|
270851
|
- |
|
fijiwebdesign
|
com_ajaxchat
|
PHP remote file inclusion vulnerability in Fiji Web Design Ajax Chat (com_ajaxchat) component 1.0 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[mosConfig_…
|
CWE-94
Code Injection
|
CVE-2009-3822
|
2009-10-28 19:30 |
2009-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270852
|
- |
|
opendocman
|
opendocman
|
SQL injection vulnerability in index.php in OpenDocMan 1.2.5 allows remote attackers to execute arbitrary SQL commands via the frmpass (aka Password) parameter. NOTE: the provenance of this informat…
|
CWE-89
SQL Injection
|
CVE-2009-3801
|
2009-10-28 13:00 |
2009-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270853
|
- |
|
runcms
|
runcms
|
Multiple SQL injection vulnerabilities in modules/forum/post.php in RunCMS 2M1 allow remote authenticated users to execute arbitrary SQL commands via (1) the pid parameter, which is not properly hand…
|
CWE-89
SQL Injection
|
CVE-2009-3804
|
2009-10-28 13:00 |
2009-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270854
|
- |
|
runcms
|
runcms
|
Multiple SQL injection vulnerabilities in RunCMS 2M1 allow remote authenticated users to execute arbitrary SQL commands via the (1) forum parameter to modules/forum/post.php and possibly (2) forum_id…
|
CWE-89
SQL Injection
|
CVE-2009-3813
|
2009-10-28 13:00 |
2009-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270855
|
- |
|
runcms
|
runcms
|
Static code injection vulnerability in RunCMS 2M1 allows remote authenticated administrators to execute arbitrary PHP code via the "Filter/Banning" feature, as demonstrated by modifying modules/syste…
|
CWE-94
Code Injection
|
CVE-2009-3814
|
2009-10-28 13:00 |
2009-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270856
|
- |
|
runcms
|
runcms
|
RunCMS 2M1, when running with certain error_reporting levels, allows remote attackers to obtain sensitive information via (1) the op[] parameter to modules/contact/index.php or (2) uid[] parameter to…
|
CWE-200
Information Exposure
|
CVE-2009-3815
|
2009-10-28 13:00 |
2009-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270857
|
- |
|
ibm
|
rational_requisitepro
|
Multiple cross-site scripting (XSS) vulnerabilities in the ReqWeb Help feature (aka the Web Client Help system) in IBM Rational RequisitePro 7.1.0 allow remote attackers to inject arbitrary web scrip…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3730
|
2009-10-27 14:28 |
2009-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270858
|
- |
|
mysql-ocaml
|
mysql-ocaml
|
The mysql-ocaml bindings 1.0.4 for MySQL do not properly support the mysql_real_escape_string function, which might allow remote attackers to leverage escaping issues involving multibyte character en…
|
NVD-CWE-noinfo
|
CVE-2009-2942
|
2009-10-27 14:27 |
2009-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270859
|
- |
|
sjoerd_arendsen
|
simplenews_statistics
|
Open redirect vulnerability in Simplenews Statistics 6.x before 6.x-2.0, a module for Drupal, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspeci…
|
CWE-352
Origin Validation Error
|
CVE-2009-3784
|
2009-10-27 13:00 |
2009-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270860
|
- |
|
ocaml
|
postgresql-ocaml
|
The postgresql-ocaml bindings 1.5.4, 1.7.0, and 1.12.1 for PostgreSQL libpq do not properly support the PQescapeStringConn function, which might allow remote attackers to leverage escaping issues inv…
|
NVD-CWE-noinfo
|
CVE-2009-2943
|
2009-10-23 13:00 |
2009-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
