|
264141
|
- |
|
k-factor
|
agoracart
|
Multiple cross-site request forgery (CSRF) vulnerabilities in AgoraCart 5.2.005 and 5.2.006 and AgoraCart GOLD 5.5.005 allow remote attackers to hijack the authentication of administrators for reques…
|
CWE-352
Origin Validation Error
|
CVE-2009-4555
|
2017-08-17 10:31 |
2010-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264142
|
- |
|
unleashedmind
|
img_assist
|
Cross-site scripting (XSS) vulnerability in the Image Assist module 5.x-1.x before 5.x-1.8, 5.x-2.x before 2.0-alpha4, 6.x-1.x before 6.x-1.1, 6.x-2.x before 2.0-alpha4, and 6.x-3.x-dev before 2009-0…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4557
|
2017-08-17 10:31 |
2010-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264143
|
- |
|
unleashedmind
|
img_assist
|
The Image Assist module 5.x-1.x before 5.x-1.8, 5.x-2.x before 2.0-alpha4, 6.x-1.x before 6.x-1.1, 6.x-2.x before 2.0-alpha4, and 6.x-3.x-dev before 2009-07-15, a module for Drupal, does not properly…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-4558
|
2017-08-17 10:31 |
2010-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264144
|
- |
|
nanwich
|
submitted_by
|
Cross-site scripting (XSS) vulnerability in the Submitted By module 6.x before 6.x-1.3 for Drupal allows remote authenticated users, with "administer content types" privileges, to inject arbitrary we…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4559
|
2017-08-17 10:31 |
2010-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264145
|
- |
|
zenphoto
|
zenphoto
|
SQL injection vulnerability in index.php in Zenphoto 1.2.5 allows remote attackers to execute arbitrary SQL commands via the title parameter in a news action. NOTE: the provenance of this informatio…
|
CWE-89
SQL Injection
|
CVE-2009-4566
|
2017-08-17 10:31 |
2010-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264146
|
- |
|
viscacha
|
viscacha
|
Multiple cross-site scripting (XSS) vulnerabilities in editprofile.php in Viscacha 0.8 Gold allow remote authenticated users to inject arbitrary web script or HTML via the (1) skype, (2) yahoo, (3) a…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4567
|
2017-08-17 10:31 |
2010-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264147
|
- |
|
elkagroup
|
image_gallery
|
SQL injection vulnerability in elkagroup Image Gallery allows remote attackers to execute arbitrary SQL commands via the id parameter to the default URI under news/.
|
CWE-89
SQL Injection
|
CVE-2009-4569
|
2017-08-17 10:31 |
2010-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264148
|
- |
|
joomlabear
|
mod_joomulus
|
Multiple cross-site scripting (XSS) vulnerabilities in the Joomulus (mod_joomulus) module 2.0 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the tagcloud parameter in a…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4573
|
2017-08-17 10:31 |
2010-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264149
|
- |
|
i-escorts
|
i-escorts_directory_script
|
SQL injection vulnerability in country_escorts.php in I-Escorts Directory Script allows remote attackers to execute arbitrary SQL commands via the country_id parameter.
|
CWE-89
SQL Injection
|
CVE-2009-4574
|
2017-08-17 10:31 |
2010-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264150
|
- |
|
qproje
|
com_qpersonel
|
Cross-site scripting (XSS) vulnerability in the Q-Personel (com_qpersonel) component 1.0.2 RC2 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the personel_sira paramet…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4575
|
2017-08-17 10:31 |
2010-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
