-site scripting (XSS) vulnerability in the XING Button (xing) extension before 1.0.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2011-10-07 | CVE-2010-4884 | Code Injection vulnerability in Hinnendahl Gaestebuch 1.2 PHP remote file inclusion vulnerability in guestbook/gbook.php in Gaestebuch 1.2 allows remote attackers to execute arbitrary PHP code via a URL in the script_pfad parameter. | 7.5 |
2011-10-07 | CVE-2010-4882 | Cross-Site Scripting vulnerability in Ventics Auto CMS 1.6 Cross-site scripting (XSS) vulnerability in autocms.php in Auto CMS 1.6 allows remote attackers to inject arbitrary web script or HTML via the sitetitle parameter. | 4.3 |
2011-10-07 | CVE-2010-4881 | Cross-Site Request Forgery (CSRF) vulnerability in Apphp Calendar Multiple cross-site request forgery (CSRF) vulnerabilities in calendar.class.php in ApPHP Calendar (ApPHP CAL) allow remote attackers to hijack the authentication of unspecified victims for requests that use the (1) category_name, (2) category_description, (3) event_name, or (4) event_description parameter. | 6.8 |
2011-10-07 | CVE-2010-4880 | Cross-Site Scripting vulnerability in Apphp Calendar Multiple cross-site scripting (XSS) vulnerabilities in calendar.class.php in ApPHP Calendar (ApPHP CAL) allow remote attackers to inject arbitrary web script or HTML via the (1) category_name, (2) category_description, (3) event_name, or (4) event_description parameter. | 4.3 |
2011-10-07 | CVE-2010-4879 | Code Injection vulnerability in Digitaljunkies Dompdf 0.6.0 PHP remote file inclusion vulnerability in dompdf.php in dompdf 0.6.0 beta1 allows remote attackers to execute arbitrary PHP code via a URL in the input_file parameter. | 7.5 |
2011-10-07 | CVE-2010-4878 | Code Injection vulnerability in Hinnendahl Kontakt Formular 1.1 PHP remote file inclusion vulnerability in formmailer.php in Kontakt Formular 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the script_pfad parameter. | 7.5 |
2011-10-07 | CVE-2010-4877 | Cross-Site Scripting vulnerability in Insanevisions Onecms 2.6.1 Cross-site scripting (XSS) vulnerability in index.php in OneCMS 2.6.1 allows remote attackers to inject arbitrary web script or HTML via the view parameter. | 4.3 |
2011-10-07 | CVE-2010-4876 | SQL Injection vulnerability in Mblogger Project Mblogger 1.0.04 SQL injection vulnerability in viewpost.php in mBlogger 1.0.04 allows remote attackers to execute arbitrary SQL commands via the postID parameter. | 7.5 |
2011-10-07 | CVE-2010-4875 | Cross-Site Scripting vulnerability in Xondie Vodpod Video Gallery 3.1.5 Cross-site scripting (XSS) vulnerability in vodpod-video-gallery/vodpod_gallery_thumbs.php in the Vodpod Video Gallery Plugin 3.1.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the gid parameter. | 4.3 |