Vulnerabilidades CVE
Base de dados CVE enriquecida com CISA KEV e NVD
| CVE ID | CVSS | Severidade | KEV | Avistamentos |
|---|---|---|---|---|
| CVE-2010-1494 Directory traversal vulnerability in the AWDwall (com_awdwall) component 1.5.4 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | N/A | NONE | — | 0 |
| CVE-2010-1495 Directory traversal vulnerability in the Matamko (com_matamko) component 1.01 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | N/A | NONE | — | 0 |
| CVE-2010-1496 SQL injection vulnerability in the JoltCard (com_joltcard) component 1.2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cardID parameter in a view action to index.php. | N/A | NONE | — | 0 |
| CVE-2010-1497 Cross-site scripting (XSS) vulnerability in download_proc.php in dl_stats before 2.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter. | N/A | NONE | — | 0 |
| CVE-2010-1498 Multiple SQL injection vulnerabilities in dl_stats before 2.0 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) download.php and (2) view_file.php. | N/A | NONE | — | 0 |
| CVE-2010-1499 SQL injection vulnerability in genre_artists.php in MusicBox 3.3 allows remote attackers to execute arbitrary SQL commands via the id parameter. | N/A | NONE | — | 0 |
| CVE-2010-1500 Google Chrome before 4.1.249.1059 does not properly support forms, which has unknown impact and attack vectors, related to a "type confusion error." | N/A | NONE | — | 0 |
| CVE-2026-3392 A weakness has been identified in FascinatedBox lily up to 2.3. The affected element is the function eval_tree of the file src/lily_emitter.c. This manipulation causes null pointer dereference. The at... | 3.3 | LOW | — | 0 |
| CVE-2010-1502 Unspecified vulnerability in Google Chrome before 4.1.249.1059 allows remote attackers to access local files via vectors related to "developer tools." | N/A | NONE | — | 0 |
| CVE-2010-1503 Cross-site scripting (XSS) vulnerability in Google Chrome before 4.1.249.1059 allows remote attackers to inject arbitrary web script or HTML via vectors related to a chrome://net-internals URI. | N/A | NONE | — | 0 |
| CVE-2010-1504 Cross-site scripting (XSS) vulnerability in Google Chrome before 4.1.249.1059 allows remote attackers to inject arbitrary web script or HTML via vectors related to a chrome://downloads URI. | N/A | NONE | — | 0 |
| CVE-2010-1505 Google Chrome before 4.1.249.1059 does not prevent pages from loading with the New Tab page's privileges, which has unknown impact and attack vectors. | N/A | NONE | — | 0 |
| CVE-2026-3404 A flaw has been found in thinkgem JeeSite up to 5.15.1. Impacted is an unknown function of the file /com/jeesite/common/shiro/cas/CasOutHandler.java of the component Endpoint. Executing a manipulation... | 5.0 | MEDIUM | — | 0 |
| CVE-2010-1506 The Google V8 bindings in Google Chrome before 4.1.249.1059 allow attackers to cause a denial of service (memory corruption) via unknown vectors. | N/A | NONE | — | 0 |
| CVE-2010-1528 PHP remote file inclusion vulnerability in include/template.php in Uiga Proxy, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the content paramete... | N/A | NONE | — | 0 |
| CVE-2010-1529 SQL injection vulnerability in the Freestyle FAQs Lite (com_fsf) component, possibly 1.3, for Joomla! allows remote attackers to execute arbitrary SQL commands via the faqid parameter in an faq action... | N/A | NONE | — | 0 |
| CVE-2010-1530 Multiple cross-site scripting (XSS) vulnerabilities in the Internationalization module 6.x before 6.x-1.4 for Drupal allow remote authenticated users, with translate interface or administer blocks pri... | N/A | NONE | — | 0 |
| CVE-2010-1531 Directory traversal vulnerability in the redSHOP (com_redshop) component 1.0.x for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. | N/A | NONE | — | 0 |
| CVE-2010-1532 Directory traversal vulnerability in the givesight PowerMail Pro (com_powermail) component 1.5.3 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact ... | N/A | NONE | — | 0 |
| CVE-2010-1533 Directory traversal vulnerability in the TweetLA (com_tweetla) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | N/A | NONE | — | 0 |
| CVE-2010-1534 Directory traversal vulnerability in the Shoutbox Pro (com_shoutbox) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | N/A | NONE | — | 0 |
| CVE-2010-1535 Directory traversal vulnerability in the TRAVELbook (com_travelbook) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (do... | N/A | NONE | — | 0 |
| CVE-2010-1536 Cross-site scripting (XSS) vulnerability in the AddThis Button module 5.x before 5.x-2.2 and 6.x before 6.x-2.9 for Drupal allows remote authenticated users, with administer addthis privileges, to inj... | N/A | NONE | — | 0 |
| CVE-2010-1537 Multiple directory traversal vulnerabilities in phpCDB 1.0 and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang_global parameter to (1) firstv... | N/A | NONE | — | 0 |
| CVE-2010-1538 SQL injection vulnerability in print_raincheck.php in phpRAINCHECK 1.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | N/A | NONE | — | 0 |
| CVE-2010-1539 Cross-site scripting (XSS) vulnerability in the Workflow module 5.x-2.x before 5.x-2.6 and 6.x-1.x before 6.x-1.4 for Drupal, when used with the Token module, might allow remote authenticated users to... | N/A | NONE | — | 0 |
