Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2013-0118 CS-Cart before 3.0.6, when PayPal Standard Payments is configured, allows remote attackers to set the payment recipient via a modified value of the merchant's e-mail address, as demonstrated by settin... | N/A | NONE | β | 0 |
| CVE-2010-4994 SQL injection vulnerability in the Jobs Pro component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the detailed_results parameter to search_jobs.html. | N/A | NONE | β | 0 |
| CVE-2010-4995 SQL injection vulnerability in the NeoRecruit (com_neorecruit) component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in an offer_view action to... | N/A | NONE | β | 0 |
| CVE-2010-4996 SQL injection vulnerability in ogp_show.php in esoftpro Online Guestbook Pro 5.1 allows remote attackers to execute arbitrary SQL commands via the search parameter. | N/A | NONE | β | 0 |
| CVE-2010-4999 SQL injection vulnerability in index.php in esoftpro Online Photo Pro 2.0 allows remote attackers to execute arbitrary SQL commands via the section parameter. | N/A | NONE | β | 0 |
| CVE-2010-5001 SQL injection vulnerability in view.php in esoftpro Online Contact Manager 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | N/A | NONE | β | 0 |
| CVE-2013-0120 The web interface on Dell PowerConnect 6248P switches allows remote attackers to cause a denial of service (device crash) via a malformed request. | N/A | NONE | β | 0 |
| CVE-2010-5002 Cross-site scripting (XSS) vulnerability in modules/slideshowmodule/slideshow.js.php in Exponent CMS 0.97.0 allows remote attackers to inject arbitrary web script or HTML via the u parameter. | N/A | NONE | β | 0 |
| CVE-2010-5003 SQL injection vulnerability in the AutarTimonial (com_autartimonial) component 1.0.8 for Joomla! allows remote attackers to execute arbitrary SQL commands via the limit parameter in an autartimonial a... | N/A | NONE | β | 0 |
| CVE-2011-1918 Stack-based buffer overflow in the Data Archiver service in GE Intelligent Platforms Proficy Historian before 3.5 SIM 17 and 4.x before 4.0 SIM 12 allows remote attackers to cause a denial of service ... | N/A | NONE | β | 0 |
| CVE-2011-1919 Multiple stack-based buffer overflows in GE Intelligent Platforms Proficy Applications before 4.4.1 SIM 101 and 5.x before 5.0 SIM 43 allow remote attackers to cause a denial of service (daemon crash)... | N/A | NONE | β | 0 |
| CVE-2011-3165 Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1208. | N/A | NONE | β | 0 |
| CVE-2011-3166 Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1209. | N/A | NONE | β | 0 |
| CVE-2011-3167 Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1210. | N/A | NONE | β | 0 |
| CVE-2011-3320 Cross-site scripting (XSS) vulnerability in the Web Administrator component in GE Intelligent Platforms Proficy Historian 4.x and earlier allows remote attackers to inject arbitrary web script or HTML... | N/A | NONE | β | 0 |
| CVE-2011-4074 Cross-site scripting (XSS) vulnerability in cmd.php in phpLDAPadmin 1.2.x before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via an _debug command. | N/A | NONE | β | 0 |
| CVE-2011-4075 The masort function in lib/functions.php in phpLDAPadmin 1.2.x before 1.2.2 allows remote attackers to execute arbitrary PHP code via the orderby parameter (aka sortby variable) in a query_engine acti... | N/A | NONE | β | 0 |
| CVE-2010-4971 Cross-site scripting (XSS) vulnerability in VideoWhisper PHP 2 Way Video Chat component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the r parameter to index.php. | N/A | NONE | β | 0 |
| CVE-2010-4997 SQL injection vulnerability in index.php in OlyKit Swoopo Clone 2010 allows remote attackers to execute arbitrary SQL commands via the id parameter in a product action. | N/A | NONE | β | 0 |
| CVE-2010-4998 PHP remote file inclusion vulnerability in ardeaCore/lib/core/ardeaInit.php in ardeaCore PHP Framework 2.2 allows remote attackers to execute arbitrary PHP code via a URL in the pathForArdeaCore param... | N/A | NONE | β | 0 |
| CVE-2010-5000 SQL injection vulnerability in login/login_index.php in MCLogin System 1.1 and 1.2 allows remote attackers to execute arbitrary SQL commands via the myusername parameter (aka Username field) in a do_l... | N/A | NONE | β | 0 |
| CVE-2010-5004 SQL injection vulnerability in searchvote.php in 2daybiz Polls (aka Advanced Poll) Script allows remote attackers to execute arbitrary SQL commands via the category parameter. | N/A | NONE | β | 0 |
| CVE-2010-5005 Cross-site scripting (XSS) vulnerability in members/profileCommentsResponse.php in Rayzz Photoz allows remote attackers to inject arbitrary web script or HTML via the profileCommentTextArea parameter.... | N/A | NONE | β | 0 |
| CVE-2010-5006 SQL injection vulnerability in googlemap/index.php in EMO Realty Manager allows remote attackers to execute arbitrary SQL commands via the cat1 parameter. | N/A | NONE | β | 0 |
| CVE-2010-5007 Cross-site scripting (XSS) vulnerability in pages/match_report.php in UTStats Beta 4 and earlier allows remote attackers to inject arbitrary web script or HTML via the mid parameter. | N/A | NONE | β | 0 |
