|
306091
|
- |
|
keil-software
|
photokorn_gallery
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Photokorn Gallery 1.81 allow remote attackers to hijack the authentication of administrators.
|
CWE-352
Origin Validation Error
|
CVE-2009-4981
|
2024-11-21 10:10 |
2010-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306092
|
- |
|
keil-software
|
photokorn_gallery
|
Multiple cross-site scripting (XSS) vulnerabilities in Photokorn Gallery 1.81 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) where[] parameter to search.php and…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4980
|
2024-11-21 10:10 |
2010-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306093
|
- |
|
keil-software
|
photokorn_gallery
|
Multiple SQL injection vulnerabilities in search.php in Photokorn Gallery 1.81 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) where[], (2) sort, (3) order, and (4) M…
|
CWE-89
SQL Injection
|
CVE-2009-4979
|
2024-11-21 10:10 |
2010-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306094
|
- |
|
tufat
|
mybackup
|
Directory traversal vulnerability in down.php in MyBackup 1.4.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter.
|
CWE-22
Path Traversal
|
CVE-2009-4978
|
2024-11-21 10:10 |
2010-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306095
|
- |
|
tufat
|
mybackup
|
PHP remote file inclusion vulnerability in index.php in MyBackup 1.4.0 allows remote authenticated users to execute arbitrary PHP code via a URL in the main_content parameter.
|
CWE-94
Code Injection
|
CVE-2009-4977
|
2024-11-21 10:10 |
2010-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306096
|
- |
|
urs_wolfer
|
kwebkitpart
|
Cross-site scripting (XSS) vulnerability in webkitpart.cpp in kwebkitpart allows remote attackers to inject arbitrary web script or HTML via a URL associated with a nonexistent domain name, related t…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4976
|
2024-11-21 10:10 |
2010-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306097
|
- |
|
nokia
|
qtdemobrowser
|
Cross-site scripting (XSS) vulnerability in webview.cpp in QtDemoBrowser allows remote attackers to inject arbitrary web script or HTML via a URL associated with a nonexistent domain name, related to…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4975
|
2024-11-21 10:10 |
2010-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306098
|
- |
|
mlmmj
|
mlmmj
|
Multiple directory traversal vulnerabilities in the mlmmj-php-admin web interface for Mailing List Managing Made Joyful (mlmmj) 1.2.15 through 1.2.17 allow remote authenticated users to overwrite, cr…
|
CWE-22
Path Traversal
|
CVE-2009-4896
|
2024-11-21 10:10 |
2010-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306099
|
- |
|
sweetphp
|
totalcalendar
|
Directory traversal vulnerability in box_display.php in TotalCalendar 2.4 allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the box para…
|
CWE-22
Path Traversal
|
CVE-2009-4974
|
2024-11-21 10:10 |
2010-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306100
|
- |
|
sweetphp
|
totalcalendar
|
SQL injection vulnerability in rss.php in TotalCalendar 2.4 allows remote attackers to execute arbitrary SQL commands via the selectedCal parameter in a SwitchCal action.
|
CWE-89
SQL Injection
|
CVE-2009-4973
|
2024-11-21 10:10 |
2010-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
