|
345611
|
- |
|
awingsoft
|
awakening_winds3d_viewer_plugin
|
The Awingsoft Awakening Winds3D Viewer plugin 3.5.0.9 allows remote attackers to execute arbitrary programs via a SceneURL property value with a URL for a .exe file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-4850
|
2017-08-17 10:31 |
2010-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345612
|
- |
|
jumpbox
|
jumpbox
|
Multiple cross-site scripting (XSS) vulnerabilities in JumpBox before 1.1.2 for Foswiki Wiki System allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4853
|
2017-08-17 10:31 |
2010-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345613
|
- |
|
ecomstudio
|
php_easy_shopping_cart
|
Cross-site scripting (XSS) vulnerability in subitems.php in PHP Easy Shopping Cart 3.1R allows remote attackers to inject arbitrary web script or HTML via the name parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4856
|
2017-08-17 10:31 |
2010-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345614
|
- |
|
ecomstudio
|
php_photo_vote1.3f
|
Cross-site scripting (XSS) vulnerability in login.php in PHP Photo Vote 1.3F allows remote attackers to inject arbitrary web script or HTML via the page parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4857
|
2017-08-17 10:31 |
2010-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345615
|
- |
|
i-escorts
|
i-escorts_agency_script
i-escorts_directory_script
|
Multiple cross-site scripting (XSS) vulnerabilities in escorts_search.php in I-Escorts Directory Script and Agency Script allow remote attackers to inject arbitrary web script or HTML via the (1) sea…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4864
|
2017-08-17 10:31 |
2010-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345616
|
- |
|
i-escorts
|
i-escorts_agency_script
i-escorts_directory_script
|
Multiple SQL injection vulnerabilities in escorts_search.php in I-Escorts Directory Script and Agency Script, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL comman…
|
CWE-89
SQL Injection
|
CVE-2009-4865
|
2017-08-17 10:31 |
2010-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345617
|
- |
|
matt_wright
|
simple_search
|
Cross-site scripting (XSS) vulnerability in search.cgi in Matt's Script Archive (MSA) Simple Search 1.0 allows remote attackers to inject arbitrary web script or HTML via the terms parameter. NOTE: …
|
CWE-79
Cross-site Scripting
|
CVE-2009-4866
|
2017-08-17 10:31 |
2010-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345618
|
- |
|
frederico_caldeira_knabben
|
fckeditor.java
|
FCKeditor.Java 2.4 allows remote attackers to cause a denial of service (infinite loop) via a malformed request parameter that contains "ctrl" characters.
|
CWE-399
Resource Management Errors
|
CVE-2009-4875
|
2017-08-17 10:31 |
2010-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345619
|
- |
|
plainblack
|
webgui
|
Multiple cross-site request forgery (CSRF) vulnerabilities in WebGUI before 7.7.14 allow remote attackers to hijack the authentication of users for unspecified requests via unknown vectors.
|
CWE-352
Origin Validation Error
|
CVE-2009-4877
|
2017-08-17 10:31 |
2010-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345620
|
- |
|
novell
|
access_manager
|
Unspecified vulnerability in the Administration Console in Novell Access Manager before 3.1 SP1 allows attackers to access system files via unknown attack vectors.
|
NVD-CWE-noinfo
|
CVE-2009-4878
|
2017-08-17 10:31 |
2010-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
