Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-10-09 | CVE-2010-4932 | Cross-Site Scripting vulnerability in Khader Abbeb Entrans Cross-site scripting (XSS) vulnerability in search.php in Entrans before 0.3.3 allows remote attackers to inject arbitrary web script or HTML via the query parameter. | 4.3 |
2011-10-09 | CVE-2010-4930 | Cross-Site Scripting vulnerability in Atmail Webmail Cross-site scripting (XSS) vulnerability in index.php in @mail Webmail before 6.2.0 allows remote attackers to inject arbitrary web script or HTML via the MailType parameter in a mail/auth/processlogin action. | 4.3 |
2011-10-09 | CVE-2010-4929 | SQL Injection vulnerability in Joostina-Cms COM Ezautos SQL injection vulnerability in the Joostina (com_ezautos) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the firstCode parameter in a helpers action to index.php. | 7.5 |
2011-10-09 | CVE-2010-4928 | Cross-Site Scripting vulnerability in Photoindochina COM Restaurantguide 1.0.0 Cross-site scripting (XSS) vulnerability in the Restaurant Guide (com_restaurantguide) component 1.0.0 for Joomla! allows remote attackers to inject arbitrary web script or HTML by placing it after a > (greater than) character. | 4.3 |
2011-10-09 | CVE-2010-4927 | SQL Injection vulnerability in Photoindochina COM Restaurantguide 1.0.0 SQL injection vulnerability in the Restaurant Guide (com_restaurantguide) component 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a country action to index.php. | 7.5 |
2011-10-09 | CVE-2010-4926 | SQL Injection vulnerability in Timetrack COM Timetrack 1.2.4 SQL injection vulnerability in the TimeTrack (com_timetrack) component 1.2.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the ct_id parameter in a timetrack action to index.php. | 7.5 |
2011-10-09 | CVE-2010-4925 | SQL Injection vulnerability in Nuked-Klan Partenaires Module 1.5 SQL injection vulnerability in clic.php in the Partenaires module 1.5 for Nuked-Klan allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2011-10-09 | CVE-2010-4923 | SQL Injection vulnerability in Virtuenetz Virtue Book Store SQL injection vulnerability in book/detail.php in Virtue Netz Virtue Book Store allows remote attackers to execute arbitrary SQL commands via the bid parameter. | 7.5 |
2011-10-09 | CVE-2010-4922 | SQL Injection vulnerability in Allinta CMS 22.07.2010 Multiple SQL injection vulnerabilities in Allinta CMS 22.07.2010 allow remote attackers to execute arbitrary SQL commands via the i parameter in an edit action to (1) contentAE.asp or (2) templatesAE.asp. | 7.5 |
2011-10-08 | CVE-2010-4921 | SQL Injection vulnerability in Dmxready Polling Booth Manager SQL injection vulnerability in inc_pollingboothmanager.asp in DMXReady Polling Booth Manager allows remote attackers to execute arbitrary SQL commands via the QuestionID parameter in a results action. | 7.5 |