95 matches found
CVE-2009-0810
The vulnerability CVE-2009-0810 affects xGuestbook 2.0, specifically the login.php component where the user parameter is used in a way that permits SQL injection. The advisory states that remote attackers can cause arbitrary SQL commands to execute, indicating a classic injection in authenticatio...
CVE-2009-0810
creationtimestamp| type| source ---|---|--- 2009-02-24 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/8101...
CVE-2008-0810
CVE-2008-0810 describes an SQL injection in Joomla!/Mambo's com_scheduling module, exploitable via the id parameter to allow remote execution of SQL commands. The vulnerability targets the web application layer and can impact confidentiality, integrity, and availability by enabling attacker-contr...
CVE-2007-0810
PHP remote file inclusion vulnerability in MVCnPHP/BaseView.php in GeekLog 2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the glConfpathlibraries parameter. NOTE: this might be a vulnerability in MVCnPHP rather than a vulnerability in GeekLog...
CVE-2007-0810
CVE-2007-0810 describes a PHP remote file inclusion in GeekLog 2 and earlier via glConf[path_libraries] in MVCnPHP/BaseView.php, allowing remote execution of PHP code by supplying a URL. The vulnerability’s root cause is a file inclusion flaw that can process an attacker-supplied URL, with impact...
CVE-2006-0810
Skate Board 0.9 is affected by CVE-2006-0810 via a PHP code injection vulnerability in config.php. Remote authenticated administrators can modify variables in config.php, potentially enabling arbitrary PHP code execution. This is described as a vulnerability in Skate Board 0.9 related to config.p...
CVE-2005-0810
CVE-2005-0810: NotifyLink contains SQL injection vulnerabilities affecting NotifyLink Server (pre-3.0). Unauthenticated remote attackers can append SQL via various URLs to view/modify the NotifyLink SQL database; impact includes unauthorized user creation, password changes, and data exposure. The...
CVE-2004-0810
The CVE-2004-0810 entry concerns Timbuktu by Netopia (server component) version 7.0.3. A remote buffer overflow can be triggered by sending a crafted data string to multiple concurrent connections on TCP port 407, causing the Timbuktu server process to crash (DoS). The issue arises because the se...
CVE-2002-0810
Bugzilla 2.14 before 2.14.2 and 2.16 before 2.16rc2 contains an information leakage vulnerability in the syncshadowdb command. Error messages are written to HTML output, which could leak sensitive information, including plaintext passwords, if syncshadowdb fails. Affected versions should be updat...
CVE-2002-0810
Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, directs error messages from the syncshadowdb command to the HTML output, which could leak sensitive information, including plaintext passwords, if syncshadowdb fails...
CVE-2000-0810
Auction Weaver (LITE) versions 1.0–1.04 suffer a form-field name validation flaw that allows remote attackers to delete arbitrary files and directories via a dot-dot path traversal. The underlying issue is improper validation of input names, enabling remote exploitation without authentication. Im...
CVE-2000-0810
Auction Weaver 1.0 through 1.04 does not properly validate the names of form fields, which allows remote attackers to delete arbitrary files and directories via a .. dot dot attack...
CVE-2000-0810
Auction Weaver 1.0 through 1.04 does not properly validate the names of form fields, which allows remote attackers to delete arbitrary files and directories via a .. dot dot attack...
CVE-1999-0810
Concrete details exist: CVE-1999-0810 affects Samba with DoS in the NETBIOS name service daemon (nmbd). OpenVAS data references Samba
CVE-1999-0810
Denial of service in Samba NETBIOS name service daemon nmbd...