|
271171
|
- |
|
promosi-web
|
ardguest
|
Cross-site scripting (XSS) vulnerability in ardguest.php in Ardguest 1.8 allows remote attackers to inject arbitrary web script or HTML via the page parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-3668
|
2009-10-12 13:00 |
2009-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271172
|
- |
|
post_affiliate_pro
|
post_affiliate_pro
|
merchants/index.php in Post Affiliate Pro 2.0.4 and earlier, with magic_quotes_gpc disabled, allows remote attackers to include arbitrary local files via the md parameter, possibly due to a directory…
|
NVD-CWE-Other
|
CVE-2005-3910
|
2009-10-9 13:33 |
2005-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271173
|
- |
|
babe_logger
|
babe_logger
|
SQL injection vulnerability in Babe Logger 2 allows remote attackers to execute arbitrary SQL commands via the (1) gal parameter to index.php or (2) id parameter to comments.php.
|
NVD-CWE-Other
|
CVE-2005-3920
|
2009-10-9 13:33 |
2005-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271174
|
- |
|
socketkb
|
socketkb
|
PHP file include vulnerability in SocketKB 1.1.0 and earlier allows remote attackers to include arbitrary local files via the __f parameter.
|
NVD-CWE-Other
|
CVE-2005-3936
|
2009-10-9 13:33 |
2005-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271175
|
- |
|
softbiz
|
b2b_trading_marketplace_script
|
SQL injection vulnerability in Softbiz B2B Trading Marketplace Script 1.1 and earler allows remote attackers to execute arbitrary SQL commands via the cid parameter in (1) selloffers.php, (2) buyoffe…
|
NVD-CWE-Other
|
CVE-2005-3937
|
2009-10-9 13:33 |
2005-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271176
|
- |
|
softbiz
|
faq
|
SQL injection vulnerability in Softbiz FAQ Script 1.1 and earler allows remote attackers to execute arbitrary SQL commands via the id parameter in (1) index.php, (2) faq_qanda.php, (3) refer_friend.p…
|
NVD-CWE-Other
|
CVE-2005-3938
|
2009-10-9 13:33 |
2005-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271177
|
- |
|
inotify
|
incron
|
incron 0.5.5 does not initialize supplementary groups when running a process from a user's incrontabs, which causes the process to be run with the incrond supplementary groups and allows local users …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-3589
|
2009-10-9 00:30 |
2009-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271178
|
- |
|
dave_reid
gabor_hojtsy
|
commentrss
|
Comment RSS 5.x before 5.x-2.2 and 6.x before 6.x-2.2, a module for Drupal, does not properly enforce permissions when a link is added to the RSS feed, which allows remote attackers to obtain the nod…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-3568
|
2009-10-8 13:00 |
2009-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271179
|
- |
|
openbsd
|
openbsd
|
OpenBSD 4.4, 4.5, and 4.6, when running on an i386 kernel, does not properly handle XMM exceptions, which allows local users to cause a denial of service (kernel panic) via unspecified vectors.
|
NVD-CWE-Other
|
CVE-2009-3572
|
2009-10-8 13:00 |
2009-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271180
|
- |
|
openbsd
|
openbsd
|
Per: http://marc.info/?l=openbsd-security-announce&m=125474331811594
XMM exceptions are incorrectly handled in the OpenBSD/i386 kernel, resulting
in a kernel panic that can be triggered by a loca…
|
NVD-CWE-Other
|
CVE-2009-3572
|
2009-10-8 13:00 |
2009-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
