EZ-Blog Beta 1 does not require authentication, which allows remote attackers to create or delete arbitrary posts via requests to PHP scripts. Date published : 2010-04-23 http://www.securityfocus.com/archive/1/501352/100/0/threaded http://www.exploit-db.com/exploits/8128
The Google V8 bindings in Google Chrome before 4.1.249.1059 allow attackers to cause a denial of service (memory corruption) via unknown vectors. Date published : 2010-04-23 http://www.securityfocus.com/bid/39603 http://bugs.chromium.org/40635
Google Chrome before 4.1.249.1059 does not prevent pages from loading with the New Tab page’s privileges, which has unknown impact and attack vectors. Date published : 2010-04-23 http://www.securityfocus.com/bid/39603 http://bugs.chromium.org/40575
Cross-site scripting (XSS) vulnerability in Google Chrome before 4.1.249.1059 allows remote attackers to inject arbitrary web script or HTML via vectors related to a URI. Date published : 2010-04-23 http://www.securityfocus.com/bid/39603 http://www.securityfocus.com/bid/39669
Cross-site scripting (XSS) vulnerability in Google Chrome before 4.1.249.1059 allows remote attackers to inject arbitrary web script or HTML via vectors related to a URI. Date published : 2010-04-23 http://www.securityfocus.com/bid/39603 http://www.securityfocus.com/bid/39667
Unspecified vulnerability in Google Chrome before 4.1.249.1059 allows remote attackers to access local files via vectors related to "developer tools." Date published : 2010-04-23 http://www.securityfocus.com/bid/39603 http://bugs.chromium.org/40136
Google Chrome before 4.1.249.1059 does not properly support forms, which has unknown impact and attack vectors, related to a "type confusion error." Date published : 2010-04-23 http://www.securityfocus.com/bid/39603 http://bugs.chromium.org/39443
SQL injection vulnerability in genre_artists.php in MusicBox 3.3 allows remote attackers to execute arbitrary SQL commands via the id parameter. Date published : 2010-04-23 http://www.securityfocus.com/bid/39581 http://www.exploit-db.com/exploits/12303
Multiple SQL injection vulnerabilities in dl_stats before 2.0 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) download.php and (2) view_file.php. Date published : 2010-04-23 http://www.securityfocus.com/bid/39592 http://www.exploit-db.com/exploits/12280
Cross-site scripting (XSS) vulnerability in download_proc.php in dl_stats before 2.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter. Date published : 2010-04-23 http://www.securityfocus.com/bid/39592 http://www.exploit-db.com/exploits/12280
SQL injection vulnerability in the JoltCard (com_joltcard) component 1.2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cardID parameter in a view action to index.php. Date published : 2010-04-23 http://www.securityfocus.com/bid/39541...
Directory traversal vulnerability in the Matamko (com_matamko) component 1.01 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. Date published : 2010-04-23 http://www.securityfocus.com/bid/39550...
Directory traversal vulnerability in the AWDwall (com_awdwall) component 1.5.4 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. Date published : 2010-04-23 http://www.securityfocus.com/bid/39331...
SQL injection vulnerability in the AWDwall (com_awdwall) component before 1.5.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cbuser parameter in an awdwall action to index.php. Date published : 2010-04-23...