|
348021
|
- |
|
phppower
|
swinger_club_portal
|
PHP remote file inclusion vulnerability in anzeiger/start.php in Swinger Club Portal allows remote attackers to execute arbitrary PHP code via a URL in the go parameter.
|
CWE-94
Code Injection
|
CVE-2009-4752
|
2017-08-17 10:31 |
2010-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348022
|
- |
|
phpmyvisites
|
phpmyvisites
|
Unspecified vulnerability in the ClickHeat plugin, as used in phpMyVisites before 2.4, has unknown impact and attack vectors. NOTE: due to lack of details from the vendor, it is not clear whether th…
|
NVD-CWE-noinfo
|
CVE-2009-4763
|
2017-08-17 10:31 |
2010-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348023
|
- |
|
plohni
|
shoutbox
|
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Plohni Shoutbox 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) input_name and (2) input_text paramet…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4767
|
2017-08-17 10:31 |
2010-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348024
|
- |
|
blizzard
|
warcraft_3_the_frozen_throne
|
Unspecified vulnerability in the JASS script interpreter in Warcraft III: The Frozen Throne 1.24b and earlier allows user-assisted remote attackers to execute arbitrary code via a crafted custom map.…
|
CWE-94
Code Injection
|
CVE-2009-4768
|
2017-08-17 10:31 |
2010-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348025
|
- |
|
ubercart
|
ubercart
|
The PayPal Website Payments Standard functionality in the Ubercart module 5.x before 5.x-1.9 and 6.x before 6.x-2.1 for Drupal does not properly validate orders, which allows remote attackers to trig…
|
CWE-20
Improper Input Validation
|
CVE-2009-4771
|
2017-08-17 10:31 |
2010-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348026
|
- |
|
ubercart
|
ubercart
|
Unspecified vulnerability in the PayPal Website Payments Standard functionality in the Ubercart module 5.x before 5.x-1.9 and 6.x before 6.x-2.1 for Drupal, when a custom checkout completion message …
|
NVD-CWE-noinfo
|
CVE-2009-4772
|
2017-08-17 10:31 |
2010-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348027
|
- |
|
ubercart
|
ubercart
|
Cross-site request forgery (CSRF) vulnerability in the order-management functionality in the Ubercart module 5.x before 5.x-1.9 and 6.x before 6.x-2.1 for Drupal allows remote attackers to hijack the…
|
CWE-352
Origin Validation Error
|
CVE-2009-4773
|
2017-08-17 10:31 |
2010-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348028
|
- |
|
robert_garrigos
|
nukehall
|
Multiple PHP remote file inclusion vulnerabilities in NukeHall 0.3 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter to (1) blocks.php, (2) message…
|
CWE-94
Code Injection
|
CVE-2009-4779
|
2017-08-17 10:31 |
2010-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348029
|
- |
|
hitachi
|
jp1_integrated_management_service_support
jp1\/automatic_job_management_system_2-view
job_management_partner_1\/automatic_job_management_system_2-view
job_management_partner_1\/integrated_ma…
|
Unspecified vulnerability in multiple versions of Hitachi JP1/Automatic Job Management System 2 - View, JP1/Integrated Management - View, and JP1/Cm2/SNMP System Observer, allows remote attackers to …
|
NVD-CWE-noinfo
|
CVE-2009-4777
|
2017-08-17 10:31 |
2010-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348030
|
- |
|
xlightftpd
|
xlight_ftp_server
|
Multiple SQL injection vulnerabilities in Xlight FTP Server before 3.2.1, when ODBC authentication is enabled, allow remote attackers to execute arbitrary SQL commands via the (1) USER (aka username)…
|
CWE-89
SQL Injection
|
CVE-2009-4795
|
2017-08-17 10:31 |
2010-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
