|
258161
|
- |
|
stivaforum
|
stiva_forum
|
Multiple cross-site scripting (XSS) vulnerabilities in Stiva Forum 1.0 allow remote attackers to inject arbitrary web script or HTML via the id parameter to (1) demo.php and (2) forum.php, and the PA…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3204
|
2017-08-17 10:31 |
2009-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258162
|
- |
|
cbauthority
|
cbauthority
|
SQL injection vulnerability in main.php in CBAuthority allows remote attackers to execute arbitrary SQL commands via the id parameter in a view_product action.
|
CWE-89
SQL Injection
|
CVE-2009-3205
|
2017-08-17 10:31 |
2009-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258163
|
- |
|
drewish
|
imagecache
|
Multiple cross-site scripting (XSS) vulnerabilities in the ImageCache module 5.x before 5.x-2.5 and 6.x before 6.x-2.0-beta10, a module for Drupal, allow remote authenticated users, with "administer …
|
CWE-79
Cross-site Scripting
|
CVE-2009-3206
|
2017-08-17 10:31 |
2009-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258164
|
- |
|
drewish
|
imagecache
|
The ImageCache module 5.x before 5.x-2.5 and 6.x before 6.x-2.0-beta10, a module for Drupal, when the private file system is used, does not properly perform access control for derivative images, whic…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-3207
|
2017-08-17 10:31 |
2009-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258165
|
- |
|
prakashatma_mishra
|
phpfreebb
|
Multiple SQL injection vulnerabilities in phpfreeBB 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to permalink.php and (2) year parameter to index.php.
|
CWE-89
SQL Injection
|
CVE-2009-3208
|
2017-08-17 10:31 |
2009-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258166
|
- |
|
raizlabs
|
php_email_manager
|
SQL injection vulnerability in remove.php in PHP eMail Manager 3.3.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter.
|
CWE-89
SQL Injection
|
CVE-2009-3209
|
2017-08-17 10:31 |
2009-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258167
|
- |
|
joao_ventura
|
print
|
Multiple cross-site scripting (XSS) vulnerabilities in the Print (aka Printer, e-mail and PDF versions) module 5.x before 5.x-4.8 and 6.x before 6.x-1.8, a module for Drupal, allow remote authenticat…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3210
|
2017-08-17 10:31 |
2009-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258168
|
- |
|
dimofinf
|
infinity_script
|
Directory traversal vulnerability in VivaPrograms Infinity Script 2.x.x, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the options[style_dir…
|
CWE-22
Path Traversal
|
CVE-2009-3211
|
2017-08-17 10:31 |
2009-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258169
|
- |
|
dimofinf
|
infinity_script
|
SQL injection vulnerability in VivaPrograms Infinity Script 2.x.x, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username field.
|
CWE-89
SQL Injection
|
CVE-2009-3212
|
2017-08-17 10:31 |
2009-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258170
|
- |
|
broid
|
broid
|
Stack-based buffer overflow in broid 1.0 Beta 3a allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a .mp3 file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-3213
|
2017-08-17 10:31 |
2009-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
