|
275741
|
- |
|
mozilla
|
bugzilla
|
SQL injection vulnerability in the Bug.create WebService function in Bugzilla 2.23.4 through 3.0.8, 3.1.1 through 3.2.4, and 3.3.1 through 3.4.1 allows remote attackers to execute arbitrary SQL comma…
|
CWE-89
SQL Injection
|
CVE-2009-3165
|
2009-09-16 13:00 |
2009-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275742
|
- |
|
videogirls
|
videogirls_biz
|
Multiple cross-site scripting (XSS) vulnerabilities in VideoGirls BiZ allow remote attackers to inject arbitrary web script or HTML via the (1) t parameter to forum.php, (2) profile_name parameter to…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3186
|
2009-09-16 13:00 |
2009-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275743
|
- |
|
standalonearcade
|
saa
|
Cross-site scripting (XSS) vulnerability in gamelist.php in Stand Alone Arcade 1.1 allows remote attackers to inject arbitrary web script or HTML via the cat parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-3187
|
2009-09-16 13:00 |
2009-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275744
|
- |
|
digioz
|
digioz_guestbook
|
Cross-site scripting (XSS) vulnerability in search.php in DigiOz Guestbook 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the search_term parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-3189
|
2009-09-16 13:00 |
2009-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275745
|
- |
|
jce-tech
|
searchfeed_script
|
Cross-site scripting (XSS) vulnerability in index.php in JCE-Tech SearchFeed Script allows remote attackers to inject arbitrary web script or HTML via the search parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-3194
|
2009-09-16 13:00 |
2009-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275746
|
- |
|
jce-tech
|
auction_rss_content_script
|
Multiple cross-site scripting (XSS) vulnerabilities in JCE-Tech Auction RSS Content Script 3.0 allow remote attackers to inject arbitrary web script or HTML via the id parameter to (1) rss.php and (2…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3195
|
2009-09-16 13:00 |
2009-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275747
|
- |
|
jce-tech
|
php_video_script
|
Cross-site scripting (XSS) vulnerability in index.php in JCE-Tech PHP Video Script allows remote attackers to inject arbitrary web script or HTML via the key parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-3196
|
2009-09-16 13:00 |
2009-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275748
|
- |
|
jce-tech
|
php_calendars_script
|
Cross-site scripting (XSS) vulnerability in search.php in JCE-Tech PHP Calendars Script allows remote attackers to inject arbitrary web script or HTML via the search parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-3197
|
2009-09-16 13:00 |
2009-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275749
|
- |
|
jce-tech
|
affiliate_master_datafeed_parser
|
Cross-site scripting (XSS) vulnerability in search.php in JCE-Tech Affiliate Master Datafeed Parser Script 2.0 allows remote attackers to inject arbitrary web script or HTML via the search parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-3198
|
2009-09-16 13:00 |
2009-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275750
|
- |
|
debian
|
newsgate
|
mkmailpost in newsgate 1.6 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/mmp##### temporary file.
|
CWE-59
Link Following
|
CVE-2008-4975
|
2009-09-15 14:19 |
2008-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
