|
294601
|
- |
|
virtuenetz
|
virtue_online_test_generator
|
admin/index.php in Virtuenetz Virtue Online Test Generator does not require administrative privileges, which allows remote authenticated users to have an unknown impact via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-2393
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294602
|
- |
|
smspages
|
smspages
|
SQL injection vulnerability in cat.php in SMSPages 1.0 in Mr.Saphp Arabic Script Mobile (aka Messages Library) 2.0 allows remote attackers to execute arbitrary SQL commands via the CatID parameter.
|
CWE-89
SQL Injection
|
CVE-2009-2394
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294603
|
- |
|
joomlaworks
|
com_k2
|
SQL injection vulnerability in the K2 (com_k2) component 1.0.1 Beta and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter in an itemlist action …
|
CWE-89
SQL Injection
|
CVE-2009-2395
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294604
|
- |
|
dutchmonkey
|
dm_album
|
PHP remote file inclusion vulnerability in template/album.php in DM Albums 1.9.2, as used standalone or as a WordPress plugin, allows remote attackers to execute arbitrary PHP code via a URL in the S…
|
CWE-94
Code Injection
|
CVE-2009-2396
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294605
|
- |
|
audioarticledirectory
|
audio_article_directory
|
Directory traversal vulnerability in download.php in Audio Article Directory allows remote attackers to read arbitrary files via directory traversal sequences in the file parameter.
|
CWE-22
Path Traversal
|
CVE-2009-2397
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294606
|
- |
|
php-sugar
|
php-sugar
|
Directory traversal vulnerability in test/index.php in PHP-Sugar 0.80 allows remote attackers to read arbitrary files via a ..// (dot dot slash slash) in the t parameter.
|
CWE-22
Path Traversal
|
CVE-2009-2398
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294607
|
- |
|
dutchmonkey
|
dm_filemanager
|
PHP remote file inclusion vulnerability in dm-albums/template/album.php in DM FileManager 3.9.4, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in t…
|
CWE-94
Code Injection
|
CVE-2009-2399
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294608
|
- |
|
fijiwebdesign
|
com_php
|
SQL injection vulnerability in the PHP (com_php) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
|
CWE-89
SQL Injection
|
CVE-2009-2400
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294609
|
- |
|
phpecho_cms
|
phpecho_cms
|
Cross-site scripting (XSS) vulnerability in PHPEcho CMS 2.0-rc3 allows remote attackers to inject arbitrary web script or HTML via a forum post.
|
CWE-79
Cross-site Scripting
|
CVE-2009-2401
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294610
|
- |
|
phpecho_cms
|
phpecho_cms
|
SQL injection vulnerability in index.php in the forum module in PHPEcho CMS 2.0-rc3 allows remote attackers to execute arbitrary SQL commands via the id parameter in a thread action, a different vect…
|
CWE-89
SQL Injection
|
CVE-2009-2402
|
2017-09-19 10:29 |
2009-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
