|
294711
|
- |
|
sun
|
opensolaris
solaris
|
The (1) sendfile and (2) sendfilev functions in Sun Solaris 8 through 10, and OpenSolaris before snv_110, allow local users to cause a denial of service (panic) via vectors related to vnode function …
|
NVD-CWE-noinfo
|
CVE-2009-2912
|
2017-09-19 10:29 |
2009-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294712
|
- |
|
imtoo
|
mpeg_encoder
|
Stack-based buffer overflow in ImTOO MPEG Encoder 3.1.53 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted string in a (1) .cue or (2) .m3u…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-2917
|
2017-09-19 10:29 |
2009-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294713
|
- |
|
elvinbts
|
elvinbts
|
Multiple cross-site scripting (XSS) vulnerabilities in Elvin 1.2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) component and (2) priority parameters to buglist.php; and …
|
CWE-79
Cross-site Scripting
|
CVE-2009-2920
|
2017-09-19 10:29 |
2009-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294714
|
- |
|
mocdesigns
|
php_news
|
Multiple SQL injection vulnerabilities in login.php in MOC Designs PHP News 1.1 allow remote attackers to execute arbitrary SQL commands via the (1) newsuser parameter (User field) and (2) newspasswo…
|
CWE-89
SQL Injection
|
CVE-2009-2921
|
2017-09-19 10:29 |
2009-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294715
|
- |
|
bitmixsoft
|
php-lance
|
Multiple directory traversal vulnerabilities in BitmixSoft PHP-Lance 1.52 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) language parameter to show.php and (2) in parame…
|
CWE-22
Path Traversal
|
CVE-2009-2923
|
2017-09-19 10:29 |
2009-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294716
|
- |
|
videosbroadcastyourself
|
videos_broadcast_yourself
|
Multiple SQL injection vulnerabilities in Videos Broadcast Yourself 2 allow remote attackers to execute arbitrary SQL commands via the (1) UploadID parameter to videoint.php, and possibly the (2) cat…
|
CWE-89
SQL Injection
|
CVE-2009-2924
|
2017-09-19 10:29 |
2009-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294717
|
- |
|
djcalendar
|
djcalendar
|
Directory traversal vulnerability in DJcalendar.cgi in DJCalendar allows remote attackers to read arbitrary files via a .. (dot dot) in the TEMPLATE parameter.
|
CWE-22
Path Traversal
|
CVE-2009-2925
|
2017-09-19 10:29 |
2009-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294718
|
- |
|
phpcompet.free
|
php_competition_system
|
Multiple SQL injection vulnerabilities in PHP Competition System BETA 0.84 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) day parameter to show_matchs.php and (2) pa…
|
CWE-89
SQL Injection
|
CVE-2009-2926
|
2017-09-19 10:29 |
2009-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294719
|
- |
|
digitalspinners
|
ds_cms
|
SQL injection vulnerability in DetailFile.php in DigitalSpinners DS CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the nFileId parameter.
|
CWE-89
SQL Injection
|
CVE-2009-2927
|
2017-09-19 10:29 |
2009-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294720
|
- |
|
tgs-cms
|
tgs_content_management
|
Cross-site scripting (XSS) vulnerability in login.php in TGS Content Management 0.x allows remote attackers to inject arbitrary web script or HTML via the previous_page parameter, a different vector …
|
CWE-79
Cross-site Scripting
|
CVE-2009-2928
|
2017-09-19 10:29 |
2009-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
