258361
|
- |
|
corel
|
paint_shop_pro
|
Stack-based buffer overflow in Jasc Paint Shop Pro 8.10 (aka Corel Paint Shop Pro) allows user-assisted remote attackers to execute arbitrary code via a crafted PNG file. NOTE: this might be the sam…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-4251
|
2017-08-17 10:31 |
2009-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258362
|
- |
|
phpee
|
pphlogger
|
Cross-site scripting (XSS) vulnerability in dspStats.php in PowerPhlogger 2.2.5 allows remote attackers to inject arbitrary web script or HTML via the edit parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4253
|
2017-08-17 10:31 |
2009-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258363
|
- |
|
phpee
|
pphlogger
|
PowerPhlogger 2.2.5 allows remote attackers to obtain sensitive information via a direct request to (1) edCss.inc.php, (2) foot.inc.php, (3) get_csscolors.inc.php, (4) head.inc.php, (5) head_stuff.in…
|
CWE-200
Information Exposure
|
CVE-2009-4254
|
2017-08-17 10:31 |
2009-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258364
|
- |
|
youjoomla
|
you\!hostit\!
|
Cross-site scripting (XSS) vulnerability in the You!Hostit! template 1.0.1 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the created_by_alias parameter in index.php.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4255
|
2017-08-17 10:31 |
2009-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258365
|
- |
|
truesolution
|
alefmentor
|
Multiple SQL injection vulnerabilities in cource.php in AlefMentor 2.0 and 2.2 allow remote attackers to execute arbitrary SQL commands via the (1) cont_id and (2) courc_id parameters in a pregled ac…
|
CWE-89
SQL Injection
|
CVE-2009-4256
|
2017-08-17 10:31 |
2009-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258366
|
- |
|
haroldbakker
|
hb-ns
|
Harold Bakker's NewsScript (HB-NS) 1.3 allows remote attackers to obtain access to the admin control panel via a direct request to admin.php.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-4262
|
2017-08-17 10:31 |
2009-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258367
|
- |
|
ptcpay
|
gen3
|
SQL injection vulnerability in main_forum.php in PTCPay GeN3 forum 1.3 allows remote attackers to execute arbitrary SQL commands via the cat parameter.
|
CWE-89
SQL Injection
|
CVE-2009-4263
|
2017-08-17 10:31 |
2009-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258368
|
- |
|
yabsoft
|
advanced_image_hosting_script
|
Cross-site scripting (XSS) vulnerability in search.php in YABSoft Advanced Image Hosting (AIH) Script 2.2, and possibly 2.3, allows remote attackers to inject arbitrary web script or HTML via the tex…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4266
|
2017-08-17 10:31 |
2009-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258369
|
- |
|
iij
|
seil\/x1_firmware seil\/x1 seil\/b1_firmware seil\/b1 seil\/x2_firmware seil\/x2
|
Buffer overflow in the URL filtering function in Internet Initiative Japan SEIL/X1, SEIL/X2, and SEIL/B1 firmware 2.40 through 2.51 allows remote attackers to execute arbitrary code via unspecified v…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-4292
|
2017-08-17 10:31 |
2009-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258370
|
- |
|
iij
|
seil\/x1_firmware seil\/x1 seil\/b1_firmware seil\/b1 seil\/x2_firmware seil\/x2
|
Internet Initiative Japan SEIL/X1, SEIL/X2, and SEIL/B1 firmware 2.30 through 2.51, when NAT is enabled, allows remote attackers to cause a denial of service (system restart) via crafted GRE packets.
|
CWE-16
Configuration
|
CVE-2009-4293
|
2017-08-17 10:31 |
2009-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|