|
257211
|
- |
|
bigace
|
bigace_cms
|
Directory traversal vulnerability in public/index.php in BIGACE Web CMS 2.6 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cmd parameter.
|
CWE-22
Path Traversal
|
CVE-2009-2379
|
2017-09-19 10:29 |
2009-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257212
|
- |
|
blogtrafficexchange
|
related-sites
|
SQL injection vulnerability in BTE_RW_webajax.php in the Related Sites plugin 2.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the guid parameter.
|
CWE-89
SQL Injection
|
CVE-2009-2383
|
2017-09-19 10:29 |
2009-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257213
|
- |
|
mathi
|
peamp
|
Buffer overflow in amp.exe in Brothersoft PEamp 1.02b allows user-assisted remote attackers to execute arbitrary code via a long string in a .m3u playlist file. NOTE: some of these details are obtai…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-2384
|
2017-09-19 10:29 |
2009-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257214
|
- |
|
fustrate
|
member_awards
|
SQL injection vulnerability in the awardsMembers function in Sources/Profile.php in the Member Awards component 1.0.2 for Simple Machines Forum (SMF) allows remote attackers to execute arbitrary SQL …
|
CWE-89
SQL Injection
|
CVE-2009-2385
|
2017-09-19 10:29 |
2009-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257215
|
- |
|
usolved
|
newsolved
|
Multiple SQL injection vulnerabilities in newsscript.php in USOLVED NEWSolved 1.1.6, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) jahr or (2…
|
CWE-89
SQL Injection
|
CVE-2009-2389
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257216
|
- |
|
f-cimag-in
|
com_bookflip
|
SQL injection vulnerability in the BookFlip (com_bookflip) component 2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the book_id parameter to index.php.
|
CWE-89
SQL Injection
|
CVE-2009-2390
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257217
|
- |
|
virtuenetz
|
virtue_online_test_generator
|
Cross-site scripting (XSS) vulnerability in text.php in Virtuenetz Virtue Online Test Generator allows remote attackers to inject arbitrary web script or HTML via the tid parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-2391
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257218
|
- |
|
virtuenetz
|
virtue_online_test_generator
|
SQL injection vulnerability in text.php in Virtuenetz Virtue Online Test Generator allows remote attackers to execute arbitrary SQL commands via the tid parameter.
|
CWE-89
SQL Injection
|
CVE-2009-2392
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257219
|
- |
|
virtuenetz
|
virtue_online_test_generator
|
admin/index.php in Virtuenetz Virtue Online Test Generator does not require administrative privileges, which allows remote authenticated users to have an unknown impact via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-2393
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257220
|
- |
|
smspages
|
smspages
|
SQL injection vulnerability in cat.php in SMSPages 1.0 in Mr.Saphp Arabic Script Mobile (aka Messages Library) 2.0 allows remote attackers to execute arbitrary SQL commands via the CatID parameter.
|
CWE-89
SQL Injection
|
CVE-2009-2394
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
