|
258651
|
- |
|
xpressengine
|
zeroboard
|
lib.php in Zeroboard 4.1 pl7 allows remote attackers to execute arbitrary PHP code via a crafted parameter name, possibly related to now_connect.php.
|
CWE-94
Code Injection
|
CVE-2009-4834
|
2017-09-19 10:30 |
2010-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258652
|
- |
|
moviephp
|
movie_php_script
|
Eval injection vulnerability in system/services/init.php in Movie PHP Script 2.0 allows remote attackers to execute arbitrary PHP code via the anticode parameter.
|
CWE-94
Code Injection
|
CVE-2009-4836
|
2017-09-19 10:30 |
2010-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258653
|
- |
|
roxio
|
cineplayer
|
Heap-based buffer overflow in the IAManager ActiveX control in IAManager.dll in Roxio CinePlayer 3.2 allows remote attackers to execute arbitrary code via a long argument to the SetIAPlayerName metho…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-4840
|
2017-09-19 10:30 |
2010-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258654
|
- |
|
roxio
|
cineplayer
|
Heap-based buffer overflow in the SonicMediaPlayer ActiveX control in SonicMediaPlayer.dll in Roxio CinePlayer 3.2 allows remote attackers to execute arbitrary code via a long argument to the DiskTyp…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-4841
|
2017-09-19 10:30 |
2010-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258655
|
- |
|
scripts.oldguy
|
talkback
|
addons/import.php in TalkBack 2.3.14 allows remote attackers to execute arbitrary commands via the result parameter.
|
CWE-20
Improper Input Validation
|
CVE-2009-4854
|
2017-09-19 10:30 |
2010-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258656
|
- |
|
demarque
|
typing_pal
|
SQL injection vulnerability in demo.php in Typing Pal 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the idTableProduit parameter.
|
CWE-89
SQL Injection
|
CVE-2009-4860
|
2017-09-19 10:30 |
2010-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258657
|
- |
|
abushhab
|
alwasel
|
Multiple SQL injection vulnerabilities in Alwasel 1.5 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) show.php and (2) xml.php.
|
CWE-89
SQL Injection
|
CVE-2009-4862
|
2017-09-19 10:30 |
2010-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258658
|
- |
|
ultraplayer
|
ultraplayer_media_player
|
Stack-based buffer overflow in UltraPlayer Media Player 2.112 allows remote attackers to execute arbitrary code via a long string in a .usk file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-4863
|
2017-09-19 10:30 |
2010-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258659
|
- |
|
tony_million
|
tuniac
|
Buffer overflow in Tuniac 090517c allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long URL in a .m3u playlist file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-4867
|
2017-09-19 10:30 |
2010-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258660
|
- |
|
phpcityportal
|
phpcityportal
|
Multiple SQL injection vulnerabilities in login.php in PHPCityPortal allow remote attackers to execute arbitrary SQL commands via the (1) req_username (aka Username) and (2) req_password (aka Passwor…
|
CWE-89
SQL Injection
|
CVE-2009-4870
|
2017-09-19 10:30 |
2010-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
