|
257071
|
- |
|
omidrouhani
|
xerver
|
The administrator package for Xerver 4.32 does not require authentication, which allows remote attackers to alter application settings by connecting to the application on port 32123, as demonstrated …
|
CWE-287
Improper Authentication
|
CVE-2009-4657
|
2017-09-19 10:30 |
2010-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257072
|
- |
|
omidrouhani
|
xerver
|
Xerver 4.32 allows remote authenticated users to cause a denial of service (daemon crash) via a non-numeric web port assignment in the management interface. NOTE: this can be leveraged by non-authen…
|
CWE-20
Improper Input Validation
|
CVE-2009-4658
|
2017-09-19 10:30 |
2010-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257073
|
- |
|
mp3-cutter
|
ease_audio_cutter
|
Unspecified vulnerability in MP3-Cutter Ease Audio Cutter 1.20 allows user-assisted remote attackers to cause a denial of service (application crash) via a long string in a WAV file.
|
NVD-CWE-noinfo
|
CVE-2009-4659
|
2017-09-19 10:30 |
2010-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257074
|
- |
|
bigantsoft
|
bigant_messenger
|
Stack-based buffer overflow in the AntServer Module (AntServer.exe) in BigAnt IM Server 2.50 allows remote attackers to execute arbitrary code via a long GET request to TCP port 6660.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-4660
|
2017-09-19 10:30 |
2010-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257075
|
- |
|
bigantsoft
|
bigant_server
|
Multiple buffer overflows in BigAnt Server 2.50 SP6 and earlier allow user-assisted remote attackers to cause a denial of service (application crash) via a crafted ZIP file that is not properly handl…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-4661
|
2017-09-19 10:30 |
2010-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257076
|
- |
|
quiksoft
|
easymail_objects
|
Heap-based buffer overflow in the Quiksoft EasyMail Objects 6 ActiveX control allows remote attackers to execute arbitrary code via a long argument to the AddAttachment method.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-4663
|
2017-09-19 10:30 |
2010-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257077
|
- |
|
cutesoft_components
|
cute_editor_for_asp.net
|
Directory traversal vulnerability in CuteSoft_Client/CuteEditor/Load.ashx in CuteSoft Components Cute Editor for ASP.NET allows remote attackers to read arbitrary files via a .. (dot dot) in the file…
|
CWE-22
Path Traversal
|
CVE-2009-4665
|
2017-09-19 10:30 |
2010-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257078
|
- |
|
qualityunit
|
download_protect
|
Multiple PHP remote file inclusion vulnerabilities in Webradev Download Protect 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[RootPath] parameter to (1) Framework/…
|
CWE-94
Code Injection
|
CVE-2009-4666
|
2017-09-19 10:30 |
2010-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257079
|
- |
|
phpmember
|
webmember
|
SQL injection vulnerability in form.php in WebMember 1.0 allows remote authenticated users to execute arbitrary SQL commands via the formID parameter.
|
CWE-89
SQL Injection
|
CVE-2009-4667
|
2017-09-19 10:30 |
2010-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257080
|
- |
|
beaussier
|
roomphplanning
|
Multiple SQL injection vulnerabilities in RoomPHPlanning 1.6 allow remote attackers to execute arbitrary SQL commands via (1) the loginus parameter to Login.php or (2) the Old Password field to chang…
|
CWE-89
SQL Injection
|
CVE-2009-4669
|
2017-09-19 10:30 |
2010-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
