|
259061
|
- |
|
olivier_michaud_pierre-yves
|
quickdev4php
|
Directory traversal vulnerability in download.php in Quickdev 4 PHP allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
|
CWE-22
Path Traversal
|
CVE-2009-4726
|
2017-09-19 10:30 |
2010-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259062
|
- |
|
junglescripts
|
ajax_short_url_script
|
SQL injection vulnerability in x/login in JungleScripts Ajax Short Url Script allows remote attackers to execute arbitrary SQL commands via the username parameter.
|
CWE-89
SQL Injection
|
CVE-2009-4727
|
2017-09-19 10:30 |
2010-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259063
|
- |
|
questions_answered
|
questions_answered
|
SQL injection vulnerability in the administrative interface in Questions Answered 1.3 allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these detail…
|
CWE-89
SQL Injection
|
CVE-2009-4728
|
2017-09-19 10:30 |
2010-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259064
|
- |
|
x10media
|
adult_script
|
Multiple cross-site scripting (XSS) vulnerabilities in x10 Adult Media Script 1.7 allow remote attackers to inject arbitrary web script or HTML via the (1) pic_id parameter to includes/video_ad.php, …
|
CWE-79
Cross-site Scripting
|
CVE-2009-4729
|
2017-09-19 10:30 |
2010-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259065
|
- |
|
x10media
|
adult_script
|
SQL injection vulnerability in report.php in x10 Adult Media Script 1.7 allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2009-4730
|
2017-09-19 10:30 |
2010-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259066
|
- |
|
technotoad
|
tt_web_site_manager
|
SQL injection vulnerability in tt/index.php in TT Web Site Manager 0.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the tt_name parameter. NOTE: …
|
CWE-89
SQL Injection
|
CVE-2009-4732
|
2017-09-19 10:30 |
2010-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259067
|
- |
|
supercrackmunkey
|
simpleloginsys
|
SQL injection vulnerability in checkuser.php in SimpleLoginSys 0.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: som…
|
CWE-89
SQL Injection
|
CVE-2009-4733
|
2017-09-19 10:30 |
2010-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259068
|
- |
|
allomani
|
movies_library
|
SQL injection vulnerability in login.php in Allomani Movies Library (Movies & Clips) 2.7.0 allows remote attackers to execute arbitrary SQL commands via the username parameter in a login action.
|
CWE-89
SQL Injection
|
CVE-2009-4734
|
2017-09-19 10:30 |
2010-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259069
|
- |
|
allomani
|
audio_\&_video_library
|
SQL injection vulnerability in login.php in Allomani Audio & Video Library (Songs & Clips version) 2.7.0 allows remote attackers to execute arbitrary SQL commands via the username parameter in a logi…
|
CWE-89
SQL Injection
|
CVE-2009-4735
|
2017-09-19 10:30 |
2010-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259070
|
- |
|
skadate
|
skadate_online_dating_software
|
PHP remote file inclusion vulnerability in index.php in SkaDate Dating allows remote attackers to execute arbitrary PHP code via a URL in the language_id parameter. NOTE: this can also be leveraged …
|
CWE-94
Code Injection
|
CVE-2009-4739
|
2017-09-19 10:30 |
2010-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
