Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
itsecteam vulnerabilities and exploits
(subscribe to this query)
435
VMScore
CVE-2010-1662
Cross-site scripting (XSS) vulnerability in acpmoderate.php in PHP-Quick-Arcade (PHPQA) 3.0.21 allows remote malicious users to inject arbitrary web script or HTML via the serv parameter.
Jcink Php-quick-arcade 3.0.21
1 EDB exploit
755
VMScore
CVE-2010-5083
SQL injection vulnerability in the Web_Links module for PHP-Nuke 8.0 allows remote malicious users to execute arbitrary SQL commands via the url parameter in an Add action to modules.php.
Phpnuke Php-nuke 8.0
Phpnuke Web Links Module -
1 EDB exploit
685
VMScore
CVE-2010-1351
Multiple PHP remote file inclusion vulnerabilities in Nodesforum 1.033 and 1.045, when register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the (1) _nodesforum_path_from_here_to_nodesforum_folder parameter to erase_user_data.php and...
Nodesforum Nodesforum 1.033
Nodesforum Nodesforum 1.045
1 EDB exploit
685
VMScore
CVE-2010-1528
PHP remote file inclusion vulnerability in include/template.php in Uiga Proxy, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the content parameter.
Uiga Proxy
1 EDB exploit
755
VMScore
CVE-2010-1661
Multiple SQL injection vulnerabilities in PHP-Quick-Arcade (PHPQA) 3.0.21 allow remote malicious users to execute arbitrary SQL commands via the (1) phpqa_user_c parameter to Arcade.php and the (2) id parameter to acpmoderate.php.
Jcink Php-quick-arcade 3.0.21
1 EDB exploit
435
VMScore
CVE-2010-1712
Multiple cross-site scripting (XSS) vulnerabilities in base/Comments.php in Webmobo WB News 2.3.3 allow remote malicious users to inject arbitrary web script or HTML via the (1) name and possibly (2) message parameters. NOTE: some of these details are obtained from third party in...
Webmobo Wbnews 2.3.3
1 EDB exploit
515
VMScore
CVE-2010-0967
Multiple directory traversal vulnerabilities in Geekhelps ADMP 1.01, when magic_quotes_gpc is disabled, allow remote malicious users to include and execute arbitrary local files via directory traversal sequences in the style parameter to (1) colorvoid/footer.php, (2) default-gree...
Geekhelps Admp 1.01
1 EDB exploit
755
VMScore
CVE-2010-0968
SQL injection vulnerability in bannershow.php in Geekhelps ADMP 1.01 allows remote malicious users to execute arbitrary SQL commands via the click parameter.
Geekhelps Admp 1.01
1 EDB exploit
215
VMScore
CVE-2010-0971
Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.6.4 allow remote authenticated users, with Instructor privileges, to inject arbitrary web script or HTML via the (1) Question and (2) Choice fields in tools/polls/add.php, the (3) Type and (4) Title fields in tools/g...
Atutor Atutor 1.6.4
1 EDB exploit
435
VMScore
CVE-2010-1042
Microsoft Windows Media Player 11 does not properly perform colorspace conversion, which allows remote malicious users to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .AVI file. NOTE: the provenance of this information is unknown;...
Microsoft Windows Media Player 11.0.5721.5145
Microsoft Windows Media Player 11.0.6000.6324
Microsoft Windows Media Player 11
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »