|
258201
|
- |
|
vastal
|
mmorpg_zone
|
SQL injection vulnerability in view_news.php in Vastal I-Tech MMORPG Zone allows remote attackers to execute arbitrary SQL commands via the news_id parameter. NOTE: the game_id vector is already cov…
|
CWE-89
SQL Injection
|
CVE-2009-3505
|
2017-08-17 10:31 |
2009-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258202
|
- |
|
cj-design
|
cj_dynamic_poll
|
Cross-site scripting (XSS) vulnerability in admin/admin_index.php in CJ Dynamic Poll PRO 2.0 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
|
CWE-79
Cross-site Scripting
|
CVE-2009-3509
|
2017-08-17 10:31 |
2009-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258203
|
- |
|
phplemon
|
myweight
|
Multiple cross-site scripting (XSS) vulnerabilities in MyWeight 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) date parameter to user_addfood.php, info parameter to (2)…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3512
|
2017-08-17 10:31 |
2009-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258204
|
- |
|
pilotgroup
|
pg_etraining
|
Multiple cross-site scripting (XSS) vulnerabilities in Pilot Group (PG) eTraining allow remote attackers to inject arbitrary web script or HTML via (1) the cat_id parameter to courses_login.php, the …
|
CWE-79
Cross-site Scripting
|
CVE-2009-3513
|
2017-08-17 10:31 |
2009-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258205
|
- |
|
john_beranek
|
meeting_room_booking_system
|
SQL injection vulnerability in report.php in Meeting Room Booking System (MRBS) before 1.4.2 allows remote attackers to execute arbitrary SQL commands via the typematch parameter. NOTE: some of thes…
|
CWE-89
SQL Injection
|
CVE-2009-3533
|
2017-08-17 10:31 |
2009-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258206
|
- |
|
kneuro
|
littlesite.php
|
Directory traversal vulnerability in ls.php in LittleSite (aka LS or LittleSite.php) 0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the file parameter …
|
CWE-22
Path Traversal
|
CVE-2009-3542
|
2017-08-17 10:31 |
2009-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258207
|
- |
|
redhat
|
jboss_enterprise_application_platform
|
Twiddle in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP08 and 4.3 before 4.3.0.CP07 writes the JMX password, and other command-line arguments, to the twi…
|
CWE-200
Information Exposure
|
CVE-2009-3554
|
2017-08-17 10:31 |
2009-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258208
|
- |
|
kayako
|
esupport
supportsuite
|
Cross-site scripting (XSS) vulnerability in modules/tickets/functions_ticketsui.php in Kayako SupportSuite and eSupport 3.60.04 and earlier allows remote attackers to inject arbitrary web script or H…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3567
|
2017-08-17 10:31 |
2009-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258209
|
- |
|
bestpractical
|
rt
|
Session fixation vulnerability in html/Elements/SetupSessionCookie in Best Practical Solutions RT 3.0.0 through 3.6.9 and 3.8.x through 3.8.5 allows remote attackers to hijack web sessions by setting…
|
CWE-287
Improper Authentication
|
CVE-2009-3585
|
2017-08-17 10:31 |
2009-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258210
|
- |
|
qtmsoft
|
x-cart
|
Cross-site scripting (XSS) vulnerability in customer/home.php in Qualiteam X-Cart allows remote attackers to inject arbitrary web script or HTML via the email parameter in a subscribed action, a diff…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3592
|
2017-08-17 10:31 |
2009-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
