|
259171
|
- |
|
f-cimag-in
|
com_bookflip
|
SQL injection vulnerability in the BookFlip (com_bookflip) component 2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the book_id parameter to index.php.
|
CWE-89
SQL Injection
|
CVE-2009-2390
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259172
|
- |
|
virtuenetz
|
virtue_online_test_generator
|
Cross-site scripting (XSS) vulnerability in text.php in Virtuenetz Virtue Online Test Generator allows remote attackers to inject arbitrary web script or HTML via the tid parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-2391
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259173
|
- |
|
virtuenetz
|
virtue_online_test_generator
|
SQL injection vulnerability in text.php in Virtuenetz Virtue Online Test Generator allows remote attackers to execute arbitrary SQL commands via the tid parameter.
|
CWE-89
SQL Injection
|
CVE-2009-2392
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259174
|
- |
|
virtuenetz
|
virtue_online_test_generator
|
admin/index.php in Virtuenetz Virtue Online Test Generator does not require administrative privileges, which allows remote authenticated users to have an unknown impact via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-2393
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259175
|
- |
|
smspages
|
smspages
|
SQL injection vulnerability in cat.php in SMSPages 1.0 in Mr.Saphp Arabic Script Mobile (aka Messages Library) 2.0 allows remote attackers to execute arbitrary SQL commands via the CatID parameter.
|
CWE-89
SQL Injection
|
CVE-2009-2394
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259176
|
- |
|
joomlaworks
|
com_k2
|
SQL injection vulnerability in the K2 (com_k2) component 1.0.1 Beta and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter in an itemlist action …
|
CWE-89
SQL Injection
|
CVE-2009-2395
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259177
|
- |
|
dutchmonkey
|
dm_album
|
PHP remote file inclusion vulnerability in template/album.php in DM Albums 1.9.2, as used standalone or as a WordPress plugin, allows remote attackers to execute arbitrary PHP code via a URL in the S…
|
CWE-94
Code Injection
|
CVE-2009-2396
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259178
|
- |
|
audioarticledirectory
|
audio_article_directory
|
Directory traversal vulnerability in download.php in Audio Article Directory allows remote attackers to read arbitrary files via directory traversal sequences in the file parameter.
|
CWE-22
Path Traversal
|
CVE-2009-2397
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259179
|
- |
|
php-sugar
|
php-sugar
|
Directory traversal vulnerability in test/index.php in PHP-Sugar 0.80 allows remote attackers to read arbitrary files via a ..// (dot dot slash slash) in the t parameter.
|
CWE-22
Path Traversal
|
CVE-2009-2398
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259180
|
- |
|
dutchmonkey
|
dm_filemanager
|
PHP remote file inclusion vulnerability in dm-albums/template/album.php in DM FileManager 3.9.4, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in t…
|
CWE-94
Code Injection
|
CVE-2009-2399
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
