|
259261
|
- |
|
fustrate
|
member_awards
|
SQL injection vulnerability in the awardsMembers function in Sources/Profile.php in the Member Awards component 1.0.2 for Simple Machines Forum (SMF) allows remote attackers to execute arbitrary SQL …
|
CWE-89
SQL Injection
|
CVE-2009-2385
|
2017-09-19 10:29 |
2009-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259262
|
- |
|
usolved
|
newsolved
|
Multiple SQL injection vulnerabilities in newsscript.php in USOLVED NEWSolved 1.1.6, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) jahr or (2…
|
CWE-89
SQL Injection
|
CVE-2009-2389
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259263
|
- |
|
f-cimag-in
|
com_bookflip
|
SQL injection vulnerability in the BookFlip (com_bookflip) component 2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the book_id parameter to index.php.
|
CWE-89
SQL Injection
|
CVE-2009-2390
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259264
|
- |
|
virtuenetz
|
virtue_online_test_generator
|
Cross-site scripting (XSS) vulnerability in text.php in Virtuenetz Virtue Online Test Generator allows remote attackers to inject arbitrary web script or HTML via the tid parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-2391
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259265
|
- |
|
virtuenetz
|
virtue_online_test_generator
|
SQL injection vulnerability in text.php in Virtuenetz Virtue Online Test Generator allows remote attackers to execute arbitrary SQL commands via the tid parameter.
|
CWE-89
SQL Injection
|
CVE-2009-2392
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259266
|
- |
|
virtuenetz
|
virtue_online_test_generator
|
admin/index.php in Virtuenetz Virtue Online Test Generator does not require administrative privileges, which allows remote authenticated users to have an unknown impact via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-2393
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259267
|
- |
|
smspages
|
smspages
|
SQL injection vulnerability in cat.php in SMSPages 1.0 in Mr.Saphp Arabic Script Mobile (aka Messages Library) 2.0 allows remote attackers to execute arbitrary SQL commands via the CatID parameter.
|
CWE-89
SQL Injection
|
CVE-2009-2394
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259268
|
- |
|
joomlaworks
|
com_k2
|
SQL injection vulnerability in the K2 (com_k2) component 1.0.1 Beta and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter in an itemlist action …
|
CWE-89
SQL Injection
|
CVE-2009-2395
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259269
|
- |
|
dutchmonkey
|
dm_album
|
PHP remote file inclusion vulnerability in template/album.php in DM Albums 1.9.2, as used standalone or as a WordPress plugin, allows remote attackers to execute arbitrary PHP code via a URL in the S…
|
CWE-94
Code Injection
|
CVE-2009-2396
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259270
|
- |
|
audioarticledirectory
|
audio_article_directory
|
Directory traversal vulnerability in download.php in Audio Article Directory allows remote attackers to read arbitrary files via directory traversal sequences in the file parameter.
|
CWE-22
Path Traversal
|
CVE-2009-2397
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
