|
260341
|
- |
|
pear
|
pear
|
Argument injection vulnerability in the ping function in Ping.php in the Net_Ping package before 2.4.5 for PEAR allows remote attackers to execute arbitrary shell commands via the host parameter. NO…
|
CWE-94
Code Injection
|
CVE-2009-4024
|
2017-08-17 10:31 |
2009-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260342
|
- |
|
pear
|
pear
|
Argument injection vulnerability in the traceroute function in Traceroute.php in the Net_Traceroute package before 0.21.2 for PEAR allows remote attackers to execute arbitrary shell commands via the …
|
CWE-78
OS Command
|
CVE-2009-4025
|
2017-08-17 10:31 |
2009-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260343
|
- |
|
marek_sotak
|
rootcandy
|
Cross-site scripting (XSS) vulnerability in the RootCandy theme 6.x before 6.x-1.5 for Drupal allows remote attackers to inject arbitrary web script or HTML via the URI.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4042
|
2017-08-17 10:31 |
2009-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260344
|
- |
|
patrick_przybilla
|
addtoany
|
Cross-site scripting (XSS) vulnerability in the AddToAny module 5.x before 5.x-2.4 and 6.x before 6.x-2.4 for Drupal allows remote attackers to inject arbitrary web script or HTML via a node title.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4043
|
2017-08-17 10:31 |
2009-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260345
|
- |
|
bruno_massa
|
web_services
|
The Web Services module 6.x for Drupal does not perform the expected access control, which allows remote attackers to make unspecified use of an API via unknown vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-4044
|
2017-08-17 10:31 |
2009-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260346
|
- |
|
ibm
|
rational_application_developer_for_websphere
rational_software_architect
|
Multiple cross-site scripting (XSS) vulnerabilities in the JSF Widget Library Runtime in IBM Rational Application Developer for WebSphere Software before 7.0.0.10 and Rational Software Architect befo…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4052
|
2017-08-17 10:31 |
2009-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260347
|
- |
|
inertialfate
|
com_if_nexus
|
SQL injection vulnerability in the inertialFATE iF Portfolio Nexus (com_if_nexus) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an item a…
|
CWE-89
SQL Injection
|
CVE-2009-4057
|
2017-08-17 10:31 |
2009-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260348
|
- |
|
telebidauctionscript
|
telebid_auction_script
|
SQL injection vulnerability in allauctions.php in Telebid Auction Script allows remote attackers to execute arbitrary SQL commands via the aid parameter.
|
CWE-89
SQL Injection
|
CVE-2009-4058
|
2017-08-17 10:31 |
2009-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260349
|
- |
|
.joomclan
|
com_joomclip
|
SQL injection vulnerability in the JoomClip (com_joomclip) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a thumbs action to index.php.
|
CWE-89
SQL Injection
|
CVE-2009-4059
|
2017-08-17 10:31 |
2009-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260350
|
- |
|
cubecart
|
cubecart
|
SQL injection vulnerability in includes/content/viewProd.inc.php in CubeCart before 4.3.7 remote attackers to execute arbitrary SQL commands via the productId parameter.
|
CWE-89
SQL Injection
|
CVE-2009-4060
|
2017-08-17 10:31 |
2009-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
