|
267521
|
- |
|
standalonearcade
|
saa
|
Cross-site scripting (XSS) vulnerability in gamelist.php in Stand Alone Arcade 1.1 allows remote attackers to inject arbitrary web script or HTML via the cat parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-3187
|
2009-09-16 13:00 |
2009-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267522
|
- |
|
digioz
|
digioz_guestbook
|
Cross-site scripting (XSS) vulnerability in search.php in DigiOz Guestbook 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the search_term parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-3189
|
2009-09-16 13:00 |
2009-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267523
|
- |
|
jce-tech
|
searchfeed_script
|
Cross-site scripting (XSS) vulnerability in index.php in JCE-Tech SearchFeed Script allows remote attackers to inject arbitrary web script or HTML via the search parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-3194
|
2009-09-16 13:00 |
2009-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267524
|
- |
|
jce-tech
|
auction_rss_content_script
|
Multiple cross-site scripting (XSS) vulnerabilities in JCE-Tech Auction RSS Content Script 3.0 allow remote attackers to inject arbitrary web script or HTML via the id parameter to (1) rss.php and (2…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3195
|
2009-09-16 13:00 |
2009-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267525
|
- |
|
jce-tech
|
php_video_script
|
Cross-site scripting (XSS) vulnerability in index.php in JCE-Tech PHP Video Script allows remote attackers to inject arbitrary web script or HTML via the key parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-3196
|
2009-09-16 13:00 |
2009-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267526
|
- |
|
jce-tech
|
php_calendars_script
|
Cross-site scripting (XSS) vulnerability in search.php in JCE-Tech PHP Calendars Script allows remote attackers to inject arbitrary web script or HTML via the search parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-3197
|
2009-09-16 13:00 |
2009-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267527
|
- |
|
jce-tech
|
affiliate_master_datafeed_parser
|
Cross-site scripting (XSS) vulnerability in search.php in JCE-Tech Affiliate Master Datafeed Parser Script 2.0 allows remote attackers to inject arbitrary web script or HTML via the search parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-3198
|
2009-09-16 13:00 |
2009-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267528
|
- |
|
debian
|
newsgate
|
mkmailpost in newsgate 1.6 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/mmp##### temporary file.
|
CWE-59
Link Following
|
CVE-2008-4975
|
2009-09-15 14:19 |
2008-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267529
|
- |
|
shrubbery
|
rancid
|
getipacctg in rancid 2.3.2~a8 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/ipacct.#####.prefixes, (2) /tmp/ipacct.#####.sorted, (3) /tmp/ipacct.#####.pl, and (4) /…
|
CWE-59
Link Following
|
CVE-2008-4979
|
2009-09-15 14:19 |
2008-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267530
|
- |
|
zak_b_elep
|
rccp
|
delqueueask in rccp 0.9 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/cccp_tmp.txt temporary file.
|
CWE-59
Link Following
|
CVE-2008-4980
|
2009-09-15 14:19 |
2008-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
