|
258621
|
- |
|
phpgroupware
|
phpgroupware
|
Cross-site scripting (XSS) vulnerability in login.php in phpGroupWare 0.9.16.12, and possibly other versions before 0.9.16.014, allows remote attackers to inject arbitrary web script or HTML via an a…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4416
|
2017-08-17 10:31 |
2009-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258622
|
- |
|
intel
|
gm45_chipset
pm45_express_chipset
q35_chipset
q43_express_chipset
q45_chipset
|
Intel Q35, GM45, PM45 Express, Q45, and Q43 Express chipsets in the SINIT Authenticated Code Module (ACM), which allows local users to bypass the Trusted Execution Technology protection mechanism and…
|
CWE-16
Configuration
|
CVE-2009-4419
|
2017-08-17 10:31 |
2009-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258623
|
- |
|
weentech
|
weencompany
|
SQL injection vulnerability in index.php in weenCompany 4.0.0 allows remote attackers to execute arbitrary SQL commands via the moduleid parameter. NOTE: some of these details are obtained from thir…
|
CWE-89
SQL Injection
|
CVE-2009-4423
|
2017-08-17 10:31 |
2009-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258624
|
- |
|
imotta
|
pyrmont_plugin
|
SQL injection vulnerability in results.php in the Pyrmont plugin 2 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2009-4424
|
2017-08-17 10:31 |
2009-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258625
|
- |
|
idevspot
|
idevcart
|
Cross-site scripting (XSS) vulnerability in index.php in iDevCart 1.09 allows remote attackers to inject arbitrary web script or HTML via the SEARCH parameter in a browse action.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4425
|
2017-08-17 10:31 |
2009-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258626
|
- |
|
launchpad
|
ignition
|
Multiple directory traversal vulnerabilities in Ignition 1.2, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the blog par…
|
CWE-22
Path Traversal
|
CVE-2009-4426
|
2017-08-17 10:31 |
2009-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258627
|
- |
|
joomplace
|
com_joomportfolio
|
SQL injection vulnerability in the JoomPortfolio (com_joomportfolio) component 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the secid parameter in a showcat action …
|
CWE-89
SQL Injection
|
CVE-2009-4428
|
2017-08-17 10:31 |
2009-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258628
|
- |
|
alexander_hass
|
sections_module
|
Cross-site scripting (XSS) vulnerability in the Sections module 5.x before 5.x-1.3 and 6.x before 6.x-1.3 for Drupal allows remote authenticated users with "administer sections" privileges to inject …
|
CWE-79
Cross-site Scripting
|
CVE-2009-4429
|
2017-08-17 10:31 |
2009-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258629
|
- |
|
idevspot
|
isupport
|
Multiple cross-site scripting (XSS) vulnerabilities in IDevSpot iSupport 1.8 and earlier allow remote attackers to inject arbitrary web script or HTML via the (a) 5 or (b) 9 field in a post action to…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4433
|
2017-08-17 10:31 |
2009-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258630
|
- |
|
compmaster.prv.pl
|
f3site
|
Multiple directory traversal vulnerabilities in F3Site 2009 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the GLOBALS[nlang] parameter to (1…
|
CWE-22
Path Traversal
|
CVE-2009-4435
|
2017-08-17 10:31 |
2009-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
