Blog

CVE-2010-2004

Stack-based buffer overflow in BS.Global BS.Player 2.51 Build 1022 Free, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via the Skin parameter in the Options section of a skins file (.bsi), a different vuln…


May 20, 2010 0

CVE-2010-1997

Cross-site scripting (XSS) vulnerability in admin/edit.php in Saurus CMS 4.7.0 allows remote authenticated users, with “Article list” edit privileges, to inject arbitrary web script or HTML via the pealkiri parameter. (CVSS:2.1) (Last Update:2013-08-09)


May 20, 2010 0

CVE-2010-1554

Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid iCount parameter. (CVSS:10.0) (Last Update:2018-10-11)


May 13, 2010 0

CVE-2010-1713

SQL injection vulnerability in modules.php in PostNuke 0.764 allows remote attackers to execute arbitrary SQL commands via the sid parameter in a News article modload action. (CVSS:7.5) (Last Update:2013-08-28)


May 4, 2010 0

CVE-2010-1721

SQL injection vulnerability in the Intellectual Property (aka IProperty or com_iproperty) component 1.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an agentproperties action to index.php. (CVSS:7.5) (…


May 4, 2010 0

CVE-2009-4817

Unrestricted file upload vulnerability in Element-IT Ultimate Uploader 1.3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in upload/. (CVSS:6.8) (La…


April 27, 2010 0

CVE-2010-1534

Directory traversal vulnerability in the Shoutbox Pro (com_shoutbox) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. (CVSS:5.0) (Last Update:2013-07-18)


April 26, 2010 0

CVE-2010-1491

Directory traversal vulnerability in the MMS Blog (com_mmsblog) component 2.3.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. (CVSS:5….


April 23, 2010 0

CVE-2010-1354

Directory traversal vulnerability in the VJDEO (com_vjdeo) component 1.0 and 1.0.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from th…


April 12, 2010 0

CVE-2010-1350

SQL injection vulnerability in the JP Jobs (com_jp_jobs) component 1.4.1 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. (CVSS:7.5) (Last Update:2013-08-02)


April 12, 2010 0