|
303261
|
- |
|
joachim_ruhs
|
locator
|
Cross-site scripting (XSS) vulnerability in the Store Locator extension before 1.2.8 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4948
|
2024-11-21 10:10 |
2010-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303262
|
- |
|
q2solutions
|
connx
|
SQL injection vulnerability in frmLoginPwdReminderPopup.aspx in Q2 Solutions ConnX 4.0.20080606 allows remote attackers to execute arbitrary SQL commands via the txtEmail parameter.
|
CWE-89
SQL Injection
|
CVE-2009-4947
|
2024-11-21 10:10 |
2010-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303263
|
- |
|
thetricky
|
com_messaging
|
Directory traversal vulnerability in the Messaging (com_messaging) component before 1.5.1 for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequ…
|
CWE-22
Path Traversal
|
CVE-2009-4946
|
2024-11-21 10:10 |
2010-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303264
|
- |
|
atutor
|
acollab
|
AdPeeps 8.5d1 has a default password of admin for the admin account, which makes it easier for remote attackers to obtain access via requests to index.php.
|
CWE-255
Credentials Management
|
CVE-2009-4945
|
2024-11-21 10:10 |
2010-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303265
|
- |
|
atutor
|
acollab
|
Multiple cross-site scripting (XSS) vulnerabilities in ATRC ACollab 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) address parameter to profile.php or the (2) descripti…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4944
|
2024-11-21 10:10 |
2010-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303266
|
- |
|
impactsoftcompany
|
adpeeps
|
index.php in AdPeeps 8.5d1 allows remote attackers to obtain sensitive information via (1) a view_adrates action with an invalid uid parameter, which reveals the installation path in an error message…
|
CWE-200
Information Exposure
|
CVE-2009-4943
|
2024-11-21 10:10 |
2010-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303267
|
- |
|
atutor
|
acollab
|
Cross-site request forgery (CSRF) vulnerability in ACollab 1.2 allows remote attackers to hijack the authentication of arbitrary users for requests that add personal agenda items.
|
CWE-352
Origin Validation Error
|
CVE-2009-4942
|
2024-11-21 10:10 |
2010-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303268
|
- |
|
atutor
|
acollab
|
Cross-site scripting (XSS) vulnerability in sign_in.php in ATRC ACollab 1.2 allows remote attackers to inject arbitrary web script or HTML via the f parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4941
|
2024-11-21 10:10 |
2010-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303269
|
- |
|
zeuscart
|
zeuscart
|
SQL injection vulnerability in index.php in Zeus Cart 2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the maincatid parameter in a showmaincatlanding action.
|
CWE-89
SQL Injection
|
CVE-2009-4940
|
2024-11-21 10:10 |
2010-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303270
|
- |
|
impactsoftcompany
|
adpeeps
|
Multiple cross-site scripting (XSS) vulnerabilities in index.php in AdPeeps 8.5d1 allow remote attackers to inject arbitrary web script or HTML via the (1) uid parameter, (2) uid parameter in a login…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4939
|
2024-11-21 10:10 |
2010-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
