264301
|
- |
|
mortbay
|
jetty
|
Multiple cross-site scripting (XSS) vulnerabilities in Mort Bay Jetty 6.x and 7.0.0 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to jsp/dump.jsp in the JSP D…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4610
|
2011-08-8 13:00 |
2010-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264302
|
- |
|
mortbay
|
jetty
|
Multiple cross-site scripting (XSS) vulnerabilities in the WebApp JSP Snoop page in Mort Bay Jetty 6.1.x through 6.1.21 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4612
|
2011-08-8 13:00 |
2010-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264303
|
- |
|
netartmedia
|
real_estate_portal
|
SQL injection vulnerability in realestate20/loginaction.php in NetArt Media Real Estate Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the Password parameter. NOTE: the pro…
|
CWE-89
SQL Injection
|
CVE-2009-4613
|
2011-08-8 13:00 |
2010-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264304
|
- |
|
scponly
|
scponly
|
scponly 4.6 and earlier allows remote authenticated users to bypass intended restrictions and execute code by invoking dangerous subcommands including (1) unison, (2) rsync, (3) svn, and (4) svnserve…
|
NVD-CWE-noinfo CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-6350
|
2011-08-8 13:00 |
2007-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264305
|
- |
|
x-scripts
|
x-poll
|
SQL injection vulnerability in top.php in X-Scripts X-Poll, probably 2.30, allows remote attackers to execute arbitrary SQL commands via the poll parameter. NOTE: the provenance of this information …
|
CWE-89
SQL Injection
|
CVE-2006-3960
|
2011-08-5 13:00 |
2006-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264306
|
- |
|
newsboard
|
unclassified_newsboard
|
SQL injection vulnerability in search.inc.php in Unclassified NewsBoard before 1.5.3 Patch 4 allows remote attackers to execute arbitrary SQL commands via the (1) DateFrom or (2) DateUntil parameter …
|
CWE-89
SQL Injection
|
CVE-2005-3686
|
2011-08-5 13:00 |
2005-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264307
|
- |
|
phpcomasy
|
phpcomasy
|
SQL injection vulnerability in index.php in phpComasy 0.7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: an examination of the 0.7.5 source code …
|
CWE-89
SQL Injection
|
CVE-2005-3744
|
2011-08-5 13:00 |
2005-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264308
|
- |
|
tru-zone
|
nukeet
|
SQL injection vulnerability in the Search module in Tru-Zone Nuke ET 3.2, and possibly earlier versions, allows remote attackers to execute arbitrary SQL commands via the query parameter.
|
CWE-89
SQL Injection
|
CVE-2005-3748
|
2011-08-5 13:00 |
2005-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264309
|
- |
|
omnistar_interactive
|
omnistar_live
|
SQL injection vulnerability in kb.php in Omnistar Live 5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) category_id parameter. NOTE: due to a typo, an…
|
CWE-89
SQL Injection
|
CVE-2005-3840
|
2011-08-5 13:00 |
2005-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264310
|
- |
|
altantisfaq
|
altantis_knowledge_base_software
|
SQL injection vulnerability in search.php in AtlantisFAQ Knowledge Base Software 2.03 and earlier allows remote attackers to execute arbitrary SQL commands via the searchStr parameter.
|
CWE-89
SQL Injection
|
CVE-2005-3881
|
2011-08-5 13:00 |
2005-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|