|
294571
|
- |
|
bow_der_kleine
|
x-blc
|
SQL injection vulnerability in include/get_read.php in Extensible-BioLawCom CMS (X-BLC) 0.2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the section parameter.
|
CWE-89
SQL Injection
|
CVE-2009-2310
|
2017-09-19 10:29 |
2009-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294572
|
- |
|
selbstzweck
|
rgallery_plugin
|
SQL injection vulnerability in the rGallery plugin 1.2.3 for WoltLab Burning Board (WBB3) allows remote attackers to execute arbitrary SQL commands via the userID parameter in the RGalleryUserGallery…
|
CWE-89
SQL Injection
|
CVE-2009-2311
|
2017-09-19 10:29 |
2009-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294573
|
- |
|
jinzora
|
jinzora
|
Directory traversal vulnerability in index.php in Jinzora Media Jukebox 2.8 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the name parameter.
|
CWE-22
Path Traversal
|
CVE-2009-2313
|
2017-09-19 10:29 |
2009-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294574
|
- |
|
clicknet
|
clicknet_cms
|
Directory traversal vulnerability in index.php in Clicknet CMS 2.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the side parameter.
|
CWE-22
Path Traversal
|
CVE-2009-2325
|
2017-09-19 10:29 |
2009-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294575
|
- |
|
max_kervin
|
kervinet_forum
|
Multiple SQL injection vulnerabilities in KerviNet Forum 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via (1) an enter_parol cookie to index.php in an auto action or (2) t…
|
CWE-89
SQL Injection
|
CVE-2009-2326
|
2017-09-19 10:29 |
2009-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294576
|
- |
|
max_kervin
|
kervinet_forum
|
Cross-site scripting (XSS) vulnerability in add_voting.php in KerviNet Forum 1.1 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the v_variant1 parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-2327
|
2017-09-19 10:29 |
2009-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294577
|
- |
|
max_kervin
|
kervinet_forum
|
admin/edit_user.php in KerviNet Forum 1.1 and earlier does not require administrative authentication, which allows remote attackers to delete arbitrary accounts and conduct SQL injection attacks via …
|
CWE-287
Improper Authentication
|
CVE-2009-2328
|
2017-09-19 10:29 |
2009-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294578
|
- |
|
max_kervin
|
kervinet_forum
|
KerviNet Forum 1.1 and earlier allows remote attackers to obtain sensitive information via a direct request to (1) admin/head.php, or (2) voting_diagram.php, (3) voting.php, (4) topics_search.php, (5…
|
CWE-200
Information Exposure
|
CVE-2009-2329
|
2017-09-19 10:29 |
2009-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294579
|
- |
|
cms.tut.su
|
cms_chainuk
|
Cross-site scripting (XSS) vulnerability in admin/admin_menu.php in CMS Chainuk 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the menu parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-2330
|
2017-09-19 10:29 |
2009-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294580
|
- |
|
cms.tut.su
|
cms_chainuk
|
Multiple static code injection vulnerabilities in CMS Chainuk 1.2 and earlier allow remote attackers to inject arbitrary PHP code (1) into settings.php via the menu parameter to admin_settings.php or…
|
CWE-94
Code Injection
|
CVE-2009-2331
|
2017-09-19 10:29 |
2009-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
