|
259211
|
- |
|
blabsoft
|
bopup_communication_server
|
Stack-based buffer overflow in B Labs Bopup Communication Server 3.2.26.5460 allows remote attackers to execute arbitrary code via a crafted request to TCP port 19810.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-2227
|
2017-09-19 10:29 |
2009-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259212
|
- |
|
kasseler-cms
|
kasseler_cms
|
Cross-site scripting (XSS) vulnerability in engine.php in Kasseler CMS allows remote attackers to inject arbitrary web script or HTML via the url parameter in a redirect action.
|
CWE-79
Cross-site Scripting
|
CVE-2009-2228
|
2017-09-19 10:29 |
2009-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259213
|
- |
|
kasseler-cms
|
kasseler_cms
|
Directory traversal vulnerability in engine.php in Kasseler CMS 1.3.5 lite allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter during a download action, a differe…
|
CWE-22
Path Traversal
|
CVE-2009-2229
|
2017-09-19 10:29 |
2009-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259214
|
- |
|
mybulletinboard
|
mybulletinboard
|
SQL injection vulnerability in inc/datahandlers/user.php in MyBB (aka MyBulletinBoard) before 1.4.7 allows remote authenticated users to execute arbitrary SQL commands via the birthdayprivacy paramet…
|
CWE-89
SQL Injection
|
CVE-2009-2230
|
2017-09-19 10:29 |
2009-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259215
|
- |
|
mid.as
|
midas
|
MIDAS 1.43 allows remote attackers to bypass authentication and obtain administrative access via an admin account record in a MIDAS cookie.
|
CWE-287
Improper Authentication
|
CVE-2009-2231
|
2017-09-19 10:29 |
2009-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259216
|
- |
|
awscripts
|
gallery_search_engine
|
The admin interface in AWScripts.com Gallery Search Engine 1.5 allows remote attackers to bypass authentication and gain administrative access by setting the awse_logged cookie to 1.
|
CWE-287
Improper Authentication
|
CVE-2009-2233
|
2017-09-19 10:29 |
2009-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259217
|
- |
|
vicidial
|
call_center_suite
|
Multiple SQL injection vulnerabilities in admin.php in VICIDIAL Call Center Suite 2.0.5-173 allow remote attackers to execute arbitrary SQL commands via the (1) Username parameter ($PHP_AUTH_USER) an…
|
CWE-89
SQL Injection
|
CVE-2009-2234
|
2017-09-19 10:29 |
2009-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259218
|
- |
|
yourarticlesdirectory
|
your_articles_directory
|
SQL injection vulnerability in page.php in Your Articles Directory allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2009-2235
|
2017-09-19 10:29 |
2009-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259219
|
- |
|
yourarticlesdirectory
|
your_articles_directory
|
SQL injection vulnerability in yad-admin/login.php in Your Article Directory allows remote attackers to execute arbitrary SQL commands via the txtAdminEmail parameter. NOTE: some of these details ar…
|
CWE-89
SQL Injection
|
CVE-2009-2236
|
2017-09-19 10:29 |
2009-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259220
|
- |
|
joomla
|
com_casiino_blackjack
com_casino_videopoker
com_casinobase
|
SQL injection vulnerability in the (1) casinobase (com_casinobase), (2) casino_blackjack (com_casino_blackjack), and (3) casino_videopoker (com_casino_videopoker) components 0.3.1 for Joomla! allows …
|
CWE-89
SQL Injection
|
CVE-2009-2239
|
2017-09-19 10:29 |
2009-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
