258641
|
- |
|
tigerdms
|
tigerdms
|
Multiple SQL injection vulnerabilities in login.php in Tiger Document Management System (DMS) allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters.
|
CWE-89
SQL Injection
|
CVE-2009-1503
|
2017-09-29 10:34 |
2009-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258642
|
- |
|
xigla
|
absolute_control_panel_xe
|
Absolute Form Processor XE 1.5 allows remote attackers to bypass authentication and gain administrative access by setting the xlaAFPadmin cookie to "lvl=1&userid=1."
|
CWE-287
Improper Authentication
|
CVE-2009-1504
|
2017-09-29 10:34 |
2009-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258643
|
- |
|
intelliants
|
elitius
|
SQL injection vulnerability in classes/Xp.php in eLitius 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to banner-details.php.
|
CWE-89
SQL Injection
|
CVE-2009-1506
|
2017-09-29 10:34 |
2009-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258644
|
- |
|
keir_davis
|
x-forum
|
SQL injection vulnerability in the xforum_validateUser function in Common.php in X-Forum 0.6.2 allows remote attackers to execute arbitrary SQL commands, as demonstrated via the cookie_username param…
|
CWE-89
SQL Injection
|
CVE-2009-1508
|
2017-09-29 10:34 |
2009-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258645
|
- |
|
myiosoft
|
ajaxportal
|
SQL injection vulnerability in ajaxp_backend.php in MyioSoft AjaxPortal 3.0 allows remote attackers to execute arbitrary SQL commands via the page parameter.
|
CWE-89
SQL Injection
|
CVE-2009-1509
|
2017-09-29 10:34 |
2009-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258646
|
- |
|
koschtit
|
koschtit_image_gallery
|
Multiple directory traversal vulnerabilities in KoschtIT Image Gallery 1.82 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the file parameter…
|
CWE-22
Path Traversal
|
CVE-2009-1510
|
2017-09-29 10:34 |
2009-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258647
|
- |
|
microsoft
|
windows_xp
|
GDI+ in Microsoft Windows XP SP3 allows remote attackers to cause a denial of service (infinite loop) via a PNG file that contains a certain large btChunkLen value.
|
CWE-399
Resource Management Errors
|
CVE-2009-1511
|
2017-09-29 10:34 |
2009-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258648
|
- |
|
keir_davis
|
x-forum
|
Static code injection vulnerability in X-Forum 0.6.2 allows remote authenticated administrators to inject arbitrary PHP code into Config.php via the adminEMail parameter to SaveConfig.php.
|
CWE-94
Code Injection
|
CVE-2009-1512
|
2017-09-29 10:34 |
2009-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258649
|
- |
|
google
|
chrome
|
Google Chrome 1.0.154.53 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a throw statement with a long exception value.
|
CWE-399
Resource Management Errors
|
CVE-2009-1514
|
2017-09-29 10:34 |
2009-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258650
|
- |
|
icewarp
|
merak_mail_server
|
Stack-based buffer overflow in the IceWarpServer.APIObject ActiveX control in api.dll in IceWarp Merak Mail Server 9.4.1 might allow context-dependent attackers to execute arbitrary code via a large …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-1516
|
2017-09-29 10:34 |
2009-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|