|
294171
|
- |
|
nicecoder
|
idesk
|
SQL injection vulnerability in download.php in Nicecoder iDesk allows remote attackers to execute arbitrary SQL commands via the cat_id parameter, a different vector than CVE-2005-3843.
|
CWE-89
SQL Injection
|
CVE-2009-4624
|
2017-09-19 10:30 |
2010-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294172
|
- |
|
tamlyncreative
|
com_bfsurvey_profree
|
SQL injection vulnerability in the updateOnePage function in components/com_bfsurvey_pro/controller.php in BF Survey Pro Free (com_bfsurvey_profree) 1.2.4, and other versions before 1.2.6, a componen…
|
CWE-89
SQL Injection
|
CVE-2009-4625
|
2017-09-19 10:30 |
2010-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294173
|
- |
|
phpnagios
|
phpnagios
|
Directory traversal vulnerability in menu.php in phpNagios 1.2.0 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the conf[lang] parameter.
|
CWE-22
Path Traversal
|
CVE-2009-4626
|
2017-09-19 10:30 |
2010-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294174
|
- |
|
dan_brown
|
moa_gallery
|
Directory traversal vulnerability in sources/_template_parser.php in Moa Gallery 1.2.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the p_filename parameter, a di…
|
CWE-22
Path Traversal
|
CVE-2009-4627
|
2017-09-19 10:30 |
2010-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294175
|
- |
|
templateplaza
|
com_tpdugg
|
SQL injection vulnerability in the TemplatePlaza.com TPDugg (com_tpdugg) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a tags action to i…
|
CWE-89
SQL Injection
|
CVE-2009-4628
|
2017-09-19 10:30 |
2010-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294176
|
- |
|
e-soft.co
|
dj_studio_pro
|
Stack-based buffer overflow in E-Soft DJ Studio Pro 4.2 including 4.2.2.7.5, and 5.x including 5.1.4.3.1, allows user-assisted remote attackers to cause a denial of service (application crash) and po…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-4656
|
2017-09-19 10:30 |
2010-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294177
|
- |
|
omidrouhani
|
xerver
|
The administrator package for Xerver 4.32 does not require authentication, which allows remote attackers to alter application settings by connecting to the application on port 32123, as demonstrated …
|
CWE-287
Improper Authentication
|
CVE-2009-4657
|
2017-09-19 10:30 |
2010-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294178
|
- |
|
omidrouhani
|
xerver
|
Xerver 4.32 allows remote authenticated users to cause a denial of service (daemon crash) via a non-numeric web port assignment in the management interface. NOTE: this can be leveraged by non-authen…
|
CWE-20
Improper Input Validation
|
CVE-2009-4658
|
2017-09-19 10:30 |
2010-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294179
|
- |
|
mp3-cutter
|
ease_audio_cutter
|
Unspecified vulnerability in MP3-Cutter Ease Audio Cutter 1.20 allows user-assisted remote attackers to cause a denial of service (application crash) via a long string in a WAV file.
|
NVD-CWE-noinfo
|
CVE-2009-4659
|
2017-09-19 10:30 |
2010-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294180
|
- |
|
bigantsoft
|
bigant_messenger
|
Stack-based buffer overflow in the AntServer Module (AntServer.exe) in BigAnt IM Server 2.50 allows remote attackers to execute arbitrary code via a long GET request to TCP port 6660.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-4660
|
2017-09-19 10:30 |
2010-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
