|
346761
|
- |
|
mole-group
|
gastro_portal_\(restaurant_directory\)_script
|
admin/admin_info/index.php in the Mole Group Gastro Portal (Restaurant Directory) Script does not require administrative authentication, which allows remote attackers to change the admin password via…
|
CWE-287
Improper Authentication
|
CVE-2009-4675
|
2017-09-19 10:30 |
2010-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346762
|
- |
|
phpdirectorysource
|
phpdirectorysource
|
SQL injection vulnerability in search.php in phpDirectorySource 1.x allows remote attackers to execute arbitrary SQL commands via the st parameter.
|
CWE-89
SQL Injection
|
CVE-2009-4680
|
2017-09-19 10:30 |
2010-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346763
|
- |
|
phpdirectorysource
|
phpdirectorysource
|
Cross-site scripting (XSS) vulnerability in search.php in phpDirectorySource 1.x allows remote attackers to inject arbitrary web script or HTML via the st parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4681
|
2017-09-19 10:30 |
2010-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346764
|
- |
|
scriptsez
|
good\/bad_vote
|
Cross-site scripting (XSS) vulnerability in vote.php in Good/Bad Vote allows remote attackers to inject arbitrary web script or HTML via the id parameter in a vote action.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4682
|
2017-09-19 10:30 |
2010-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346765
|
- |
|
scriptsez
|
good\/bad_vote
|
Directory traversal vulnerability in vote.php in Good/Bad Vote allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the id parameter in a dovote a…
|
CWE-22
Path Traversal
|
CVE-2009-4683
|
2017-09-19 10:30 |
2010-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346766
|
- |
|
hypersilence
|
silentum_guestbook
|
SQL injection vulnerability in silentum_guestbook.php in Silentum Guestbook 2.0.2 allows remote attackers to execute arbitrary SQL commands via the messageid parameter.
|
CWE-89
SQL Injection
|
CVE-2009-4687
|
2017-09-19 10:30 |
2010-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346767
|
- |
|
radscripts
|
radlance
|
Cross-site scripting (XSS) vulnerability in index.php in RadScripts RadLance Gold 7.5 allows remote attackers to inject arbitrary web script or HTML via the pr parameter in a ulist action.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4692
|
2017-09-19 10:30 |
2010-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346768
|
- |
|
grafxsoftware
|
minicwb
|
Multiple PHP remote file inclusion vulnerabilities in GraFX MiniCWB 2.3.0 allow remote attackers to execute arbitrary PHP code via a URL in the LANG parameter to (1) en.inc.php, (2) hu.inc.php, (3) n…
|
CWE-94
Code Injection
|
CVE-2009-4693
|
2017-09-19 10:30 |
2010-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346769
|
- |
|
radscripts
|
radlance
|
SQL injection vulnerability in index.php in RadScripts RadLance Gold 7.5 allows remote attackers to execute arbitrary SQL commands via the fid parameter in a view_forum action.
|
CWE-89
SQL Injection
|
CVE-2009-4695
|
2017-09-19 10:30 |
2010-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346770
|
- |
|
radscripts
|
radnics
|
SQL injection vulnerability in index.php in RadNICS Gold 5 allows remote attackers to execute arbitrary SQL commands via the fid parameter in a view_forum action.
|
CWE-89
SQL Injection
|
CVE-2009-4696
|
2017-09-19 10:30 |
2010-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
