|
294191
|
- |
|
mole-group
|
bus_ticket_script
sky_hunter_airline_ticket_sale_script
|
admin/admin.php in Mole Group Sky Hunter Airline Ticket Sale Script and Bus Ticket Script allows remote attackers to change an arbitrary password via a modified user_id field.
|
CWE-255
Credentials Management
|
CVE-2009-4674
|
2017-09-19 10:30 |
2010-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294192
|
- |
|
mole-group
|
gastro_portal_\(restaurant_directory\)_script
|
admin/admin_info/index.php in the Mole Group Gastro Portal (Restaurant Directory) Script does not require administrative authentication, which allows remote attackers to change the admin password via…
|
CWE-287
Improper Authentication
|
CVE-2009-4675
|
2017-09-19 10:30 |
2010-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294193
|
- |
|
phpdirectorysource
|
phpdirectorysource
|
SQL injection vulnerability in search.php in phpDirectorySource 1.x allows remote attackers to execute arbitrary SQL commands via the st parameter.
|
CWE-89
SQL Injection
|
CVE-2009-4680
|
2017-09-19 10:30 |
2010-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294194
|
- |
|
phpdirectorysource
|
phpdirectorysource
|
Cross-site scripting (XSS) vulnerability in search.php in phpDirectorySource 1.x allows remote attackers to inject arbitrary web script or HTML via the st parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4681
|
2017-09-19 10:30 |
2010-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294195
|
- |
|
scriptsez
|
good\/bad_vote
|
Cross-site scripting (XSS) vulnerability in vote.php in Good/Bad Vote allows remote attackers to inject arbitrary web script or HTML via the id parameter in a vote action.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4682
|
2017-09-19 10:30 |
2010-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294196
|
- |
|
scriptsez
|
good\/bad_vote
|
Directory traversal vulnerability in vote.php in Good/Bad Vote allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the id parameter in a dovote a…
|
CWE-22
Path Traversal
|
CVE-2009-4683
|
2017-09-19 10:30 |
2010-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294197
|
- |
|
hypersilence
|
silentum_guestbook
|
SQL injection vulnerability in silentum_guestbook.php in Silentum Guestbook 2.0.2 allows remote attackers to execute arbitrary SQL commands via the messageid parameter.
|
CWE-89
SQL Injection
|
CVE-2009-4687
|
2017-09-19 10:30 |
2010-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294198
|
- |
|
radscripts
|
radlance
|
Cross-site scripting (XSS) vulnerability in index.php in RadScripts RadLance Gold 7.5 allows remote attackers to inject arbitrary web script or HTML via the pr parameter in a ulist action.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4692
|
2017-09-19 10:30 |
2010-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294199
|
- |
|
grafxsoftware
|
minicwb
|
Multiple PHP remote file inclusion vulnerabilities in GraFX MiniCWB 2.3.0 allow remote attackers to execute arbitrary PHP code via a URL in the LANG parameter to (1) en.inc.php, (2) hu.inc.php, (3) n…
|
CWE-94
Code Injection
|
CVE-2009-4693
|
2017-09-19 10:30 |
2010-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294200
|
- |
|
radscripts
|
radlance
|
SQL injection vulnerability in index.php in RadScripts RadLance Gold 7.5 allows remote attackers to execute arbitrary SQL commands via the fid parameter in a view_forum action.
|
CWE-89
SQL Injection
|
CVE-2009-4695
|
2017-09-19 10:30 |
2010-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
