|
297551
|
- |
|
zope
|
zodb
|
Unspecified vulnerability in Zope Object Database (ZODB) before 3.8.2, when certain Zope Enterprise Objects (ZEO) database sharing is enabled, allows remote attackers to execute arbitrary Python code…
|
NVD-CWE-noinfo
CWE-94
Code Injection
|
CVE-2009-0668
|
2017-08-17 10:29 |
2009-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297552
|
- |
|
zope
|
zodb
|
Zope Object Database (ZODB) before 3.8.2, when certain Zope Enterprise Objects (ZEO) database sharing is enabled, allows remote attackers to bypass authentication via vectors involving the ZEO networ…
|
CWE-287
Improper Authentication
|
CVE-2009-0669
|
2017-08-17 10:29 |
2009-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297553
|
- |
|
ravenphpscripts
|
ravennuke
|
Cross-site scripting (XSS) vulnerability in the Your Account module in RavenNuke 2.30 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2009-0679
|
2017-08-17 10:29 |
2009-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297554
|
- |
|
plunet
|
business_manager
|
Cross-site scripting (XSS) vulnerability in pagesUTF8/auftrag_allgemeinauftrag.jsp in Plunet BusinessManager 4.1 and earlier allows remote authenticated users to inject arbitrary web script or HTML v…
|
CWE-79
Cross-site Scripting
|
CVE-2009-0699
|
2017-08-17 10:29 |
2009-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297555
|
- |
|
plunet
|
business_manager
|
Plunet BusinessManager 4.1 and earlier allows remote authenticated users to bypass access restrictions and (1) read sensitive Customer or Order data via a modified Pfad parameter to pagesUTF8/Sys_Dir…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-0700
|
2017-08-17 10:29 |
2009-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297556
|
- |
|
simple-review
|
com_simple_review
|
SQL injection vulnerability in the Simple Review (com_simple_review) component 1.3.5 for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the category parameter to inde…
|
CWE-89
SQL Injection
|
CVE-2009-0706
|
2017-08-17 10:29 |
2009-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297557
|
- |
|
vlad_alexa_mancini
|
phpfootball
|
SQL injection vulnerability in login.php in PHPFootball 1.6 allows remote attackers to execute arbitrary SQL commands via the user parameter. NOTE: the provenance of this information is unknown; the…
|
CWE-89
SQL Injection
|
CVE-2009-0709
|
2017-08-17 10:29 |
2009-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297558
|
- |
|
vlad_alexa_mancini
|
phpfootball
|
Multiple cross-site scripting (XSS) vulnerabilities in PHPFootball 1.6 allow remote attackers to inject arbitrary web script or HTML via (1) the user parameter to login.php or (2) the dbfield paramet…
|
CWE-79
Cross-site Scripting
|
CVE-2009-0710
|
2017-08-17 10:29 |
2009-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297559
|
- |
|
lingx
|
page_engine_cms
|
Multiple directory traversal vulnerabilities in Page Engine CMS 2.0 Basic and Pro allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the fPrefix …
|
CWE-22
Path Traversal
|
CVE-2009-0729
|
2017-08-17 10:29 |
2009-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297560
|
- |
|
mozilo
|
mozilocms
|
Multiple directory traversal vulnerabilities in moziloCMS 1.10.2 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) file parameter to download.php and the (2) pa…
|
CWE-22
Path Traversal
|
CVE-2008-6126
|
2017-08-17 10:29 |
2009-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
