|
294491
|
- |
|
x10media
|
adult_script
|
Multiple cross-site scripting (XSS) vulnerabilities in x10 Adult Media Script 1.7 allow remote attackers to inject arbitrary web script or HTML via the (1) pic_id parameter to includes/video_ad.php, …
|
CWE-79
Cross-site Scripting
|
CVE-2009-4729
|
2017-09-19 10:30 |
2010-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294492
|
- |
|
x10media
|
adult_script
|
SQL injection vulnerability in report.php in x10 Adult Media Script 1.7 allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2009-4730
|
2017-09-19 10:30 |
2010-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294493
|
- |
|
technotoad
|
tt_web_site_manager
|
SQL injection vulnerability in tt/index.php in TT Web Site Manager 0.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the tt_name parameter. NOTE: …
|
CWE-89
SQL Injection
|
CVE-2009-4732
|
2017-09-19 10:30 |
2010-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294494
|
- |
|
supercrackmunkey
|
simpleloginsys
|
SQL injection vulnerability in checkuser.php in SimpleLoginSys 0.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: som…
|
CWE-89
SQL Injection
|
CVE-2009-4733
|
2017-09-19 10:30 |
2010-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294495
|
- |
|
allomani
|
movies_library
|
SQL injection vulnerability in login.php in Allomani Movies Library (Movies & Clips) 2.7.0 allows remote attackers to execute arbitrary SQL commands via the username parameter in a login action.
|
CWE-89
SQL Injection
|
CVE-2009-4734
|
2017-09-19 10:30 |
2010-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294496
|
- |
|
allomani
|
audio_\&_video_library
|
SQL injection vulnerability in login.php in Allomani Audio & Video Library (Songs & Clips version) 2.7.0 allows remote attackers to execute arbitrary SQL commands via the username parameter in a logi…
|
CWE-89
SQL Injection
|
CVE-2009-4735
|
2017-09-19 10:30 |
2010-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294497
|
- |
|
skadate
|
skadate_online_dating_software
|
PHP remote file inclusion vulnerability in index.php in SkaDate Dating allows remote attackers to execute arbitrary PHP code via a URL in the language_id parameter. NOTE: this can also be leveraged …
|
CWE-94
Code Injection
|
CVE-2009-4739
|
2017-09-19 10:30 |
2010-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294498
|
- |
|
andrew_charlton
|
my_category_order
|
SQL injection vulnerability in mycategoryorder.php in the My Category Order plugin 2.8 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the parentID parameter i…
|
CWE-89
SQL Injection
|
CVE-2009-4748
|
2017-09-19 10:30 |
2010-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294499
|
- |
|
phplivesupport
|
php_live\!
|
Multiple SQL injection vulnerabilities in PHP Live! 3.2.1 and 3.2.2 allow remote attackers to execute arbitrary SQL commands via the x parameter to (1) message_box.php and (2) request.php.
|
CWE-89
SQL Injection
|
CVE-2009-4749
|
2017-09-19 10:30 |
2010-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294500
|
- |
|
mercuryaudio
|
audio_player
|
Stack-based buffer overflow in Mercury Audio Player 1.21 allows remote attackers to execute arbitrary code via a long string in a malformed playlist (.m3u) file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-4754
|
2017-09-19 10:30 |
2010-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
