|
292491
|
- |
|
campware.org
|
campsite
|
Directory traversal vulnerability in admin-files/ad.php in Campsite 3.3.0 RC1 allows remote attackers to read and possibly execute arbitrary local files via a .. (dot dot) in the GLOBALS[g_campsiteDi…
|
CWE-22
Path Traversal
|
CVE-2009-2183
|
2017-09-29 10:34 |
2009-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292492
|
- |
|
gravy-media
|
media_photo_host
|
Absolute path traversal vulnerability in forcedownload.php in Gravy Media Photo Host 1.0.8 allows remote attackers to read arbitrary files via an encoded "/" (slash) in the file parameter.
|
CWE-22
Path Traversal
|
CVE-2009-2184
|
2017-09-29 10:34 |
2009-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292493
|
- |
|
rs-cms
|
rs-cms
|
SQL injection vulnerability in rscms_mod_newsview.php in RS-CMS 2.1 allows remote attackers to execute arbitrary SQL commands via the key parameter.
|
CWE-89
SQL Injection
|
CVE-2009-2209
|
2017-09-29 10:34 |
2009-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292494
|
- |
|
alphaplug
|
com_alphauserpoints
|
SQL injection vulnerability in frontend/assets/ajax/checkusername.php in the AlphaUserPoints (com_alphauserpoints) component 1.5.2 for Joomla! allows remote attackers to execute arbitrary SQL command…
|
CWE-89
SQL Injection
|
CVE-2009-3342
|
2017-09-29 10:34 |
2009-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292495
|
- |
|
apple
|
quicktime
|
Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a QuickTime movie file …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-0007
|
2017-09-29 10:33 |
2009-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292496
|
- |
|
apple
|
quicktime_mpeg-2_playback_component
|
Unspecified vulnerability in Apple QuickTime MPEG-2 Playback Component before 7.60.92.0 on Windows allows remote attackers to cause a denial of service (application crash) or execute arbitrary code v…
|
CWE-20
Improper Input Validation
|
CVE-2009-0008
|
2017-09-29 10:33 |
2009-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292497
|
- |
|
apple
|
quicktime_mpeg-2_playback_component
|
per http://lists.apple.com/archives/security-announce//2009/Jan/msg00001.html
"This issue does not
affect systems running Mac OS X."
|
CWE-20
Improper Input Validation
|
CVE-2009-0008
|
2017-09-29 10:33 |
2009-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292498
|
- |
|
apple
|
safari
|
Integer signedness error in Apple Safari allows remote attackers to read the contents of arbitrary memory locations, cause a denial of service (application crash), and probably have unspecified other…
|
CWE-189
Numeric Errors
|
CVE-2009-0070
|
2017-09-29 10:33 |
2009-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292499
|
- |
|
mozilla
|
firefox
|
Mozilla Firefox 3.0.5 and earlier 3.0.x versions, when designMode is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a certain (a) r…
|
CWE-399
Resource Management Errors
|
CVE-2009-0071
|
2017-09-29 10:33 |
2009-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292500
|
- |
|
playsms
|
playsms
|
Multiple PHP remote file inclusion vulnerabilities in playSMS 0.9.3 allow remote attackers to execute arbitrary PHP code via a URL in the (1) apps_path[plug] parameter to plugin/gateway/gnokii/init.p…
|
CWE-94
Code Injection
|
CVE-2009-0103
|
2017-09-29 10:33 |
2009-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
