|
258561
|
- |
|
phpgroupware
|
phpgroupware
|
SQL injection vulnerability in phpgwapi /inc/class.auth_sql.inc.php in phpGroupWare 0.9.16.12, and possibly other versions before 0.9.16.014, when magic_quotes_gpc is disabled, allows remote attacker…
|
CWE-89
SQL Injection
|
CVE-2009-4414
|
2017-08-17 10:31 |
2009-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258562
|
- |
|
phpgroupware
|
phpgroupware
|
Multiple directory traversal vulnerabilities in phpGroupWare 0.9.16.12, and possibly other versions before 0.9.16.014, allow remote attackers to (1) read arbitrary files via the csvfile parameter to …
|
CWE-22
Path Traversal
|
CVE-2009-4415
|
2017-08-17 10:31 |
2009-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258563
|
- |
|
phpgroupware
|
phpgroupware
|
Cross-site scripting (XSS) vulnerability in login.php in phpGroupWare 0.9.16.12, and possibly other versions before 0.9.16.014, allows remote attackers to inject arbitrary web script or HTML via an a…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4416
|
2017-08-17 10:31 |
2009-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258564
|
- |
|
intel
|
gm45_chipset
pm45_express_chipset
q35_chipset
q43_express_chipset
q45_chipset
|
Intel Q35, GM45, PM45 Express, Q45, and Q43 Express chipsets in the SINIT Authenticated Code Module (ACM), which allows local users to bypass the Trusted Execution Technology protection mechanism and…
|
CWE-16
Configuration
|
CVE-2009-4419
|
2017-08-17 10:31 |
2009-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258565
|
- |
|
weentech
|
weencompany
|
SQL injection vulnerability in index.php in weenCompany 4.0.0 allows remote attackers to execute arbitrary SQL commands via the moduleid parameter. NOTE: some of these details are obtained from thir…
|
CWE-89
SQL Injection
|
CVE-2009-4423
|
2017-08-17 10:31 |
2009-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258566
|
- |
|
imotta
|
pyrmont_plugin
|
SQL injection vulnerability in results.php in the Pyrmont plugin 2 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2009-4424
|
2017-08-17 10:31 |
2009-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258567
|
- |
|
idevspot
|
idevcart
|
Cross-site scripting (XSS) vulnerability in index.php in iDevCart 1.09 allows remote attackers to inject arbitrary web script or HTML via the SEARCH parameter in a browse action.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4425
|
2017-08-17 10:31 |
2009-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258568
|
- |
|
launchpad
|
ignition
|
Multiple directory traversal vulnerabilities in Ignition 1.2, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the blog par…
|
CWE-22
Path Traversal
|
CVE-2009-4426
|
2017-08-17 10:31 |
2009-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258569
|
- |
|
joomplace
|
com_joomportfolio
|
SQL injection vulnerability in the JoomPortfolio (com_joomportfolio) component 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the secid parameter in a showcat action …
|
CWE-89
SQL Injection
|
CVE-2009-4428
|
2017-08-17 10:31 |
2009-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258570
|
- |
|
alexander_hass
|
sections_module
|
Cross-site scripting (XSS) vulnerability in the Sections module 5.x before 5.x-1.3 and 6.x before 6.x-1.3 for Drupal allows remote authenticated users with "administer sections" privileges to inject …
|
CWE-79
Cross-site Scripting
|
CVE-2009-4429
|
2017-08-17 10:31 |
2009-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
