|
294211
|
- |
|
arabportal
|
arab_portal
|
Directory traversal vulnerability in modules/aljazeera/admin/setup.php in Arab Portal 2.2 and earlier, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to in…
|
CWE-22
Path Traversal
|
CVE-2009-4725
|
2017-09-19 10:30 |
2010-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294212
|
- |
|
olivier_michaud_pierre-yves
|
quickdev4php
|
Directory traversal vulnerability in download.php in Quickdev 4 PHP allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
|
CWE-22
Path Traversal
|
CVE-2009-4726
|
2017-09-19 10:30 |
2010-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294213
|
- |
|
junglescripts
|
ajax_short_url_script
|
SQL injection vulnerability in x/login in JungleScripts Ajax Short Url Script allows remote attackers to execute arbitrary SQL commands via the username parameter.
|
CWE-89
SQL Injection
|
CVE-2009-4727
|
2017-09-19 10:30 |
2010-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294214
|
- |
|
questions_answered
|
questions_answered
|
SQL injection vulnerability in the administrative interface in Questions Answered 1.3 allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these detail…
|
CWE-89
SQL Injection
|
CVE-2009-4728
|
2017-09-19 10:30 |
2010-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294215
|
- |
|
x10media
|
adult_script
|
Multiple cross-site scripting (XSS) vulnerabilities in x10 Adult Media Script 1.7 allow remote attackers to inject arbitrary web script or HTML via the (1) pic_id parameter to includes/video_ad.php, …
|
CWE-79
Cross-site Scripting
|
CVE-2009-4729
|
2017-09-19 10:30 |
2010-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294216
|
- |
|
x10media
|
adult_script
|
SQL injection vulnerability in report.php in x10 Adult Media Script 1.7 allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2009-4730
|
2017-09-19 10:30 |
2010-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294217
|
- |
|
technotoad
|
tt_web_site_manager
|
SQL injection vulnerability in tt/index.php in TT Web Site Manager 0.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the tt_name parameter. NOTE: …
|
CWE-89
SQL Injection
|
CVE-2009-4732
|
2017-09-19 10:30 |
2010-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294218
|
- |
|
supercrackmunkey
|
simpleloginsys
|
SQL injection vulnerability in checkuser.php in SimpleLoginSys 0.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: som…
|
CWE-89
SQL Injection
|
CVE-2009-4733
|
2017-09-19 10:30 |
2010-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294219
|
- |
|
allomani
|
movies_library
|
SQL injection vulnerability in login.php in Allomani Movies Library (Movies & Clips) 2.7.0 allows remote attackers to execute arbitrary SQL commands via the username parameter in a login action.
|
CWE-89
SQL Injection
|
CVE-2009-4734
|
2017-09-19 10:30 |
2010-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294220
|
- |
|
allomani
|
audio_\&_video_library
|
SQL injection vulnerability in login.php in Allomani Audio & Video Library (Songs & Clips version) 2.7.0 allows remote attackers to execute arbitrary SQL commands via the username parameter in a logi…
|
CWE-89
SQL Injection
|
CVE-2009-4735
|
2017-09-19 10:30 |
2010-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
