|
292311
|
- |
|
simplecustomer
|
simple_customer
|
profile.php in Simple Customer 1.3 does not require administrative authentication, which allows remote attackers to change the admin e-mail address and password via the email and password parameters.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-1637
|
2017-09-29 10:34 |
2009-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292312
|
- |
|
t-dreams
|
job_career_package
|
Techno Dreams Job Career Package 3.0 allows remote attackers to bypass authentication and obtain administrative access by setting the JobCareerAdmin cookie to Login.
|
CWE-287
Improper Authentication
|
CVE-2009-1638
|
2017-09-29 10:34 |
2009-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292313
|
- |
|
mini-stream
|
ripper
|
Multiple stack-based buffer overflows in Mini-stream Ripper 3.0.1.1 allow remote attackers to execute arbitrary code via (1) a long rtsp URL in a .ram file and (2) a long string in the HREF attribute…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-1641
|
2017-09-29 10:34 |
2009-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292314
|
- |
|
sorinara
|
soritong_mp3_player
|
Stack-based buffer overflow in Sorinara Soritong MP3 Player 1.0 allows remote attackers to execute arbitrary code via a crafted .m3u file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-1643
|
2017-09-29 10:34 |
2009-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292315
|
- |
|
sorinara
|
streaming_audio_player
|
Stack-based buffer overflow in Sorinara Streaming Audio Player 0.9 allows remote attackers to execute arbitrary code via a crafted .pla file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-1644
|
2017-09-29 10:34 |
2009-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292316
|
- |
|
mini-stream
|
easy_rm-mp3_converter
|
Multiple stack-based buffer overflows in Mini-stream Easy RM-MP3 Converter 3.0.0.7 allow remote attackers to execute arbitrary code via (1) a long rtsp URL in a .ram file and (2) a long string in the…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-1645
|
2017-09-29 10:34 |
2009-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292317
|
- |
|
mini-stream
|
mini-stream_rm_downloader
|
Stack-based buffer overflow in Mini-stream RM Downloader 3.0.0.9 allows remote attackers to execute arbitrary code via a long rtsp URL in a .ram file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-1646
|
2017-09-29 10:34 |
2009-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292318
|
- |
|
ultrafunk
|
popcorn
|
Heap-based buffer overflow in popcorn.exe in Ultrafunk Popcorn 1.87 allows remote POP3 servers to cause a denial of service (application crash) via a long string in a +OK response. NOTE: some of the…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-1647
|
2017-09-29 10:34 |
2009-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292319
|
- |
|
bicluc
|
belive
|
Directory traversal vulnerability in arch.php in beLive 0.2.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the arch parameter.
|
CWE-22
Path Traversal
|
CVE-2009-1649
|
2017-09-29 10:34 |
2009-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292320
|
- |
|
tenfourzero
|
shutter
|
Multiple SQL injection vulnerabilities in photos.php in Shutter 0.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) albumID, (2) tagID, and (3) photoID parameters to index.html.
|
CWE-89
SQL Injection
|
CVE-2009-1650
|
2017-09-29 10:34 |
2009-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
