|
345711
|
- |
|
wolfram
|
webmathematica
|
Cross-site scripting (XSS) vulnerability in Wolfram Research webMathematica allows remote attackers to inject arbitrary web script or HTML via the URI to the MSP script.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4814
|
2017-08-17 10:31 |
2010-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345712
|
- |
|
andy_stedemos
|
the_uploader
|
Directory traversal vulnerability in api/download_checker.php in MegaLab The Uploader 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter.
|
CWE-22
Path Traversal
|
CVE-2009-4816
|
2017-08-17 10:31 |
2010-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345713
|
- |
|
element-it
|
ultimate_uploader
|
Unrestricted file upload vulnerability in Element-IT Ultimate Uploader 1.3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a …
|
NVD-CWE-Other
|
CVE-2009-4817
|
2017-08-17 10:31 |
2010-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345714
|
- |
|
element-it
|
ultimate_uploader
|
Per: http://cwe.mitre.org/data/definitions/434.html
'CWE-434: Unrestricted Upload of File with Dangerous Type'
|
NVD-CWE-Other
|
CVE-2009-4817
|
2017-08-17 10:31 |
2010-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345715
|
- |
|
phpsimplicity
|
simplicity_of_upload
|
Unrestricted file upload vulnerability in upload.php in PHPSimplicity Simplicity oF Upload 1.3.2 allows remote attackers to execute arbitrary PHP code by uploading a file with a double extension, as …
|
NVD-CWE-Other
|
CVE-2009-4818
|
2017-08-17 10:31 |
2010-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345716
|
- |
|
phpsimplicity
|
simplicity_of_upload
|
Per: http://cwe.mitre.org/data/definitions/434.html
'CWE-434: Unrestricted Upload of File with Dangerous Type'
|
NVD-CWE-Other
|
CVE-2009-4818
|
2017-08-17 10:31 |
2010-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345717
|
- |
|
stoverud
|
phphotoalbum
|
Multiple unrestricted file upload vulnerabilities in upload.php in PHPhotoalbum allow remote attackers to execute arbitrary code by uploading a file with a (1) .php.pgif or (2) .php.pjpeg double exte…
|
NVD-CWE-Other
|
CVE-2009-4819
|
2017-08-17 10:31 |
2010-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345718
|
- |
|
stoverud
|
phphotoalbum
|
Per: http://cwe.mitre.org/data/definitions/434.html
'CWE-434: Unrestricted Upload of File with Dangerous Type'
|
NVD-CWE-Other
|
CVE-2009-4819
|
2017-08-17 10:31 |
2010-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345719
|
- |
|
aspindir
|
angelo-emlak
|
Angelo-Emlak 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for veribaze/angelo.mdb.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-4820
|
2017-08-17 10:31 |
2010-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345720
|
- |
|
kasseler-cms
|
kasseler_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Kasseler CMS 1.3.4 allow remote attackers to inject arbitrary web script or HTML via the (1) do, (2) id, and (3) uname parameters.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4822
|
2017-08-17 10:31 |
2010-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
