|
260521
|
- |
|
isolsoft
|
support_center
|
Cross-site scripting (XSS) vulnerability in newticket.php in IsolSoft Support Center 2.5 allows remote attackers to inject arbitrary web script or HTML via the lang parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4542
|
2017-09-19 10:29 |
2010-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260522
|
- |
|
cromosoft
|
facil_helpdesk
|
PHP remote file inclusion vulnerability in index.php in Cromosoft Technologies Facil Helpdesk 2.3 Lite allows remote attackers to execute arbitrary PHP code via a URL in the lng parameter. NOTE: thi…
|
CWE-94
Code Injection
|
CVE-2009-4543
|
2017-09-19 10:29 |
2010-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260523
|
- |
|
cromosoft
|
facil_helpdesk
|
Cross-site scripting (XSS) vulnerability in kbase/kbase.php in Cromosoft Technologies Facil Helpdesk 2.3 Lite allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4544
|
2017-09-19 10:29 |
2010-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260524
|
- |
|
logoshows
|
logoshows_bbs
|
Logoshows BBS 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for database/globepersonn…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-4545
|
2017-09-19 10:29 |
2010-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260525
|
- |
|
logoshows
|
logoshows_bbs
|
globepersonnel_login.asp in Logoshows BBS 2.0 allows remote attackers to bypass authentication and gain administrative access by setting the (1) pb_username (aka pb%5Fusername) and (2) level cookies.
|
CWE-20
Improper Input Validation
|
CVE-2009-4546
|
2017-09-19 10:29 |
2010-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260526
|
- |
|
cdmi
|
a2_media_player_pro
|
Stack-based buffer overflow in A2 Media Player Pro 2.51 allows remote attackers to execute arbitrary code via a long string in a (1) .m3u or (2) .m3l playlist file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-4549
|
2017-09-19 10:29 |
2010-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260527
|
- |
|
kunena
|
kunena_forum
|
SQL injection vulnerability in the Kunena Forum (com_kunena) component 1.5.3 and 1.5.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the func parameter to index.php.
|
CWE-89
SQL Injection
|
CVE-2009-4550
|
2017-09-19 10:29 |
2010-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260528
|
- |
|
intesync
|
miniweb
|
SQL injection vulnerability in the Survey Pro module for Miniweb 2.0 allows remote attackers to execute arbitrary SQL commands via the campaign_id parameter in a results action to index.php.
|
CWE-89
SQL Injection
|
CVE-2009-4551
|
2017-09-19 10:29 |
2010-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260529
|
- |
|
intesync
|
miniweb
|
Cross-site scripting (XSS) vulnerability in the Survey Pro module for Miniweb 2.0 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4552
|
2017-09-19 10:29 |
2010-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260530
|
- |
|
rjvmedia
|
irehearse
|
Stack-based buffer overflow in iRehearse allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long string in a .m3u playlist file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-4553
|
2017-09-19 10:29 |
2010-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
