|
258121
|
- |
|
stefan_auditor
|
vcard
|
Cross-site scripting (XSS) vulnerability in vCard 5.x before 5.x-1.4 and 6.x before 6.x-1.3, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vector…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3779
|
2017-08-17 10:31 |
2009-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258122
|
- |
|
ashok_modi
|
abuse
|
Cross-site scripting (XSS) vulnerability in Abuse 5.x before 5.x-2.1 and 6.x before 6.x-1.1-alpha1, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3780
|
2017-08-17 10:31 |
2009-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258123
|
- |
|
2bits
|
userpoints
|
Unspecified vulnerability in Userpoints 6.x before 6.x-1.1, a module for Drupal, allows remote authenticated users with "View own userpoints" permissions to read the userpoint data of arbitrary users…
|
CWE-200
Information Exposure
|
CVE-2009-3782
|
2017-08-17 10:31 |
2009-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258124
|
- |
|
sjoerd_arendsen
|
simplenews_statistics
|
Cross-site scripting (XSS) vulnerability in Simplenews Statistics 6.x before 6.x-2.0, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vector.
|
CWE-79
Cross-site Scripting
|
CVE-2009-3783
|
2017-08-17 10:31 |
2009-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258125
|
- |
|
sjoerd_arendsen
|
simplenews_statistics
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Simplenews Statistics 6.x before 6.x-2.0, a module for Drupal, allow remote attackers to hijack the authentication of arbitrary users via…
|
CWE-352
Origin Validation Error
|
CVE-2009-3785
|
2017-08-17 10:31 |
2009-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258126
|
- |
|
moshe_weitzman
|
og_vocab
|
Cross-site scripting (XSS) vulnerability in Organic Groups (OG) Vocabulary 5.x before 5.x-1.1 and 6.x before 6.x-1.1, a module for Drupal, allows remote attackers to inject arbitrary web script or HT…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3786
|
2017-08-17 10:31 |
2009-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258127
|
- |
|
opendocman
|
opendocman
|
SQL injection vulnerability in index.php in OpenDocMan 1.2.5 allows remote attackers to execute arbitrary SQL commands via the frmuser (aka Username) parameter.
|
CWE-89
SQL Injection
|
CVE-2009-3788
|
2017-08-17 10:31 |
2009-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258128
|
- |
|
opendocman
|
opendocman
|
Multiple cross-site scripting (XSS) vulnerabilities in OpenDocMan 1.2.5 allow remote attackers to inject arbitrary web script or HTML via the last_message parameter to (1) add.php, (2) toBePublished.…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3789
|
2017-08-17 10:31 |
2009-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258129
|
- |
|
cutepdf
|
formmax
|
Heap-based buffer overflow in FormMax (formerly AcroForm) evaluation 3.5 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted FormMax import (.aim) fi…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-3790
|
2017-08-17 10:31 |
2009-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258130
|
- |
|
amirocms
|
amiro.cms
|
Amiro.CMS 5.4.0.0 and earlier allows remote attackers to obtain sensitive information via an invalid loginname ("%%%") to _admin/index.php, which reveals the installation path and other information i…
|
CWE-20
Improper Input Validation
|
CVE-2009-3802
|
2017-08-17 10:31 |
2009-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
