|
263201
|
- |
|
coreftp
|
core_ftp
|
Stack-based buffer overflow in Core FTP 2.1 build 1612 allows user-assisted remote attackers to execute arbitrary code via a long hostname in an FTP server entry in a site backup file. NOTE: some of…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-3484
|
2017-08-17 10:31 |
2009-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263202
|
- |
|
ron_jerome
|
bibliography
|
Cross-site scripting (XSS) vulnerability in the Bibliography (aka Biblio) module 6.x-1.6 for Drupal allows remote authenticated users, with certain content-creation privileges, to inject arbitrary we…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3488
|
2017-08-17 10:31 |
2009-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263203
|
- |
|
zenas
|
paobacheca_guestbook
|
Multiple cross-site scripting (XSS) vulnerabilities in Zenas PaoBacheca Guestbook 2.1 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) scrivi.php and (2) index.p…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3493
|
2017-08-17 10:31 |
2009-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263204
|
- |
|
bpowerhouse
|
bpstudents
|
SQL injection vulnerability in students.php in BPowerHouse BPStudents 1.0 allows remote attackers to execute arbitrary SQL commands via the test parameter in a preview action.
|
CWE-89
SQL Injection
|
CVE-2009-3501
|
2017-08-17 10:31 |
2009-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263205
|
- |
|
vastal
|
mmorpg_zone
|
SQL injection vulnerability in view_news.php in Vastal I-Tech MMORPG Zone allows remote attackers to execute arbitrary SQL commands via the news_id parameter. NOTE: the game_id vector is already cov…
|
CWE-89
SQL Injection
|
CVE-2009-3505
|
2017-08-17 10:31 |
2009-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263206
|
- |
|
cj-design
|
cj_dynamic_poll
|
Cross-site scripting (XSS) vulnerability in admin/admin_index.php in CJ Dynamic Poll PRO 2.0 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
|
CWE-79
Cross-site Scripting
|
CVE-2009-3509
|
2017-08-17 10:31 |
2009-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263207
|
- |
|
phplemon
|
myweight
|
Multiple cross-site scripting (XSS) vulnerabilities in MyWeight 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) date parameter to user_addfood.php, info parameter to (2)…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3512
|
2017-08-17 10:31 |
2009-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263208
|
- |
|
pilotgroup
|
pg_etraining
|
Multiple cross-site scripting (XSS) vulnerabilities in Pilot Group (PG) eTraining allow remote attackers to inject arbitrary web script or HTML via (1) the cat_id parameter to courses_login.php, the …
|
CWE-79
Cross-site Scripting
|
CVE-2009-3513
|
2017-08-17 10:31 |
2009-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263209
|
- |
|
john_beranek
|
meeting_room_booking_system
|
SQL injection vulnerability in report.php in Meeting Room Booking System (MRBS) before 1.4.2 allows remote attackers to execute arbitrary SQL commands via the typematch parameter. NOTE: some of thes…
|
CWE-89
SQL Injection
|
CVE-2009-3533
|
2017-08-17 10:31 |
2009-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263210
|
- |
|
kneuro
|
littlesite.php
|
Directory traversal vulnerability in ls.php in LittleSite (aka LS or LittleSite.php) 0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the file parameter …
|
CWE-22
Path Traversal
|
CVE-2009-3542
|
2017-08-17 10:31 |
2009-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
