|
262891
|
- |
|
corephp
|
com_jphoto
|
SQL injection vulnerability in the JPhoto (com_jphoto) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a category action to index.php.
|
CWE-89
SQL Injection
|
CVE-2009-4598
|
2017-08-17 10:31 |
2010-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262892
|
- |
|
joomshark
|
com_jsjobs
|
Multiple SQL injection vulnerabilities in the JS Jobs (com_jsjobs) component 1.0.5.6 for Joomla! allow remote attackers to execute arbitrary SQL commands via (1) the md parameter in an employer view_…
|
CWE-89
SQL Injection
|
CVE-2009-4599
|
2017-08-17 10:31 |
2010-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262893
|
- |
|
netartmedia
|
media_real_estate_portal
|
SQL injection vulnerability in realestate20/loginaction.php in NetArt Media Real Estate Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the Email parameter (aka the username …
|
CWE-89
SQL Injection
|
CVE-2009-4600
|
2017-08-17 10:31 |
2010-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262894
|
- |
|
fernando_soares
|
com_mamboleto
|
PHP remote file inclusion vulnerability in mamboleto.php in the Fernando Soares Mamboleto (com_mamboleto) component 2.0 RC3 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL…
|
CWE-94
Code Injection
|
CVE-2009-4604
|
2017-08-17 10:31 |
2010-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262895
|
- |
|
accellion
|
secure_file_transfer_appliance
|
Accellion Secure File Transfer Appliance before 8_0_105 allows remote authenticated administrators to bypass the restricted shell and execute arbitrary commands via shell metacharacters to the ping c…
|
CWE-78
OS Command
|
CVE-2009-4644
|
2017-08-17 10:31 |
2010-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262896
|
- |
|
accellion
|
secure_file_transfer_appliance
|
Directory traversal vulnerability in web_client_user_guide.html in Accellion Secure File Transfer Appliance before 8_0_105 allows remote attackers to read arbitrary files via a .. (dot dot) in the la…
|
CWE-22
Path Traversal
|
CVE-2009-4645
|
2017-08-17 10:31 |
2010-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262897
|
- |
|
accellion
|
secure_file_transfer_appliance
|
Cross-site scripting (XSS) vulnerability in Accellion Secure File Transfer Appliance before 7_0_296 allows remote attackers to inject arbitrary web script or HTML via the username parameter, which is…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4647
|
2017-08-17 10:31 |
2010-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262898
|
- |
|
accellion
|
secure_file_transfer_appliance
|
Accellion Secure File Transfer Appliance before 8_0_105 does not properly restrict access to sensitive commands and arguments that run with extra sudo privileges, which allows local administrators to…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-4648
|
2017-08-17 10:31 |
2010-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262899
|
- |
|
geccbblite
|
geccbblite
|
Multiple cross-site scripting (XSS) vulnerabilities in geccBBlite 0.1 allow remote attackers to inject arbitrary web script or HTML via the postatoda parameter to (1) rispondi.php and (2) scrivi.php,…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4649
|
2017-08-17 10:31 |
2010-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262900
|
- |
|
novell
|
edirectory
|
The dhost web service in Novell eDirectory 8.8.5 uses a predictable session cookie, which makes it easier for remote attackers to hijack sessions via a modified cookie.
|
CWE-310
Cryptographic Issues
|
CVE-2009-4655
|
2017-08-17 10:31 |
2010-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
