|
303241
|
- |
|
christian_ehmann
|
event_registr
|
SQL injection vulnerability in the Event Registration (event_registr) extension 1.0.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2009-4968
|
2024-11-21 10:10 |
2010-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303242
|
- |
|
jochen_rieger
|
car
|
SQL injection vulnerability in the Car (car) extension before 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2009-4967
|
2024-11-21 10:10 |
2010-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303243
|
- |
|
elemente
|
ast_addresszipsearch
|
SQL injection vulnerability in the AST ZipCodeSearch (ast_addresszipsearch) extension 0.5.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2009-4966
|
2024-11-21 10:10 |
2010-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303244
|
- |
|
thomas_waggershauser
|
air_lexicon
|
SQL injection vulnerability in the AIRware Lexicon (air_lexicon) extension 0.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2009-4965
|
2024-11-21 10:10 |
2010-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303245
|
- |
|
ksplayer
|
ksp_sound_player
|
Stack-based buffer overflow in KSP 2006 FINAL allows remote attackers to execute arbitrary code via a long string in a .M3U playlist file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-4964
|
2024-11-21 10:10 |
2010-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303246
|
- |
|
typo3
|
commerce_extension
|
Cross-site scripting (XSS) vulnerability in the Commerce extension before 0.9.9 for TYPO3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4963
|
2024-11-21 10:10 |
2010-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303247
|
- |
|
adammo
|
fat_player
|
Stack-based buffer overflow in Fat Player 0.6b allows remote attackers to execute arbitrary code via a long string in a .wav file. NOTE: some of these details are obtained from third party informati…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-4962
|
2024-11-21 10:10 |
2010-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303248
|
- |
|
lanai-core
|
lanai-core
|
Lanai Core 0.6 allows remote attackers to obtain configuration information via a direct request to info.php, which calls the phpinfo function.
|
CWE-200
Information Exposure
|
CVE-2009-4961
|
2024-11-21 10:10 |
2010-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303249
|
- |
|
lanai-core
|
lanai-core
|
Directory traversal vulnerability in modules/backup/download.php in Lanai Core 0.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the f parameter.
|
CWE-22
Path Traversal
|
CVE-2009-4960
|
2024-11-21 10:10 |
2010-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303250
|
- |
|
stefan_koch
|
t3m
|
SQL injection vulnerability in the T3M E-Mail Marketing Tool (t3m) extension 0.2.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2009-4959
|
2024-11-21 10:10 |
2010-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
