|
258601
|
- |
|
viart
|
viart_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in ViArt CMS 3.x allow remote attackers to inject arbitrary web script or HTML via the (1) category_id parameter to forums.php, or the forum_id par…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4547
|
2017-08-17 10:31 |
2010-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258602
|
- |
|
viart
|
viart_helpdesk
|
Multiple cross-site scripting (XSS) vulnerabilities in ViArt Helpdesk 3.x allow remote attackers to inject arbitrary web script or HTML via the category_id parameter to (1) products.php, (2) article.…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4548
|
2017-08-17 10:31 |
2010-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258603
|
- |
|
k-factor
|
agoracart
|
Multiple cross-site request forgery (CSRF) vulnerabilities in AgoraCart 5.2.005 and 5.2.006 and AgoraCart GOLD 5.5.005 allow remote attackers to hijack the authentication of administrators for reques…
|
CWE-352
Origin Validation Error
|
CVE-2009-4555
|
2017-08-17 10:31 |
2010-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258604
|
- |
|
unleashedmind
|
img_assist
|
Cross-site scripting (XSS) vulnerability in the Image Assist module 5.x-1.x before 5.x-1.8, 5.x-2.x before 2.0-alpha4, 6.x-1.x before 6.x-1.1, 6.x-2.x before 2.0-alpha4, and 6.x-3.x-dev before 2009-0…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4557
|
2017-08-17 10:31 |
2010-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258605
|
- |
|
unleashedmind
|
img_assist
|
The Image Assist module 5.x-1.x before 5.x-1.8, 5.x-2.x before 2.0-alpha4, 6.x-1.x before 6.x-1.1, 6.x-2.x before 2.0-alpha4, and 6.x-3.x-dev before 2009-07-15, a module for Drupal, does not properly…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-4558
|
2017-08-17 10:31 |
2010-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258606
|
- |
|
nanwich
|
submitted_by
|
Cross-site scripting (XSS) vulnerability in the Submitted By module 6.x before 6.x-1.3 for Drupal allows remote authenticated users, with "administer content types" privileges, to inject arbitrary we…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4559
|
2017-08-17 10:31 |
2010-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258607
|
- |
|
zenphoto
|
zenphoto
|
SQL injection vulnerability in index.php in Zenphoto 1.2.5 allows remote attackers to execute arbitrary SQL commands via the title parameter in a news action. NOTE: the provenance of this informatio…
|
CWE-89
SQL Injection
|
CVE-2009-4566
|
2017-08-17 10:31 |
2010-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258608
|
- |
|
viscacha
|
viscacha
|
Multiple cross-site scripting (XSS) vulnerabilities in editprofile.php in Viscacha 0.8 Gold allow remote authenticated users to inject arbitrary web script or HTML via the (1) skype, (2) yahoo, (3) a…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4567
|
2017-08-17 10:31 |
2010-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258609
|
- |
|
elkagroup
|
image_gallery
|
SQL injection vulnerability in elkagroup Image Gallery allows remote attackers to execute arbitrary SQL commands via the id parameter to the default URI under news/.
|
CWE-89
SQL Injection
|
CVE-2009-4569
|
2017-08-17 10:31 |
2010-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258610
|
- |
|
joomlabear
|
mod_joomulus
|
Multiple cross-site scripting (XSS) vulnerabilities in the Joomulus (mod_joomulus) module 2.0 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the tagcloud parameter in a…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4573
|
2017-08-17 10:31 |
2010-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