| CVE-2010-5008 SQL injection vulnerability in pages/contact_list_mail_form.asp in BrightSuite Groupware 5.4 allows remote attackers to execute arbitrary SQL commands via the ContactID parameter. | N/A | NONE | β | 0 |
| CVE-2010-5009 SQL injection vulnerability in index.php in UTStats Beta 4 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter in a matchp action. | N/A | NONE | β | 0 |
| CVE-2010-5010 Cross-site scripting (XSS) vulnerability in schoolmv2/html/studentmain.php in SchoolMation 2.3 allows remote attackers to inject arbitrary web script or HTML via the session parameter. | N/A | NONE | β | 0 |
| CVE-2010-5011 SQL injection vulnerability in schoolmv2/html/studentmain.php in SchoolMation 2.3 allows remote attackers to execute arbitrary SQL commands via the session parameter. | N/A | NONE | β | 0 |
| CVE-2010-5012 SQL injection vulnerability in new.php in DaLogin 2.2 and 2.2.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third par... | N/A | NONE | β | 0 |
| CVE-2010-5013 SQL injection vulnerability in listing_detail.asp in Mckenzie Creations Virtual Real Estate Manager (VRM) 3.5 allows remote attackers to execute arbitrary SQL commands via the Lid parameter. | N/A | NONE | β | 0 |
| CVE-2010-5014 SQL injection vulnerability in standings.php in Elite Gaming Ladders 3.5 allows remote attackers to execute arbitrary SQL commands via the ladder[id] parameter. | N/A | NONE | β | 0 |
| CVE-2010-5015 SQL injection vulnerability in view_photo.php in 2daybiz Network Community Script allows remote attackers to execute arbitrary SQL commands via the alb parameter. | N/A | NONE | β | 0 |
| CVE-2010-5016 SQL injection vulnerability in matchdb.php in Elite Gaming Ladders 3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the match parameter. | N/A | NONE | β | 0 |
| CVE-2010-5017 SQL injection vulnerability in stats.php in Elite Gaming Ladders 3.0 allows remote attackers to execute arbitrary SQL commands via the account parameter. | N/A | NONE | β | 0 |
| CVE-2010-5018 Cross-site scripting (XSS) vulnerability in products/classified/headersearch.php in 2daybiz Online Classified Script allows remote attackers to inject arbitrary web script or HTML via the sid paramete... | N/A | NONE | β | 0 |
| CVE-2010-5019 SQL injection vulnerability in view_photo.php in 2daybiz Online Classified Script allows remote attackers to execute arbitrary SQL commands via the alb parameter. | N/A | NONE | β | 0 |
| CVE-2010-5020 SQL injection vulnerability in index.php in NetArt Media iBoutique 4.0 allows remote attackers to execute arbitrary SQL commands via the page parameter. | N/A | NONE | β | 0 |
| CVE-2010-5021 SQL injection vulnerability in view_group.asp in Digital Interchange Document Library 5.8.5 allows remote attackers to execute arbitrary SQL commands via the intGroupID parameter. | N/A | NONE | β | 0 |
| CVE-2010-5022 SQL injection vulnerability in the JExtensions JE Story Submit (com_jesubmit) component 1.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the view parameter to index.php. | N/A | NONE | β | 0 |
| CVE-2010-5023 SQL injection vulnerability in index.asp in Digital Interchange Calendar 5.8.5 allows remote attackers to execute arbitrary SQL commands via the intDivisionID parameter. | N/A | NONE | β | 0 |
| CVE-2010-5024 SQL injection vulnerability in manage/add_user.php in CuteSITE CMS 1.2.3 and 1.5.0 allows remote authenticated users, with Read privileges, to execute arbitrary SQL commands via the user_id parameter.... | N/A | NONE | β | 0 |
| CVE-2010-5025 Cross-site scripting (XSS) vulnerability in manage/main.php in CuteSITE CMS 1.2.3 and 1.5.0 allows remote attackers to inject arbitrary web script or HTML via the fld_path parameter. NOTE: some of th... | N/A | NONE | β | 0 |
| CVE-2010-5026 SQL injection vulnerability in winners.php in Science Fair In A Box (SFIAB) 2.0.6 and 2.2.0 allows remote attackers to execute arbitrary SQL commands via the type parameter. NOTE: some of these detai... | N/A | NONE | β | 0 |
| CVE-2010-5027 Cross-site scripting (XSS) vulnerability in winners.php in Science Fair In A Box (SFIAB) 2.0.6 and 2.2.0 allows remote attackers to inject arbitrary web script or HTML via the type parameter. NOTE: s... | N/A | NONE | β | 0 |
| CVE-2010-5028 SQL injection vulnerability in the JExtensions JE Job (com_jejob) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an item action to index... | N/A | NONE | β | 0 |
| CVE-2010-5029 SQL injection vulnerability in index.php in Ecomat CMS 5.0 allows remote attackers to execute arbitrary SQL commands via the show parameter in a web action. | N/A | NONE | β | 0 |
| CVE-2010-5030 Cross-site scripting (XSS) vulnerability in index.php in Ecomat CMS 5.0 allows remote attackers to inject arbitrary web script or HTML via the lang parameter in a web action. | N/A | NONE | β | 0 |
| CVE-2010-5031 Cross-site scripting (XSS) vulnerability in index.php in fileNice 1.1 allows remote attackers to inject arbitrary web script or HTML via the sstring parameter (aka the Search Box). NOTE: some of thes... | N/A | NONE | β | 0 |
| CVE-2012-6621 Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS 3.1, 3.1.2, 3.2.3, and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) Email Address or (2) Custo... | N/A | NONE | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.