|
257341
|
- |
|
flexcms
|
flexcms
|
SQL injection vulnerability in FlexCMS 2.5 allows remote attackers to execute arbitrary SQL commands via the ItemId parameter. NOTE: some of these details are obtained from third party information.
|
CWE-89
SQL Injection
|
CVE-2009-1256
|
2017-09-29 10:34 |
2009-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257342
|
- |
|
magic_iso_maker
|
magic_iso_maker
|
Heap-based buffer overflow in Magic ISO Maker 5.5 build 0274 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted CCD file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-1257
|
2017-09-29 10:34 |
2009-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257343
|
- |
|
insanevisions
|
adaptbb
|
SQL injection vulnerability in inc/bb/topic.php in Insane Visions AdaptBB 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the topic_id parameter …
|
CWE-89
SQL Injection
|
CVE-2009-1259
|
2017-09-29 10:34 |
2009-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257344
|
- |
|
ezbsystems
|
ultraiso
|
Multiple stack-based buffer overflows in UltraISO 9.3.3.2685 and earlier allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted (1) CCD or (2) IMG file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-1260
|
2017-09-29 10:34 |
2009-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257345
|
- |
|
alikonweb
|
com_bookjoomlas
|
SQL injection vulnerability in sub_commententry.php in the BookJoomlas (com_bookjoomlas) component 0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gbid parameter in …
|
CWE-89
SQL Injection
|
CVE-2009-1263
|
2017-09-29 10:34 |
2009-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257346
|
- |
|
gravityboardx
|
gravity_board_x
|
SQL injection vulnerability in index.php in Gravity Board X (GBX) 2.0 BETA allows remote attackers to execute arbitrary SQL commands via the member_id parameter in a viewprofile action. NOTE: the bo…
|
CWE-89
SQL Injection
|
CVE-2009-1277
|
2017-09-29 10:34 |
2009-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257347
|
- |
|
gravityboardx
|
gravity_board_x
|
Static code injection vulnerability in forms/ajax/configure.php in Gravity Board X (GBX) 2.0 BETA allows remote attackers to inject arbitrary PHP code into config.php via the configure action to inde…
|
CWE-94
Code Injection
|
CVE-2009-1278
|
2017-09-29 10:34 |
2009-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257348
|
- |
|
glfusion
|
glfusion
|
SQL injection vulnerability in private/system/lib-session.php in glFusion 1.1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the glf_session cookie parameter.
|
CWE-89
SQL Injection
|
CVE-2009-1282
|
2017-09-29 10:34 |
2009-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257349
|
- |
|
glfusion
|
glfusion
|
glFusion before 1.1.3 performs authentication with a user-provided password hash instead of a password, which allows remote attackers to gain privileges by obtaining the hash and using it in the glf_…
|
CWE-310
Cryptographic Issues
|
CVE-2009-1283
|
2017-09-29 10:34 |
2009-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257350
|
- |
|
webfileexplorer
|
web_file_explorer
|
body.asp in Web File Explorer 3.1 allows remote attackers to create arbitrary files and execute arbitrary code via the savefile action with a file parameter containing a filename that has an executab…
|
NVD-CWE-noinfo
|
CVE-2009-1314
|
2017-09-29 10:34 |
2009-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
