|
292481
|
- |
|
katywhitton
|
blogit\!
|
SQL injection vulnerability in index.asp in Katy Whitton BlogIt! allows remote attackers to execute arbitrary SQL commands via the day parameter in an archive action.
|
CWE-89
SQL Injection
|
CVE-2009-0334
|
2017-09-29 10:33 |
2009-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292482
|
- |
|
katywhitton
|
blogit\!
|
Cross-site scripting (XSS) vulnerability in index.asp in Katy Whitton BlogIt! allows remote attackers to inject arbitrary web script or HTML via the view parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-0335
|
2017-09-29 10:33 |
2009-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292483
|
- |
|
katywhitton
|
blogit\!
|
Katy Whitton BlogIt! stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing user credentials via a di…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-0336
|
2017-09-29 10:33 |
2009-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292484
|
- |
|
katywhitton
|
blogit\!
|
SQL injection vulnerability in index.asp in Katy Whitton BlogIt! allows remote attackers to execute arbitrary SQL commands via the (1) month and (2) year parameters. NOTE: the provenance of this inf…
|
CWE-89
SQL Injection
|
CVE-2009-0337
|
2017-09-29 10:33 |
2009-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292485
|
- |
|
quirm
|
simple_php_newsletter
|
Multiple directory traversal vulnerabilities in Simple PHP Newsletter 1.5 allow remote attackers to read arbitrary files via a .. (dot dot) in the olang parameter to (1) mail.php and (2) mailbar.php.
|
CWE-22
Path Traversal
|
CVE-2009-0340
|
2017-09-29 10:33 |
2009-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292486
|
- |
|
sun
|
opensolaris
solaris
|
The IP-in-IP packet processing implementation in the IPsec and IP stacks in the kernel in Sun Solaris 9 and 10, and OpenSolaris snv_01 though snv_85, allows local users to cause a denial of service (…
|
NVD-CWE-noinfo
CWE-310
Cryptographic Issues
|
CVE-2009-0346
|
2017-09-29 10:33 |
2009-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292487
|
- |
|
ftpshell
|
ftpshell_server
|
Stack-based buffer overflow in FTPShell Server 4.3 allows user-assisted remote attackers to cause a denial of service (persistent daemon crash) and possibly execute arbitrary code via a long string i…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-0349
|
2017-09-29 10:33 |
2009-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292488
|
- |
|
merak
|
media_player
|
Stack-based buffer overflow in Merak Media Player 3.2 allows remote attackers to execute arbitrary code via a long string in a .m3u playlist file, related to the status bar icon's tooltip. NOTE: som…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-0350
|
2017-09-29 10:33 |
2009-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292489
|
- |
|
wftpserver
|
winftp_ftp_server
|
Stack-based buffer overflow in WFTPSRV.exe in WinFTP 2.3.0 allows remote authenticated users to execute arbitrary code via a long LIST argument beginning with an * (asterisk) character.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-0351
|
2017-09-29 10:33 |
2009-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292490
|
- |
|
mozilla
|
firefox
seamonkey
thunderbird
|
Unspecified vulnerability in Mozilla Firefox 3.x before 3.0.6, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to cause a denial of service (memory corruption and app…
|
NVD-CWE-noinfo
CWE-399
Resource Management Errors
|
CVE-2009-0353
|
2017-09-29 10:33 |
2009-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
