|
257801
|
- |
|
bitweaver
|
bitweaver
|
Multiple static code injection vulnerabilities in the saveFeed function in rss/feedcreator.class.php in Bitweaver 2.6 and earlier allow (1) remote authenticated users to inject arbitrary PHP code int…
|
CWE-94
Code Injection
|
CVE-2009-1677
|
2017-09-29 10:34 |
2009-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257802
|
- |
|
bitweaver
|
bitweaver
|
Directory traversal vulnerability in the saveFeed function in rss/feedcreator.class.php in Bitweaver 2.6 and earlier allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) …
|
CWE-22
Path Traversal
|
CVE-2009-1678
|
2017-09-29 10:34 |
2009-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257803
|
- |
|
apple
|
safari
|
The JavaScript garbage collector in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle allocation failures, which …
|
CWE-399
Resource Management Errors
|
CVE-2009-1687
|
2017-09-29 10:34 |
2009-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257804
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Heap-based buffer overflow in ColorSync in Apple Mac OS X 10.4.11 and 10.5 before 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a craft…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-1726
|
2017-09-29 10:34 |
2009-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257805
|
- |
|
omnisoftsol
|
vidsharepro
|
SQL injection vulnerability in listing_video.php in VidSharePro allows remote attackers to execute arbitrary SQL commands via the catid parameter.
|
CWE-89
SQL Injection
|
CVE-2009-1734
|
2017-09-29 10:34 |
2009-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257806
|
- |
|
omnisoftsol
|
vidsharepro
|
Cross-site scripting (XSS) vulnerability in search.php in VidSharePro allows remote attackers to inject arbitrary web script or HTML via the searchtxt parameter. NOTE: some of these details are obta…
|
CWE-79
Cross-site Scripting
|
CVE-2009-1735
|
2017-09-29 10:34 |
2009-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257807
|
- |
|
joomla
|
com_gsticketsystem
|
SQL injection vulnerability in the GridSupport (GS) Ticket System (com_gsticketsystem) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a vie…
|
CWE-89
SQL Injection
|
CVE-2009-1736
|
2017-09-29 10:34 |
2009-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257808
|
- |
|
phpeasycode
|
pad_site_scripts
|
PAD Site Scripts 3.6 allows remote attackers to bypass authentication and gain privileges as other users, including administrative privileges, by setting the authuser cookie parameter to a valid user…
|
CWE-20
Improper Input Validation
|
CVE-2009-1739
|
2017-09-29 10:34 |
2009-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257809
|
- |
|
dutchmonkey
|
dm_filemanager
|
Multiple SQL injection vulnerabilities in login.php in DM FileManager 3.9.2, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) P…
|
CWE-89
SQL Injection
|
CVE-2009-1741
|
2017-09-29 10:34 |
2009-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257810
|
- |
|
pc4arb
|
pc4_uploader
|
code.php in PC4Arb Pc4 Uploader 9.0 and earlier makes it easier for remote attackers to conduct SQL injection attacks via crafted keyword sequences that are removed from a filter in the id parameter …
|
CWE-89
SQL Injection
|
CVE-2009-1742
|
2017-09-29 10:34 |
2009-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
