|
261261
|
- |
|
uiga
|
church_portal
|
SQL injection vulnerability in index.php in Uiga Church Portal allows remote attackers to execute arbitrary SQL commands via the month parameter in a calendar action. NOTE: the provenance of this in…
|
CWE-89
SQL Injection
|
CVE-2009-3081
|
2017-08-17 10:31 |
2009-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261262
|
- |
|
zmanda
|
zrm_for_my_sql
|
The doHotCopy subroutine in socket-server.pl in Zmanda Recovery Manager (ZRM) for MySQL 2.x before 2.1.1 allows remote attackers to execute arbitrary commands via vectors involving a crafted $MYSQL_B…
|
CWE-20
Improper Input Validation
|
CVE-2009-3102
|
2017-08-17 10:31 |
2009-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261263
|
- |
|
symantec
|
antivirus
client_security
norton_antivirus
norton_internet_security
|
Unspecified vulnerability in Symantec Norton AntiVirus 2005 through 2008; Norton Internet Security 2005 through 2008; AntiVirus Corporate Edition 9.0 before MR7, 10.0, 10.1 before MR8, and 10.2 befor…
|
CWE-399
Resource Management Errors
|
CVE-2009-3104
|
2017-08-17 10:31 |
2009-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261264
|
- |
|
ibm
|
domino_web_access
|
Cross-site scripting (XSS) vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 211.241 for Domino 8.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecif…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3105
|
2017-08-17 10:31 |
2009-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261265
|
- |
|
ibm
|
websphere_application_server
|
The Servlet Engine/Web Container component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.37 does not properly implement security constraints on the (1) doGet and (2) doTrace methods, w…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-3106
|
2017-08-17 10:31 |
2009-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261266
|
- |
|
chris_shattuck
|
ajaxtable
|
Cross-site scripting (XSS) vulnerability in the Ajax Table module 5.x for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2009-3121
|
2017-08-17 10:31 |
2009-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261267
|
- |
|
chris_shattuck
|
ajaxtable
|
The Ajax Table module 5.x for Drupal does not perform access control, which allows remote attackers to delete arbitrary users and nodes via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-3122
|
2017-08-17 10:31 |
2009-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261268
|
- |
|
visavi
|
wap-motor
|
Directory traversal vulnerability in gallery/gallery.php in Wap-Motor before 18.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the image parameter.
|
CWE-22
Path Traversal
|
CVE-2009-3123
|
2017-08-17 10:31 |
2009-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261269
|
- |
|
articlefriend
|
articlefriend_script
|
Cross-site scripting (XSS) vulnerability in search_advance.php in ArticleFriend Script allows remote attackers to inject arbitrary web script or HTML via the SearchWd parameter. NOTE: the provenance…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3146
|
2017-08-17 10:31 |
2009-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261270
|
- |
|
nt
|
bbs_e-market
|
Multiple cross-site scripting (XSS) vulnerabilities in becommunity/community/index.php in NTSOFT BBS E-Market Professional allow remote attackers to inject arbitrary web script or HTML via the (1) pa…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3152
|
2017-08-17 10:31 |
2009-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
