CVE-2010-5018
published 2011-11-02CVE-2010-5018: Cross-site scripting (XSS) vulnerability in products/classified/headersearch.php in 2daybiz Online Classified Script allows remote attackers to inject…
PriorityP419medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
1.48%
70.7th percentile
Cross-site scripting (XSS) vulnerability in products/classified/headersearch.php in 2daybiz Online Classified Script allows remote attackers to inject arbitrary web script or HTML via the sid parameter.
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
vendor_redhat6.8MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-3mj8-x4jc-gf23: Cross-site scripting (XSS) vulnerability in products/classified/headersearch
ghsa_unreviewed·2022-05-17
CVE-2010-5018 [MEDIUM] CWE-79 GHSA-3mj8-x4jc-gf23: Cross-site scripting (XSS) vulnerability in products/classified/headersearch
Cross-site scripting (XSS) vulnerability in products/classified/headersearch.php in 2daybiz Online Classified Script allows remote attackers to inject arbitrary web script or HTML via the sid parameter.
Red Hat
gif2png: command-line buffer overflow problem
vendor_redhat·2009-10-14·CVSS 6.8
CVE-2010-4695 [MEDIUM] gif2png: command-line buffer overflow problem
gif2png: command-line buffer overflow problem
A certain Fedora patch for gif2png.c in gif2png 2.5.1 and 2.5.2, as distributed in gif2png-2.5.1-1200.fc12 on Fedora 12 and gif2png_2.5.2-1 on Debian GNU/Linux, truncates a GIF pathname specified on the command line, which might allow remote attackers to create PNG files in unintended directories via a crafted command-line argument, as demonstrated by a CGI program that launches gif2png, a different vulnerability than CVE-2009-5018.
Red Hat
gif2png: command-line buffer overflow problem
vendor_redhat·2009-10-14·CVSS 6.8
CVE-2010-4694 [MEDIUM] gif2png: command-line buffer overflow problem
gif2png: command-line buffer overflow problem
Buffer overflow in gif2png.c in gif2png 2.5.3 and earlier might allow context-dependent attackers to cause a denial of service (application crash) or have unspecified other impact via a GIF file that contains many images, leading to long extensions such as .p100 for PNG output files, as demonstrated by a CGI program that launches gif2png, a different vulnerability than CVE-2009-5018.
No detection rules found.
No writeups or analysis indexed.
http://packetstormsecurity.org/1006-exploits/2daybizocs-sqlxss.txthttp://secunia.com/advisories/40213http://www.exploit-db.com/exploits/13894http://www.securityfocus.com/bid/40890http://packetstormsecurity.org/1006-exploits/2daybizocs-sqlxss.txthttp://secunia.com/advisories/40213http://www.exploit-db.com/exploits/13894http://www.securityfocus.com/bid/40890
2011-11-02
Published