268131
|
- |
|
alstrasoft
|
askme_pro
|
Multiple SQL injection vulnerabilities in AlstraSoft AskMe Pro allow remote attackers to execute arbitrary SQL commands via the (1) que_id parameter to forum_answer.php or (2) the cat_id parameter to…
|
NVD-CWE-Other
|
CVE-2007-4085
|
2009-04-14 14:18 |
2007-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268132
|
- |
|
ibm
|
lotus_domino
|
The IMAP task in the server in IBM Lotus Domino 8.0.2 before FP1 IF1 and 8.5 before IF3 allows remote attackers to cause a denial of service (daemon crash) via a MIME e-mail message with RFC822 attac…
|
NVD-CWE-Other
|
CVE-2009-1286
|
2009-04-14 13:00 |
2009-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268133
|
- |
|
virtual_programming
|
vp-asp
|
SQL injection vulnerability in shopadmin.asp in VP-ASP 4.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username or (2) password fields.
|
NVD-CWE-Other
|
CVE-2002-1919
|
2009-04-11 13:14 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268134
|
- |
|
glfusion
|
glfusion
|
Cross-site scripting (XSS) vulnerability in glFusion before 1.1.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2009-1281
|
2009-04-10 13:00 |
2009-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268135
|
- |
|
stanislas_rolland
|
sr_feuser_register
|
Frontend User Registration (sr_feuser_register) extension 2.5.20 and earlier for TYPO3 does not properly verify access rights, which allows remote authenticated users to obtain sensitive information …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-1264
|
2009-04-8 13:00 |
2009-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268136
|
- |
|
drupal
|
feedapi_mapper
|
Cross-site scripting (XSS) vulnerability in Feed element mapper 5.x before 5.x-1.1, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via the content title in admin/…
|
CWE-79
Cross-site Scripting
|
CVE-2009-1249
|
2009-04-7 13:00 |
2009-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268137
|
- |
|
phpcredo
|
phcdownload
|
SQL injection vulnerability in admin/index.php in PHCDownload 1.1 allows remote attackers to execute arbitrary SQL commands via the hash parameter. NOTE: the provenance of this information is unknow…
|
CWE-89
SQL Injection
|
CVE-2008-6596
|
2009-04-6 13:00 |
2009-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268138
|
- |
|
phpcredo
|
phcdownload
|
Cross-site scripting (XSS) vulnerability in upload/install/index.php in PHCDownload 1.1 allows remote attackers to inject arbitrary web script or HTML via the step parameter. NOTE: the provenance of…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6597
|
2009-04-6 13:00 |
2009-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268139
|
- |
|
xmlportal
|
xmlportal
|
Cross-site scripting (XSS) vulnerability in the search feature in XMLPortal 3.0 allows remote attackers to inject arbitrary web script or HTML via the query parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-6600
|
2009-04-6 13:00 |
2009-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268140
|
- |
|
easyscripts
|
easynews
|
easyNews 1.5 and earlier stores administration passwords in cleartext in settings.php, which allows local users to obtain the passwords and gain access.
|
NVD-CWE-Other
|
CVE-2001-1527
|
2009-04-3 13:11 |
2001-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|