Latest CVE Vulnerabilities

CVE-2010-0958 (tribisur)
(03/10/2010) Directory traversal vulnerability in modules/hayoo/index.php in Tribisur 2.1, 2.0, and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary files via directory traversal sequences in the theme ... Read More

CVE-2010-0957 (saskias_shopsystem)
(03/10/2010) Directory traversal vulnerability in content.php in Saskia's Shopsystem beta1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the id parameter. Read More

CVE-2010-0956 (opencart)
(03/10/2010) SQL injection vulnerability in index.php in OpenCart 1.3.2 allows remote attackers to execute arbitrary SQL commands via the page parameter. Read More

CVE-2010-0955 (bild_flirt_community)
(03/10/2010) SQL injection vulnerability in index.php in Bild Flirt Community 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. Read More

CVE-2010-0954 (pre_e-learning_portal)
(03/10/2010) SQL injection vulnerability in search_result.asp in Pre Projects Pre E-Learning Portal allows remote attackers to execute arbitrary SQL commands via the course_ID parameter. Read More

CVE-2010-0953 (phpcoin)
(03/10/2010) Directory traversal vulnerability in mod.php in phpCOIN 1.2.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the mod parameter. Read More

CVE-2010-0952 (onecms)
(03/10/2010) SQL injection vulnerability in index.php in OneCMS 2.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the user parameter in an elite action. Read More

CVE-2010-0951 (dev4u_cms)
(03/10/2010) SQL injection vulnerability in go_target.php in dev4u CMS allows remote attackers to execute arbitrary SQL commands via the kontent_id parameter. Read More

CVE-2010-0950 (natychmiast-cms)
(03/10/2010) Multiple SQL injection vulnerabilities in Natychmiast CMS allow remote attackers to execute arbitrary SQL commands via the id_str parameter to (1) index.php and (2) a_index.php. Read More

CVE-2010-0949 (natychmiast-cms)
(03/10/2010) Multiple cross-site scripting (XSS) vulnerabilities in Natychmiast CMS allow remote attackers to inject arbitrary web script or HTML via the id_str parameter to (1) index.php and (2) a_index.php. Read More


For more information on any of our services, sign up here!



Press Releases (View All)

January 8, 2010 Digital Defense Receives Major Vulnerability Scanner Validation From NIST View

Upcoming Webinars (View All)

March 10, 2010 Streamline Vulnerability Management with the Active View

March 18, 2010 Social Networks — Hackers Love Them Too

March 24, 2010 Maximize Threat Analysis with the RRC (Risks, Ratings and Certification)




Security Training Education and Awareness Demo


See available DDI RSS feeds              Click here to follow Digital Defense on Twitter!              Click here to follow Digital Defense on LinkedIn!

Valid XHTML 1.0 Transitional Valid CSS!

This site has been optimized for FF2/3 and IE7/IE8. Site functionality may be reduced when utilized with other web browsing software.