|
257221
|
- |
|
joomlaworks
|
com_k2
|
SQL injection vulnerability in the K2 (com_k2) component 1.0.1 Beta and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter in an itemlist action …
|
CWE-89
SQL Injection
|
CVE-2009-2395
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257222
|
- |
|
dutchmonkey
|
dm_album
|
PHP remote file inclusion vulnerability in template/album.php in DM Albums 1.9.2, as used standalone or as a WordPress plugin, allows remote attackers to execute arbitrary PHP code via a URL in the S…
|
CWE-94
Code Injection
|
CVE-2009-2396
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257223
|
- |
|
audioarticledirectory
|
audio_article_directory
|
Directory traversal vulnerability in download.php in Audio Article Directory allows remote attackers to read arbitrary files via directory traversal sequences in the file parameter.
|
CWE-22
Path Traversal
|
CVE-2009-2397
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257224
|
- |
|
php-sugar
|
php-sugar
|
Directory traversal vulnerability in test/index.php in PHP-Sugar 0.80 allows remote attackers to read arbitrary files via a ..// (dot dot slash slash) in the t parameter.
|
CWE-22
Path Traversal
|
CVE-2009-2398
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257225
|
- |
|
dutchmonkey
|
dm_filemanager
|
PHP remote file inclusion vulnerability in dm-albums/template/album.php in DM FileManager 3.9.4, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in t…
|
CWE-94
Code Injection
|
CVE-2009-2399
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257226
|
- |
|
fijiwebdesign
|
com_php
|
SQL injection vulnerability in the PHP (com_php) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
|
CWE-89
SQL Injection
|
CVE-2009-2400
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257227
|
- |
|
phpecho_cms
|
phpecho_cms
|
Cross-site scripting (XSS) vulnerability in PHPEcho CMS 2.0-rc3 allows remote attackers to inject arbitrary web script or HTML via a forum post.
|
CWE-79
Cross-site Scripting
|
CVE-2009-2401
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257228
|
- |
|
phpecho_cms
|
phpecho_cms
|
SQL injection vulnerability in index.php in the forum module in PHPEcho CMS 2.0-rc3 allows remote attackers to execute arbitrary SQL commands via the id parameter in a thread action, a different vect…
|
CWE-89
SQL Injection
|
CVE-2009-2402
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257229
|
- |
|
subversion
|
subversion
|
Multiple integer overflows in the libsvn_delta library in Subversion before 1.5.7, and 1.6.x before 1.6.4, allow remote authenticated users and remote Subversion servers to execute arbitrary code via…
|
CWE-189
Numeric Errors
|
CVE-2009-2411
|
2017-09-19 10:29 |
2009-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257230
|
- |
|
tallemu
|
online_armor_personal_firewall_av\+
personal_firewall
|
The OAmon.sys kernel driver 3.1.0.0 and earlier in Tall Emu Online Armor Personal Firewall AV+ before 3.5.0.12, and Personal Firewall 3.5 before 3.5.0.14, allows local users to gain privileges via cr…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-2450
|
2017-09-19 10:29 |
2009-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
