|
257471
|
- |
|
blizzard
|
warcraft_3_the_frozen_throne
|
Unspecified vulnerability in the JASS script interpreter in Warcraft III: The Frozen Throne 1.24b and earlier allows user-assisted remote attackers to execute arbitrary code via a crafted custom map.…
|
CWE-94
Code Injection
|
CVE-2009-4768
|
2017-08-17 10:31 |
2010-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257472
|
- |
|
ubercart
|
ubercart
|
The PayPal Website Payments Standard functionality in the Ubercart module 5.x before 5.x-1.9 and 6.x before 6.x-2.1 for Drupal does not properly validate orders, which allows remote attackers to trig…
|
CWE-20
Improper Input Validation
|
CVE-2009-4771
|
2017-08-17 10:31 |
2010-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257473
|
- |
|
ubercart
|
ubercart
|
Unspecified vulnerability in the PayPal Website Payments Standard functionality in the Ubercart module 5.x before 5.x-1.9 and 6.x before 6.x-2.1 for Drupal, when a custom checkout completion message …
|
NVD-CWE-noinfo
|
CVE-2009-4772
|
2017-08-17 10:31 |
2010-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257474
|
- |
|
ubercart
|
ubercart
|
Cross-site request forgery (CSRF) vulnerability in the order-management functionality in the Ubercart module 5.x before 5.x-1.9 and 6.x before 6.x-2.1 for Drupal allows remote attackers to hijack the…
|
CWE-352
Origin Validation Error
|
CVE-2009-4773
|
2017-08-17 10:31 |
2010-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257475
|
- |
|
hitachi
|
jp1_integrated_management_service_support
jp1\/automatic_job_management_system_2-view
job_management_partner_1\/automatic_job_management_system_2-view
job_management_partner_1\/integrated_ma…
|
Unspecified vulnerability in multiple versions of Hitachi JP1/Automatic Job Management System 2 - View, JP1/Integrated Management - View, and JP1/Cm2/SNMP System Observer, allows remote attackers to …
|
NVD-CWE-noinfo
|
CVE-2009-4777
|
2017-08-17 10:31 |
2010-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257476
|
- |
|
robert_garrigos
|
nukehall
|
Multiple PHP remote file inclusion vulnerabilities in NukeHall 0.3 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter to (1) blocks.php, (2) message…
|
CWE-94
Code Injection
|
CVE-2009-4779
|
2017-08-17 10:31 |
2010-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257477
|
- |
|
xlightftpd
|
xlight_ftp_server
|
Multiple SQL injection vulnerabilities in Xlight FTP Server before 3.2.1, when ODBC authentication is enabled, allow remote attackers to execute arbitrary SQL commands via the (1) USER (aka username)…
|
CWE-89
SQL Injection
|
CVE-2009-4795
|
2017-08-17 10:31 |
2010-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257478
|
- |
|
wolfram
|
webmathematica
|
Cross-site scripting (XSS) vulnerability in Wolfram Research webMathematica allows remote attackers to inject arbitrary web script or HTML via the URI to the MSP script.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4814
|
2017-08-17 10:31 |
2010-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257479
|
- |
|
andy_stedemos
|
the_uploader
|
Directory traversal vulnerability in api/download_checker.php in MegaLab The Uploader 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter.
|
CWE-22
Path Traversal
|
CVE-2009-4816
|
2017-08-17 10:31 |
2010-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257480
|
- |
|
element-it
|
ultimate_uploader
|
Unrestricted file upload vulnerability in Element-IT Ultimate Uploader 1.3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a …
|
NVD-CWE-Other
|
CVE-2009-4817
|
2017-08-17 10:31 |
2010-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
