|
294251
|
- |
|
demarque
|
typing_pal
|
SQL injection vulnerability in demo.php in Typing Pal 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the idTableProduit parameter.
|
CWE-89
SQL Injection
|
CVE-2009-4860
|
2017-09-19 10:30 |
2010-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294252
|
- |
|
abushhab
|
alwasel
|
Multiple SQL injection vulnerabilities in Alwasel 1.5 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) show.php and (2) xml.php.
|
CWE-89
SQL Injection
|
CVE-2009-4862
|
2017-09-19 10:30 |
2010-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294253
|
- |
|
ultraplayer
|
ultraplayer_media_player
|
Stack-based buffer overflow in UltraPlayer Media Player 2.112 allows remote attackers to execute arbitrary code via a long string in a .usk file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-4863
|
2017-09-19 10:30 |
2010-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294254
|
- |
|
tony_million
|
tuniac
|
Buffer overflow in Tuniac 090517c allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long URL in a .m3u playlist file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-4867
|
2017-09-19 10:30 |
2010-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294255
|
- |
|
phpcityportal
|
phpcityportal
|
Multiple SQL injection vulnerabilities in login.php in PHPCityPortal allow remote attackers to execute arbitrary SQL commands via the (1) req_username (aka Username) and (2) req_password (aka Passwor…
|
CWE-89
SQL Injection
|
CVE-2009-4870
|
2017-09-19 10:30 |
2010-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294256
|
- |
|
logoshows
|
logoshows_bbs
|
SQL injection vulnerability in globepersonnel_forum.asp in Logoshows BBS 2.0 allows remote attackers to execute arbitrary SQL commands via the forumid parameter.
|
CWE-89
SQL Injection
|
CVE-2009-4871
|
2017-09-19 10:30 |
2010-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294257
|
- |
|
logoshows
|
logoshows_bbs
|
Multiple SQL injection vulnerabilities in globepersonnel_login.asp in Logoshows BBS 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields.
|
CWE-89
SQL Injection
|
CVE-2009-4872
|
2017-09-19 10:30 |
2010-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294258
|
- |
|
scripts.oldguy
|
talkback
|
TalkBack 2.3.14 does not properly restrict access to the edit comment feature (comments.php), which allows remote attackers to modify comments.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-4874
|
2017-09-19 10:30 |
2010-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294259
|
- |
|
netrix
|
netrix_cms
|
admin/cikkform.php in Netrix CMS 1.0 allows remote attackers to modify arbitrary pages via a direct request using the cid parameter.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-4876
|
2017-09-19 10:30 |
2010-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294260
|
- |
|
todd_rogers
|
phprecipebook
|
SQL injection vulnerability in index.php in PHPRecipeBook 2.24 and 2.39 allows remote attackers to execute arbitrary SQL commands via the (1) base_id or (2) course_id parameter in a search action.
|
CWE-89
SQL Injection
|
CVE-2009-4883
|
2017-09-19 10:30 |
2010-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
