|
258821
|
- |
|
ditcms
|
dit.cms
|
Multiple directory traversal vulnerabilities in dit.cms 1.3, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the path param…
|
CWE-22
Path Traversal
|
CVE-2009-2784
|
2017-09-19 10:29 |
2009-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258822
|
- |
|
reputation
|
reputation
|
SQL injection vulnerability in reputation.php in the Reputation plugin 2.2.4, 2.2.3, 2.0.4, and earlier for PunBB allows remote attackers to execute arbitrary SQL commands via the poster parameter.
|
CWE-89
SQL Injection
|
CVE-2009-2786
|
2017-09-19 10:29 |
2009-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258823
|
- |
|
reputation
|
reputation
|
Directory traversal vulnerability in include/reputation/rep_profile.php in the Reputation plugin 2.2.4, 2.2.3, 2.0.4, and earlier for PunBB, when register_globals is enabled and magic_quotes_gpc is d…
|
CWE-22
Path Traversal
|
CVE-2009-2787
|
2017-09-19 10:29 |
2009-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258824
|
- |
|
mobilelib
|
mobilelib_gold
|
Multiple SQL injection vulnerabilities in Mobilelib GOLD 3 allow remote attackers to execute arbitrary SQL commands via the (1) adminName parameter to cp/auth.php, (2) cid parameter to artcat.php, an…
|
CWE-89
SQL Injection
|
CVE-2009-2788
|
2017-09-19 10:29 |
2009-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258825
|
- |
|
webdynamite
|
projectbutler
|
PHP remote file inclusion vulnerability in pda_projects.php in WebDynamite ProjectButler 1.5.0 allows remote attackers to execute arbitrary PHP code via a URL in the offset parameter.
|
CWE-94
Code Injection
|
CVE-2009-2791
|
2017-09-19 10:29 |
2009-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258826
|
- |
|
joshua_oliver
|
really_simple_cms
|
Directory traversal vulnerability in plugings/pagecontent.php in Really Simple CMS (RSCMS) 0.3a allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the PT param…
|
CWE-22
Path Traversal
|
CVE-2009-2792
|
2017-09-19 10:29 |
2009-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258827
|
- |
|
apple
|
itunes
|
Buffer overflow in Apple iTunes before 9.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted .pls file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-2817
|
2017-09-19 10:29 |
2009-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258828
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
The web interface in CUPS before 1.4.2, as used on Apple Mac OS X before 10.6.2 and other platforms, does not properly handle (1) HTTP headers and (2) HTML templates, which allows remote attackers to…
|
CWE-79
Cross-site Scripting
|
CVE-2009-2820
|
2017-09-19 10:29 |
2009-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258829
|
- |
|
apple
|
mac_os_x
|
Heap-based buffer overflow in QuickDraw Manager in Apple Mac OS X before 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT i…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-2837
|
2017-09-19 10:29 |
2009-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258830
|
- |
|
apple
|
safari
|
Apple Safari before 4.0.4 does not properly implement certain (1) Open Image and (2) Open Link menu options, which allows remote attackers to read local HTML files via a crafted web site.
|
NVD-CWE-Other
|
CVE-2009-2842
|
2017-09-19 10:29 |
2009-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
