|
257231
|
- |
|
submitterscript
|
submitterscript
|
Multiple SQL injection vulnerabilities in admin/index.php in Submitter Script 2 allow remote attackers to execute arbitrary SQL commands via (1) the uNev parameter (aka the username field) or (2) the…
|
CWE-89
SQL Injection
|
CVE-2009-1813
|
2017-09-29 10:34 |
2009-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257232
|
- |
|
jevontech
|
phpenpals
|
SQL injection vulnerability in mail.php in PHPenpals 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter. NOTE: the profile.php vector is already covered b…
|
CWE-89
SQL Injection
|
CVE-2009-1814
|
2017-09-29 10:34 |
2009-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257233
|
- |
|
sonicspot
|
audioactive_player
|
Stack-based buffer overflow in Sonic Spot Audioactive Player 1.93b allows remote attackers to execute arbitrary code via a long string in a playlist file, as demonstrated by a long .mp3 URL in a .m3u…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-1815
|
2017-09-29 10:34 |
2009-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257234
|
- |
|
mygamescript
|
my_game_script
|
SQL injection vulnerability in admin.php in My Game Script 2.0 allows remote attackers to execute arbitrary SQL commands via the user parameter (aka the username field). NOTE: some of these details …
|
CWE-89
SQL Injection
|
CVE-2009-1816
|
2017-09-29 10:34 |
2009-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257235
|
- |
|
digimode10
|
maya
|
Multiple buffer overflows in DigiMode Maya 1.0.2 allow remote attackers to execute arbitrary code via a long string in a malformed (1) .m3u or (2) .m3l playlist file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-1817
|
2017-09-29 10:34 |
2009-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257236
|
- |
|
maxcms
|
maxcms
|
SQL injection vulnerability in admin/admin_manager.asp in MaxCMS 2.0 allows remote attackers to execute arbitrary SQL commands via an m_username cookie in an add action.
|
CWE-89
SQL Injection
|
CVE-2009-1818
|
2017-09-29 10:34 |
2009-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257237
|
- |
|
2daybiz
|
custom_t-shirt_design_script
|
SQL injection vulnerability in product.php in 2daybiz Custom T-shirt Design Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2009-1819
|
2017-09-29 10:34 |
2009-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257238
|
- |
|
2daybiz
|
custom_t-shirt_design_script
|
Cross-site scripting (XSS) vulnerability in product.php in 2daybiz Custom T-shirt Design Script allows remote attackers to inject arbitrary web script or HTML via the id parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-1820
|
2017-09-29 10:34 |
2009-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257239
|
- |
|
dmxready
|
registration_manager
|
DMXReady Registration Manager 1.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request fo…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-1821
|
2017-09-29 10:34 |
2009-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257240
|
- |
|
gonzalo_maser
|
com_artforms
|
Multiple PHP remote file inclusion vulnerabilities in the InterJoomla ArtForms (com_artforms) component 2.1b7 for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConf…
|
CWE-94
Code Injection
|
CVE-2009-1822
|
2017-09-29 10:34 |
2009-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
