|
258441
|
- |
|
nathan_haug
|
webform
|
Cross-site scripting (XSS) vulnerability in the Webform module 5.x before 5.x-2.8 and 6.x before 6.x-2.8, a module for Drupal, allows remote authenticated users, with webform creation privileges, to …
|
CWE-79
Cross-site Scripting
|
CVE-2009-4532
|
2017-08-17 10:31 |
2010-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258442
|
- |
|
nathan_haug
|
webform
|
The Webform module 5.x before 5.x-2.8 and 6.x before 6.x-2.8, a module for Drupal, does not prevent caching of a page that contains token placeholders for a default value, which allows remote attacke…
|
CWE-200
Information Exposure
|
CVE-2009-4533
|
2017-08-17 10:31 |
2010-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258443
|
- |
|
viart
|
viart_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in ViArt CMS 3.x allow remote attackers to inject arbitrary web script or HTML via the (1) category_id parameter to forums.php, or the forum_id par…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4547
|
2017-08-17 10:31 |
2010-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258444
|
- |
|
viart
|
viart_helpdesk
|
Multiple cross-site scripting (XSS) vulnerabilities in ViArt Helpdesk 3.x allow remote attackers to inject arbitrary web script or HTML via the category_id parameter to (1) products.php, (2) article.…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4548
|
2017-08-17 10:31 |
2010-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258445
|
- |
|
k-factor
|
agoracart
|
Multiple cross-site request forgery (CSRF) vulnerabilities in AgoraCart 5.2.005 and 5.2.006 and AgoraCart GOLD 5.5.005 allow remote attackers to hijack the authentication of administrators for reques…
|
CWE-352
Origin Validation Error
|
CVE-2009-4555
|
2017-08-17 10:31 |
2010-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258446
|
- |
|
unleashedmind
|
img_assist
|
Cross-site scripting (XSS) vulnerability in the Image Assist module 5.x-1.x before 5.x-1.8, 5.x-2.x before 2.0-alpha4, 6.x-1.x before 6.x-1.1, 6.x-2.x before 2.0-alpha4, and 6.x-3.x-dev before 2009-0…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4557
|
2017-08-17 10:31 |
2010-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258447
|
- |
|
unleashedmind
|
img_assist
|
The Image Assist module 5.x-1.x before 5.x-1.8, 5.x-2.x before 2.0-alpha4, 6.x-1.x before 6.x-1.1, 6.x-2.x before 2.0-alpha4, and 6.x-3.x-dev before 2009-07-15, a module for Drupal, does not properly…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-4558
|
2017-08-17 10:31 |
2010-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258448
|
- |
|
nanwich
|
submitted_by
|
Cross-site scripting (XSS) vulnerability in the Submitted By module 6.x before 6.x-1.3 for Drupal allows remote authenticated users, with "administer content types" privileges, to inject arbitrary we…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4559
|
2017-08-17 10:31 |
2010-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258449
|
- |
|
zenphoto
|
zenphoto
|
SQL injection vulnerability in index.php in Zenphoto 1.2.5 allows remote attackers to execute arbitrary SQL commands via the title parameter in a news action. NOTE: the provenance of this informatio…
|
CWE-89
SQL Injection
|
CVE-2009-4566
|
2017-08-17 10:31 |
2010-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258450
|
- |
|
viscacha
|
viscacha
|
Multiple cross-site scripting (XSS) vulnerabilities in editprofile.php in Viscacha 0.8 Gold allow remote authenticated users to inject arbitrary web script or HTML via the (1) skype, (2) yahoo, (3) a…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4567
|
2017-08-17 10:31 |
2010-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
