|
294021
|
- |
|
videosbroadcastyourself
|
videos_broadcast_yourself
|
Multiple SQL injection vulnerabilities in Videos Broadcast Yourself 2 allow remote attackers to execute arbitrary SQL commands via the (1) UploadID parameter to videoint.php, and possibly the (2) cat…
|
CWE-89
SQL Injection
|
CVE-2009-2924
|
2017-09-19 10:29 |
2009-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294022
|
- |
|
djcalendar
|
djcalendar
|
Directory traversal vulnerability in DJcalendar.cgi in DJCalendar allows remote attackers to read arbitrary files via a .. (dot dot) in the TEMPLATE parameter.
|
CWE-22
Path Traversal
|
CVE-2009-2925
|
2017-09-19 10:29 |
2009-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294023
|
- |
|
phpcompet.free
|
php_competition_system
|
Multiple SQL injection vulnerabilities in PHP Competition System BETA 0.84 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) day parameter to show_matchs.php and (2) pa…
|
CWE-89
SQL Injection
|
CVE-2009-2926
|
2017-09-19 10:29 |
2009-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294024
|
- |
|
digitalspinners
|
ds_cms
|
SQL injection vulnerability in DetailFile.php in DigitalSpinners DS CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the nFileId parameter.
|
CWE-89
SQL Injection
|
CVE-2009-2927
|
2017-09-19 10:29 |
2009-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294025
|
- |
|
tgs-cms
|
tgs_content_management
|
Cross-site scripting (XSS) vulnerability in login.php in TGS Content Management 0.x allows remote attackers to inject arbitrary web script or HTML via the previous_page parameter, a different vector …
|
CWE-79
Cross-site Scripting
|
CVE-2009-2928
|
2017-09-19 10:29 |
2009-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294026
|
- |
|
tgs-cms
|
tgs_content_management
|
Multiple SQL injection vulnerabilities in TGS Content Management 0.x allow remote attackers to execute arbitrary SQL commands via the (1) tgs_language_id, (2) tpl_dir, (3) referer, (4) user-agent, (5…
|
CWE-89
SQL Injection
|
CVE-2009-2929
|
2017-09-19 10:29 |
2009-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294027
|
- |
|
programmedintegration
|
pipl
|
Multiple stack-based buffer overflows in xaudio.dll in Programmed Integration PIPL 2.5.0 and 2.5.0D allow remote attackers to execute arbitrary code via a long string in a (1) .pls or (2) .pl playlis…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-2934
|
2017-09-19 10:29 |
2009-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294028
|
- |
|
sun
|
opensolaris
solaris
|
Unspecified vulnerability in the pollwakeup function in Sun Solaris 10, and OpenSolaris before snv_51, allows local users to cause a denial of service (panic) via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2009-2952
|
2017-09-19 10:29 |
2009-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294029
|
- |
|
thekelleys
|
dnsmasq
|
Heap-based buffer overflow in the tftp_request function in tftp.c in dnsmasq before 2.50, when --enable-tftp is used, might allow remote attackers to execute arbitrary code via a long filename in a T…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-2957
|
2017-09-19 10:29 |
2009-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294030
|
- |
|
thekelleys
|
dnsmasq
|
The tftp_request function in tftp.c in dnsmasq before 2.50, when --enable-tftp is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a TFTP rea…
|
CWE-399
Resource Management Errors
|
CVE-2009-2958
|
2017-09-19 10:29 |
2009-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