| CVE-2010-1540 Directory traversal vulnerability in index.php in the MyBlog (com_myblog) component 3.0.329 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the task parameter. NOTE:... | N/A | NONE | — | 0 |
| CVE-2010-1541 Multiple cross-site scripting (XSS) vulnerabilities in DFD Cart 1.198, 1.197, and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) category and (2) list_quantity param... | N/A | NONE | — | 0 |
| CVE-2010-1542 Multiple cross-site request forgery (CSRF) vulnerabilities in admin/configure.php in DFD Cart 1.198, 1.197, and earlier allow remote attackers to hijack the authentication of administrators for reques... | N/A | NONE | — | 0 |
| CVE-2010-1543 Cross-site scripting (XSS) vulnerability in the eTracker module before 6.x-1.2 for Drupal allows remote attackers to inject arbitrary web script or HTML by appending a crafted string to an arbitrary U... | N/A | NONE | — | 0 |
| CVE-2010-1544 micro_httpd on the RCA DCM425 cable modem allows remote attackers to cause a denial of service (device reboot) via a long string to TCP port 80. | N/A | NONE | — | 0 |
| CVE-2009-4811 VMware Authentication Daemon 1.0 in vmware-authd.exe in the VMware Authorization Service in VMware Workstation 7.0 before 7.0.1 build 227600 and 6.5.x before 6.5.4 build 246459, VMware Player 3.0 befo... | N/A | NONE | — | 0 |
| CVE-2009-4812 Wolfram Research webMathematica allows remote attackers to obtain sensitive information via a direct request to the MSP script, which reveals the installation path in an error message. | N/A | NONE | — | 0 |
| CVE-2009-4813 Cross-site scripting (XSS) vulnerability in myps.php in MyBB (aka MyBulletinBoard) 1.4.10 allows remote attackers to inject arbitrary web script or HTML via the username parameter in a donate action. | N/A | NONE | — | 0 |
| CVE-2009-4814 Cross-site scripting (XSS) vulnerability in Wolfram Research webMathematica allows remote attackers to inject arbitrary web script or HTML via the URI to the MSP script. | N/A | NONE | — | 0 |
| CVE-2009-4815 Directory traversal vulnerability in Serv-U before 9.2.0.1 allows remote authenticated users to read arbitrary files via unspecified vectors. | N/A | NONE | — | 0 |
| CVE-2009-4816 Directory traversal vulnerability in api/download_checker.php in MegaLab The Uploader 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter. | N/A | NONE | — | 0 |
| CVE-2009-4817 Unrestricted file upload vulnerability in Element-IT Ultimate Uploader 1.3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a d... | N/A | NONE | — | 0 |
| CVE-2009-4818 Unrestricted file upload vulnerability in upload.php in PHPSimplicity Simplicity oF Upload 1.3.2 allows remote attackers to execute arbitrary PHP code by uploading a file with a double extension, as d... | N/A | NONE | — | 0 |
| CVE-2009-4819 Multiple unrestricted file upload vulnerabilities in upload.php in PHPhotoalbum allow remote attackers to execute arbitrary code by uploading a file with a (1) .php.pgif or (2) .php.pjpeg double exten... | N/A | NONE | — | 0 |
| CVE-2009-4820 Angelo-Emlak 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for veribaze/angelo.mdb. | N/A | NONE | — | 0 |
| CVE-2009-4821 The D-Link DIR-615 with firmware 3.10NA does not require administrative authentication for apply.cgi, which allows remote attackers to (1) change the admin password via the admin_password parameter, (... | N/A | NONE | — | 0 |
| CVE-2009-4822 Multiple cross-site scripting (XSS) vulnerabilities in index.php in Kasseler CMS 1.3.4 allow remote attackers to inject arbitrary web script or HTML via the (1) do, (2) id, and (3) uname parameters. | N/A | NONE | — | 0 |
| CVE-2009-4823 Cross-site scripting (XSS) vulnerability in frontend/x3/files/fileop.html in cPanel 11.0 through 11.24.7 allows remote attackers to inject arbitrary web script or HTML via the fileop parameter. | N/A | NONE | — | 0 |
| CVE-2009-4824 Unspecified vulnerability in Kolab Webclient before 1.2.0 in Kolab Server before 2.2.3 allows attackers to have an unspecified impact via vectors related to an "image upload form." | N/A | NONE | — | 0 |
| CVE-2009-4825 8pixel.net Blog 4 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for App_Data/sb.mdb. | N/A | NONE | — | 0 |
| CVE-2009-4826 Cross-site request forgery (CSRF) vulnerability in hosting/admin_ac.php in ScriptsEz Mini Hosting Panel allows remote attackers to hijack the authentication of administrators for requests that alter a... | N/A | NONE | — | 0 |
| CVE-2009-4827 Cross-site request forgery (CSRF) vulnerability in admin.php in Mail Manager Pro allows remote attackers to hijack the authentication of administrators for requests that change the admin password via ... | N/A | NONE | — | 0 |
| CVE-2009-4828 Cross-site request forgery (CSRF) vulnerability in administration/admins.php in Ad Manager Pro (aka AdManagerPro) 3.0 allows remote attackers to hijack the authentication of administrators for request... | N/A | NONE | — | 0 |
| CVE-2026-3710 A security vulnerability has been detected in code-projects Simple Flight Ticket Booking System 1.0. This impacts an unknown function of the file /Adminadd.php. The manipulation of the argument flight... | 4.7 | MEDIUM | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.