|
259031
|
- |
|
allisclear
|
clear_content
|
Directory traversal vulnerability in image.php in Clear Content 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the url parameter. NOTE: the researcher also suggests an ana…
|
CWE-22
Path Traversal
|
CVE-2009-3535
|
2017-09-19 10:29 |
2009-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259032
|
- |
|
epicdjsoftware
|
epicvj
|
Multiple stack-based buffer overflows in EpicDJSoftware EpicVJ 1.2.8.0 and 1.3.1.2 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a lon…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-3536
|
2017-09-19 10:29 |
2009-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259033
|
- |
|
epicdjsoftware
|
epicdj
|
Multiple stack-based buffer overflows in EpicDJSoftware EpicDJ 1.3.9.1 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-3537
|
2017-09-19 10:29 |
2009-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259034
|
- |
|
phpgenealogy
|
phpgenealogy
|
PHP remote file inclusion vulnerability in CoupleDB.php in PHPGenealogy 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the DataDirectory parameter.
|
CWE-94
Code Injection
|
CVE-2009-3541
|
2017-09-19 10:29 |
2009-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259035
|
- |
|
phenotype-cms
|
phenotype_cms
|
SQL injection vulnerability in _phenotype/admin/login.php in Phenotype CMS before 2.9 allows remote attackers to execute arbitrary SQL commands via the user parameter (aka the login name).
|
CWE-89
SQL Injection
|
CVE-2009-3543
|
2017-09-19 10:29 |
2009-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259036
|
- |
|
xerver
|
xerver
|
Xerver HTTP Server 4.32 allows remote attackers to obtain the source code for a web page via an HTTP request with the addition of ::$DATA after the HTML file name.
|
CWE-200
Information Exposure
|
CVE-2009-3544
|
2017-09-19 10:29 |
2009-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259037
|
- |
|
datawizard
|
ftpxq_server
|
DataWizard Technologies FtpXQ FTP Server 3.0 allows remote authenticated users to cause a denial of service (crash) via a long ABOR command.
|
CWE-20
Improper Input Validation
|
CVE-2009-3545
|
2017-09-19 10:29 |
2009-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259038
|
- |
|
wireshark
|
wireshark
|
packet-paltalk.c in the Paltalk dissector in Wireshark 1.2.0 through 1.2.2, on SPARC and certain other platforms, allows remote attackers to cause a denial of service (application crash) via a file t…
|
CWE-20
Improper Input Validation
|
CVE-2009-3549
|
2017-09-19 10:29 |
2009-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259039
|
- |
|
xerver
|
xerver
|
Directory traversal vulnerability in Xerver HTTP Server 4.32 allows remote attackers to read arbitrary files via a full pathname with a drive letter in the currentPath parameter in a chooseDirectory …
|
CWE-22
Path Traversal
|
CVE-2009-3561
|
2017-09-19 10:29 |
2009-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259040
|
- |
|
xerver
|
xerver
|
Cross-site scripting (XSS) vulnerability in Xerver HTTP Server 4.32 allows remote attackers to inject arbitrary web script or HTML via the currentPath parameter in a chooseDirectory action.
|
CWE-79
Cross-site Scripting
|
CVE-2009-3562
|
2017-09-19 10:29 |
2009-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
