|
259031
|
- |
|
vtiger
|
vtiger_crm
|
The saveForwardAttachments procedure in the Compose Mail functionality in vtiger CRM 5.0.4 allows remote authenticated users to execute arbitrary code by composing an e-mail message with an attachmen…
|
CWE-20
Improper Input Validation
|
CVE-2009-3250
|
2017-09-19 10:29 |
2009-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259032
|
- |
|
dave_robinson
|
rockbandcms
|
Multiple SQL injection vulnerabilities in news.php in Rock Band CMS 0.10 allow remote attackers to execute arbitrary SQL commands via the (1) year and (2) id parameters.
|
CWE-89
SQL Injection
|
CVE-2009-3252
|
2017-09-19 10:29 |
2009-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259033
|
- |
|
tricerasoft
|
swift_ultralite
|
Stack-based buffer overflow in TriceraSoft Swift Ultralite 1.032 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long string in a .M3U playlist file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-3253
|
2017-09-19 10:29 |
2009-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259034
|
- |
|
ultimatevideosite
|
ultimate_player
|
Multiple stack-based buffer overflows in Ultimate Player 1.56 beta allow remote attackers to execute arbitrary code via a long string in a (1) .m3u or (2) .upl playlist file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-3254
|
2017-09-19 10:29 |
2009-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259035
|
- |
|
apple
|
safari
iphone_os
|
Apple Safari on iPhone OS 3.0.1 allows remote attackers to cause a denial of service (application crash) via a long tel: URL in the SRC attribute of an IFRAME element.
|
CWE-20
Improper Input Validation
|
CVE-2009-3271
|
2017-09-19 10:29 |
2009-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259036
|
- |
|
apple
|
safari
|
Stack consumption vulnerability in WebKit.dll in WebKit in Apple Safari 3.2.3, and possibly other versions before 4.1.2, allows remote attackers to cause a denial of service (application crash) via J…
|
CWE-399
Resource Management Errors
|
CVE-2009-3272
|
2017-09-19 10:29 |
2009-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259037
|
- |
|
frank_lichtenheld
|
fsphp
|
Multiple PHP remote file inclusion vulnerabilities in FSphp 0.2.1 allow remote attackers to execute arbitrary PHP code via a URL in the FSPHP_LIB parameter to (1) FSphp.php, (2) navigation.php, and (…
|
CWE-94
Code Injection
|
CVE-2009-3307
|
2017-09-19 10:29 |
2009-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259038
|
- |
|
fanupdate
|
fanupdate
|
SQL injection vulnerability in show-cat.php in FanUpdate 2.2.1 allows remote attackers to execute arbitrary SQL commands via the listingid parameter.
|
CWE-89
SQL Injection
|
CVE-2009-3308
|
2017-09-19 10:29 |
2009-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259039
|
- |
|
cfshopkart
|
cf_shopkart
|
SQL injection vulnerability in index.cfm in CF ShopKart 5.4 beta allows remote attackers to execute arbitrary SQL commands via the itemid parameter in a ViewDetails action, a different vector than CV…
|
CWE-89
SQL Injection
|
CVE-2009-3309
|
2017-09-19 10:29 |
2009-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259040
|
- |
|
shalwan
|
zainu
|
SQL injection vulnerability in index.php in Zainu 1.0 allows remote attackers to execute arbitrary SQL commands via the album_id parameter in an AlbumSongs action.
|
CWE-89
SQL Injection
|
CVE-2009-3310
|
2017-09-19 10:29 |
2009-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
