|
294091
|
- |
|
andrews-web
|
aw-bannerad
|
Multiple SQL injection vulnerabilities in Admin/index.asp in Andrews-Web (A-W) BannerAd 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) User and (2) Password parameters. NOTE…
|
CWE-89
SQL Injection
|
CVE-2009-4721
|
2017-09-19 10:30 |
2010-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294092
|
- |
|
limny
|
limny
|
SQL injection vulnerability in the CheckLogin function in includes/functions.php in Limny 1.01, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the us…
|
CWE-89
SQL Injection
|
CVE-2009-4722
|
2017-09-19 10:30 |
2010-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294093
|
- |
|
netpet
|
netpet_cms
|
Directory traversal vulnerability in confirm.php in Netpet CMS 1.9 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter.
|
CWE-22
Path Traversal
|
CVE-2009-4723
|
2017-09-19 10:30 |
2010-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294094
|
- |
|
paymentprocessorscript
|
ppscript
|
SQL injection vulnerability in shop.htm in PaymentProcessorScript.net PPScript allows remote attackers to execute arbitrary SQL commands via the cid parameter.
|
CWE-89
SQL Injection
|
CVE-2009-4724
|
2017-09-19 10:30 |
2010-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294095
|
- |
|
arabportal
|
arab_portal
|
Directory traversal vulnerability in modules/aljazeera/admin/setup.php in Arab Portal 2.2 and earlier, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to in…
|
CWE-22
Path Traversal
|
CVE-2009-4725
|
2017-09-19 10:30 |
2010-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294096
|
- |
|
olivier_michaud_pierre-yves
|
quickdev4php
|
Directory traversal vulnerability in download.php in Quickdev 4 PHP allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
|
CWE-22
Path Traversal
|
CVE-2009-4726
|
2017-09-19 10:30 |
2010-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294097
|
- |
|
junglescripts
|
ajax_short_url_script
|
SQL injection vulnerability in x/login in JungleScripts Ajax Short Url Script allows remote attackers to execute arbitrary SQL commands via the username parameter.
|
CWE-89
SQL Injection
|
CVE-2009-4727
|
2017-09-19 10:30 |
2010-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294098
|
- |
|
questions_answered
|
questions_answered
|
SQL injection vulnerability in the administrative interface in Questions Answered 1.3 allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these detail…
|
CWE-89
SQL Injection
|
CVE-2009-4728
|
2017-09-19 10:30 |
2010-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294099
|
- |
|
x10media
|
adult_script
|
Multiple cross-site scripting (XSS) vulnerabilities in x10 Adult Media Script 1.7 allow remote attackers to inject arbitrary web script or HTML via the (1) pic_id parameter to includes/video_ad.php, …
|
CWE-79
Cross-site Scripting
|
CVE-2009-4729
|
2017-09-19 10:30 |
2010-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294100
|
- |
|
x10media
|
adult_script
|
SQL injection vulnerability in report.php in x10 Adult Media Script 1.7 allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2009-4730
|
2017-09-19 10:30 |
2010-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
