Directory traversal vulnerability in the Community Polls (com_communitypolls) component 1.5.2, and possibly earlier, for Core Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php....
Cross-site scripting (XSS) vulnerability in view.php in Pulse CMS 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the f parameter. Date published : 2010-03-23 http://www.securityfocus.com/bid/38356 http://packetstormsecurity.org/1002-exploits/pulsecms-xss.txt
Cross-site scripting (XSS) vulnerability in Sawmill before 7.2.18 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Date published : 2010-03-23 http://www.securityfocus.com/bid/38387 http://www.sawmill.net/version_history7.html
SQL injection vulnerability in archive.php in XlentProjects SphereCMS 1.1 alpha allows remote attackers to execute arbitrary SQL commands via encoded null bytes ("%00") in the view parameter, which bypasses a protection mechanism. Date published...
Directory traversal vulnerability in vbseo.php in Crawlability vBSEO plugin 3.1.0 for vBulletin allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the vbseourl parameter. Date published : 2010-03-23...
Cross-site scripting (XSS) vulnerability in index.php in Entry Level CMS (EL CMS) allows remote attackers to inject arbitrary web script or HTML via the subj parameter, which is not properly handled in a forced...
SQL injection vulnerability in index.php in Entry Level CMS (EL CMS) allows remote attackers to execute arbitrary SQL commands via the subj parameter. Date published : 2010-03-23 http://packetstormsecurity.org/1002-exploits/elcms-sql.txt http://osvdb.org/62513
Cross-site scripting (XSS) vulnerability in the Currency Exchange module before 6.x-1.2 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to watchdog logging. Date published : 2010-03-23...
SQL injection vulnerability in the jEmbed-Embed Anything (com_jembed) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a summary action to index.php. Date published : 2010-03-23 http://www.exploit-db.com/exploits/11026...
Cross-site scripting (XSS) vulnerability in search.php in Sniggabo CMS 2.21 allows remote attackers to inject arbitrary web script or HTML via the q parameter. Date published : 2010-03-23 http://www.exploit-db.com/exploits/11049 Sniggabo CMS v2.21 XSS Vulnerability
SQL injection vulnerability in profil.php in phpMDJ 1.0.3 allows remote attackers to execute arbitrary SQL commands via the id parameter. Date published : 2010-03-23 http://www.securityfocus.com/bid/37698 http://www.exploit-db.com/exploits/11083
SQL injection vulnerability in index.php in ImagoScripts Deviant Art Clone allows remote attackers to execute arbitrary SQL commands via the seid parameter in a forums viewcat action. Date published : 2010-03-23 http://www.exploit-db.com/exploits/11002 http://packetstormsecurity.org/1001-exploits/imagoscriptsdac-sql.txt
SQL injection vulnerability in games/game.php in ProArcadeScript allows remote attackers to execute arbitrary SQL commands via the id parameter. Date published : 2010-03-23 http://www.securityfocus.com/bid/37703 http://www.exploit-db.com/exploits/11080
Multiple cross-site scripting (XSS) vulnerabilities in surgeftpmgr.cgi in NetWin SurgeFTP 2.3a6 allow remote attackers to inject arbitrary web script or HTML via the (1) domainid or (2) classid parameter in a class action. Date...