Vulnerabilities

DATE	CVE	VULNERABILITY TITLE	RISK
2011-10-09	CVE-2010-4952	SQL Injection vulnerability in Joachim Ruhs Festat 0.1.6/0.1.8/0.1.9 SQL injection vulnerability in the FE user statistic (festat) extension before 0.2.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. network low complexity joachim-ruhs typo3 CWE-89	7.5
2011-10-09	CVE-2010-4951	Cross-Site Scripting vulnerability in Thomas Mammitzsch VX Xajax Shoutbox Cross-site scripting (XSS) vulnerability in the xaJax Shoutbox (vx_xajax_shoutbox) extension before 1.0.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network thomas-mammitzsch typo3 CWE-79	4.3
2011-10-09	CVE-2010-4950	SQL Injection vulnerability in Joachim Ruhs Event SQL injection vulnerability in the Event (event) extension before 0.3.7 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. network low complexity joachim-ruhs typo3 CWE-89	7.5
2011-10-09	CVE-2010-4949	Cross-Site Scripting vulnerability in Evnix Freichat and Freichatpure Cross-site scripting (XSS) vulnerability in the (1) FreiChat component before 2.1.2 for Joomla! and the (2) FreiChatPure component before 1.2.2 for Joomla! allows remote attackers to inject arbitrary web script or HTML by entering it in an unspecified window. network evnix joomla CWE-79	4.3
2011-10-09	CVE-2010-4948	Code Injection vulnerability in PHPgalleryscript PHP Free Photo Gallery PHP remote file inclusion vulnerability in libs/adodb/adodb.inc.php in PHP Free Photo Gallery script allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. network low complexity phpgalleryscript CWE-94	7.5
2011-10-09	CVE-2010-4947	Cross-Site Scripting vulnerability in Allpcscript Allpc 2.5 Cross-site scripting (XSS) vulnerability in advanced_search_result.php in ALLPC 2.5 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter. network allpcscript CWE-79	4.3
2011-10-09	CVE-2010-4946	SQL Injection vulnerability in Allpcscript Allpc 2.5 SQL injection vulnerability in product_info.php in ALLPC 2.5 allows remote attackers to execute arbitrary SQL commands via the products_id parameter. network low complexity allpcscript CWE-89	7.5
2011-10-09	CVE-2010-4945	SQL Injection vulnerability in Joomla COM Camelcitydb2 2.2 SQL injection vulnerability in the CamelcityDB (com_camelcitydb2) component 2.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. network low complexity joomla CWE-89	7.5
2011-10-09	CVE-2010-4944	SQL Injection vulnerability in Joomla COM Elite Experts SQL injection vulnerability in the Elite Experts (com_elite_experts) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showExpertProfileDetailed action to index.php. network low complexity joomla mambo-foundation CWE-89	7.5
2011-10-09	CVE-2010-4943	Code Injection vulnerability in Brothersoft Saurus CMS 4.7.0 Multiple PHP remote file inclusion vulnerabilities in Saurus CMS 4.7.0 allow remote attackers to execute arbitrary PHP code via a URL in the class_path parameter to (1) file.php or (2) com_del.php. network low complexity brothersoft CWE-94	7.5

Vulnerabilities {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities"}]}

Vulnerabilities