|
258701
|
- |
|
phplemon
|
myweight
|
Multiple cross-site scripting (XSS) vulnerabilities in MyWeight 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) date parameter to user_addfood.php, info parameter to (2)…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3512
|
2017-08-17 10:31 |
2009-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258702
|
- |
|
pilotgroup
|
pg_etraining
|
Multiple cross-site scripting (XSS) vulnerabilities in Pilot Group (PG) eTraining allow remote attackers to inject arbitrary web script or HTML via (1) the cat_id parameter to courses_login.php, the …
|
CWE-79
Cross-site Scripting
|
CVE-2009-3513
|
2017-08-17 10:31 |
2009-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258703
|
- |
|
john_beranek
|
meeting_room_booking_system
|
SQL injection vulnerability in report.php in Meeting Room Booking System (MRBS) before 1.4.2 allows remote attackers to execute arbitrary SQL commands via the typematch parameter. NOTE: some of thes…
|
CWE-89
SQL Injection
|
CVE-2009-3533
|
2017-08-17 10:31 |
2009-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258704
|
- |
|
kneuro
|
littlesite.php
|
Directory traversal vulnerability in ls.php in LittleSite (aka LS or LittleSite.php) 0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the file parameter …
|
CWE-22
Path Traversal
|
CVE-2009-3542
|
2017-08-17 10:31 |
2009-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258705
|
- |
|
redhat
|
jboss_enterprise_application_platform
|
Twiddle in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP08 and 4.3 before 4.3.0.CP07 writes the JMX password, and other command-line arguments, to the twi…
|
CWE-200
Information Exposure
|
CVE-2009-3554
|
2017-08-17 10:31 |
2009-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258706
|
- |
|
kayako
|
esupport
supportsuite
|
Cross-site scripting (XSS) vulnerability in modules/tickets/functions_ticketsui.php in Kayako SupportSuite and eSupport 3.60.04 and earlier allows remote attackers to inject arbitrary web script or H…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3567
|
2017-08-17 10:31 |
2009-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258707
|
- |
|
bestpractical
|
rt
|
Session fixation vulnerability in html/Elements/SetupSessionCookie in Best Practical Solutions RT 3.0.0 through 3.6.9 and 3.8.x through 3.8.5 allows remote attackers to hijack web sessions by setting…
|
CWE-287
Improper Authentication
|
CVE-2009-3585
|
2017-08-17 10:31 |
2009-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258708
|
- |
|
qtmsoft
|
x-cart
|
Cross-site scripting (XSS) vulnerability in customer/home.php in Qualiteam X-Cart allows remote attackers to inject arbitrary web script or HTML via the email parameter in a subscribed action, a diff…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3592
|
2017-08-17 10:31 |
2009-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258709
|
- |
|
freewebscriptz
|
freelancers
|
Multiple cross-site scripting (XSS) vulnerabilities in Freelancers 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to placebid.php and (2) jobid parameter t…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3593
|
2017-08-17 10:31 |
2009-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258710
|
- |
|
blob
|
blog_system
|
Cross-site scripting (XSS) vulnerability in bpost.php in BLOB Blog System before 1.2 allows remote attackers to inject arbitrary web script or HTML via the postid parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-3594
|
2017-08-17 10:31 |
2009-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
