|
267861
|
- |
|
videogirls
|
videogirls_biz
|
Multiple cross-site scripting (XSS) vulnerabilities in VideoGirls BiZ allow remote attackers to inject arbitrary web script or HTML via the (1) t parameter to forum.php, (2) profile_name parameter to…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3186
|
2009-09-16 13:00 |
2009-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267862
|
- |
|
standalonearcade
|
saa
|
Cross-site scripting (XSS) vulnerability in gamelist.php in Stand Alone Arcade 1.1 allows remote attackers to inject arbitrary web script or HTML via the cat parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-3187
|
2009-09-16 13:00 |
2009-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267863
|
- |
|
digioz
|
digioz_guestbook
|
Cross-site scripting (XSS) vulnerability in search.php in DigiOz Guestbook 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the search_term parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-3189
|
2009-09-16 13:00 |
2009-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267864
|
- |
|
jce-tech
|
searchfeed_script
|
Cross-site scripting (XSS) vulnerability in index.php in JCE-Tech SearchFeed Script allows remote attackers to inject arbitrary web script or HTML via the search parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-3194
|
2009-09-16 13:00 |
2009-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267865
|
- |
|
jce-tech
|
auction_rss_content_script
|
Multiple cross-site scripting (XSS) vulnerabilities in JCE-Tech Auction RSS Content Script 3.0 allow remote attackers to inject arbitrary web script or HTML via the id parameter to (1) rss.php and (2…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3195
|
2009-09-16 13:00 |
2009-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267866
|
- |
|
jce-tech
|
php_video_script
|
Cross-site scripting (XSS) vulnerability in index.php in JCE-Tech PHP Video Script allows remote attackers to inject arbitrary web script or HTML via the key parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-3196
|
2009-09-16 13:00 |
2009-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267867
|
- |
|
jce-tech
|
php_calendars_script
|
Cross-site scripting (XSS) vulnerability in search.php in JCE-Tech PHP Calendars Script allows remote attackers to inject arbitrary web script or HTML via the search parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-3197
|
2009-09-16 13:00 |
2009-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267868
|
- |
|
jce-tech
|
affiliate_master_datafeed_parser
|
Cross-site scripting (XSS) vulnerability in search.php in JCE-Tech Affiliate Master Datafeed Parser Script 2.0 allows remote attackers to inject arbitrary web script or HTML via the search parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-3198
|
2009-09-16 13:00 |
2009-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267869
|
- |
|
debian
|
newsgate
|
mkmailpost in newsgate 1.6 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/mmp##### temporary file.
|
CWE-59
Link Following
|
CVE-2008-4975
|
2009-09-15 14:19 |
2008-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267870
|
- |
|
shrubbery
|
rancid
|
getipacctg in rancid 2.3.2~a8 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/ipacct.#####.prefixes, (2) /tmp/ipacct.#####.sorted, (3) /tmp/ipacct.#####.pl, and (4) /…
|
CWE-59
Link Following
|
CVE-2008-4979
|
2009-09-15 14:19 |
2008-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
