|
260251
|
- |
|
marek_sotak
|
rootcandy
|
Cross-site scripting (XSS) vulnerability in the RootCandy theme 6.x before 6.x-1.5 for Drupal allows remote attackers to inject arbitrary web script or HTML via the URI.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4042
|
2017-08-17 10:31 |
2009-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260252
|
- |
|
patrick_przybilla
|
addtoany
|
Cross-site scripting (XSS) vulnerability in the AddToAny module 5.x before 5.x-2.4 and 6.x before 6.x-2.4 for Drupal allows remote attackers to inject arbitrary web script or HTML via a node title.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4043
|
2017-08-17 10:31 |
2009-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260253
|
- |
|
bruno_massa
|
web_services
|
The Web Services module 6.x for Drupal does not perform the expected access control, which allows remote attackers to make unspecified use of an API via unknown vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-4044
|
2017-08-17 10:31 |
2009-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260254
|
- |
|
ibm
|
rational_application_developer_for_websphere
rational_software_architect
|
Multiple cross-site scripting (XSS) vulnerabilities in the JSF Widget Library Runtime in IBM Rational Application Developer for WebSphere Software before 7.0.0.10 and Rational Software Architect befo…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4052
|
2017-08-17 10:31 |
2009-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260255
|
- |
|
inertialfate
|
com_if_nexus
|
SQL injection vulnerability in the inertialFATE iF Portfolio Nexus (com_if_nexus) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an item a…
|
CWE-89
SQL Injection
|
CVE-2009-4057
|
2017-08-17 10:31 |
2009-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260256
|
- |
|
telebidauctionscript
|
telebid_auction_script
|
SQL injection vulnerability in allauctions.php in Telebid Auction Script allows remote attackers to execute arbitrary SQL commands via the aid parameter.
|
CWE-89
SQL Injection
|
CVE-2009-4058
|
2017-08-17 10:31 |
2009-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260257
|
- |
|
.joomclan
|
com_joomclip
|
SQL injection vulnerability in the JoomClip (com_joomclip) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a thumbs action to index.php.
|
CWE-89
SQL Injection
|
CVE-2009-4059
|
2017-08-17 10:31 |
2009-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260258
|
- |
|
cubecart
|
cubecart
|
SQL injection vulnerability in includes/content/viewProd.inc.php in CubeCart before 4.3.7 remote attackers to execute arbitrary SQL commands via the productId parameter.
|
CWE-89
SQL Injection
|
CVE-2009-4060
|
2017-08-17 10:31 |
2009-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260259
|
- |
|
yuriy_babenko
|
agreement_module
|
Multiple cross-site scripting (XSS) vulnerabilities in the Agreement module 6.x before 6.x-1.2 for Drupal allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4061
|
2017-08-17 10:31 |
2009-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260260
|
- |
|
anon-design
|
printfriendly
|
Multiple cross-site scripting (XSS) vulnerabilities in the Printfriendly module 6.x before 6.x-1.6 for Drupal allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4062
|
2017-08-17 10:31 |
2009-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
