|
257171
|
- |
|
yourarticlesdirectory
|
your_articles_directory
|
SQL injection vulnerability in page.php in Your Articles Directory allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2009-2235
|
2017-09-19 10:29 |
2009-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257172
|
- |
|
yourarticlesdirectory
|
your_articles_directory
|
SQL injection vulnerability in yad-admin/login.php in Your Article Directory allows remote attackers to execute arbitrary SQL commands via the txtAdminEmail parameter. NOTE: some of these details ar…
|
CWE-89
SQL Injection
|
CVE-2009-2236
|
2017-09-19 10:29 |
2009-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257173
|
- |
|
joomla
|
com_casiino_blackjack
com_casino_videopoker
com_casinobase
|
SQL injection vulnerability in the (1) casinobase (com_casinobase), (2) casino_blackjack (com_casino_blackjack), and (3) casino_videopoker (com_casino_videopoker) components 0.3.1 for Joomla! allows …
|
CWE-89
SQL Injection
|
CVE-2009-2239
|
2017-09-19 10:29 |
2009-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257174
|
- |
|
aaronoutpost
|
asp_inline_corporate_calendar
|
Cross-site scripting (XSS) vulnerability in search.asp in ASP Inline Corporate Calendar allows remote attackers to inject arbitrary web script or HTML via the keyword parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-2241
|
2017-09-19 10:29 |
2009-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257175
|
- |
|
aaronoutpost
|
asp_inline_corporate_calendar
|
SQL injection vulnerability in active_appointments.asp in ASP Inline Corporate Calendar allows remote attackers to execute arbitrary SQL commands via the order parameter.
|
CWE-89
SQL Injection
|
CVE-2009-2242
|
2017-09-19 10:29 |
2009-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257176
|
- |
|
zen-cart
|
zen_cart
|
Zen Cart 1.3.8a, 1.3.8, and earlier does not require administrative authentication for admin/sqlpatch.php, which allows remote attackers to execute arbitrary SQL commands via the query_string paramet…
|
CWE-89
SQL Injection
|
CVE-2009-2254
|
2017-09-19 10:29 |
2009-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257177
|
- |
|
zen-cart
|
zen_cart
|
Zen Cart 1.3.8a, 1.3.8, and earlier does not require administrative authentication for admin/record_company.php, which allows remote attackers to execute arbitrary code by uploading a .php file via t…
|
CWE-287
Improper Authentication
|
CVE-2009-2255
|
2017-09-19 10:29 |
2009-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257178
|
- |
|
giorgio_tani
|
peazip
|
PeaZIP 2.6.1, 2.5.1, and earlier on Windows allows user-assisted remote attackers to execute arbitrary commands via a .zip archive with a .txt file whose name contains | (pipe) characters and a comma…
|
CWE-20
Improper Input Validation
|
CVE-2009-2261
|
2017-09-19 10:29 |
2009-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257179
|
- |
|
awesomephp
|
mega_file_manager
|
Directory traversal vulnerability in index.php in Awesome PHP Mega File Manager 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. NOT…
|
CWE-22
Path Traversal
|
CVE-2009-2263
|
2017-09-19 10:29 |
2009-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257180
|
- |
|
cpanel
|
cpanel
|
Directory traversal vulnerability in frontend/x3/stats/lastvisit.html in cPanel allows remote attackers to read arbitrary files via a .. (dot dot) in the domain parameter.
|
CWE-22
Path Traversal
|
CVE-2009-2275
|
2017-09-19 10:29 |
2009-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
