|
267041
|
- |
|
alexandre_amaral
|
xoops_celepar
|
Cross-site scripting (XSS) vulnerability in the quiz module for XOOPS Celepar allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to cadastro_usuario.php.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4714
|
2010-03-17 13:00 |
2010-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267042
|
- |
|
gonafish
|
webstatcaffe
|
SQL injection vulnerability in visitorduration.php in Gonafish WebStatCaffe allows remote attackers to execute arbitrary SQL commands via the nodayshow parameter. NOTE: the provenance of this inform…
|
CWE-89
SQL Injection
|
CVE-2009-4718
|
2010-03-17 06:43 |
2010-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267043
|
- |
|
yuri_d\'elia
|
dl
|
Cross-site scripting (XSS) vulnerability in index.php in dl Download Ticket Service before 0.7 allows remote attackers to inject arbitrary web script or HTML via the t parameter, related to an invali…
|
CWE-79
Cross-site Scripting
|
CVE-2010-0963
|
2010-03-17 04:00 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267044
|
- |
|
dirk_maiwert
|
datamints_newsticker
|
SQL injection vulnerability in the datamints Newsticker (datamints_newsticker) extension before 0.7.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2009-4709
|
2010-03-17 00:03 |
2010-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267045
|
- |
|
liviu_mitrofan
|
myth_download
|
SQL injection vulnerability in the Myth download (myth_download) extension 0.1.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2009-4701
|
2010-03-16 13:00 |
2010-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267046
|
- |
|
markus_barchfeld
|
pm_tour
|
SQL injection vulnerability in the Tour Extension (pm_tour) extension before 0.0.13 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2009-4702
|
2010-03-16 13:00 |
2010-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267047
|
- |
|
typo3
|
ws_gallery
|
SQL injection vulnerability in the Webesse Image Gallery (ws_gallery) extension 1.0.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2009-4703
|
2010-03-16 13:00 |
2010-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267048
|
- |
|
typo3
|
ws_ecard
|
Unspecified vulnerability in the Webesse E-Card (ws_ecard) extension 1.0.2 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2009-4704
|
2010-03-16 13:00 |
2010-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267049
|
- |
|
thomas_loeffler
|
twittersearch
|
Cross-site scripting (XSS) vulnerability in the Twitter Search (twittersearch) extension before 0.1.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4705
|
2010-03-16 13:00 |
2010-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267050
|
- |
|
sebastian_winterhalder
|
mailform
|
Cross-site scripting (XSS) vulnerability in the Mailform (mailform) extension before 0.9.24 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4706
|
2010-03-16 13:00 |
2010-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
