|
306101
|
- |
|
kelvin_mo
|
simpleid
|
Cross-site scripting (XSS) vulnerability in index.php (aka the log in page) in SimpleID before 0.6.5 allows remote attackers to inject arbitrary web script or HTML via the s parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4972
|
2024-11-21 10:10 |
2010-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306102
|
- |
|
vincent_tietz
|
vjchat
|
SQL injection vulnerability in the AJAX Chat (vjchat) extension before 0.3.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2009-4971
|
2024-11-21 10:10 |
2010-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306103
|
- |
|
typo3-macher
|
t3m_affiliate
|
SQL injection vulnerability in the t3m_affiliate extension 0.5.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2009-4970
|
2024-11-21 10:10 |
2010-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306104
|
- |
|
typo3
|
sbanner
|
SQL injection vulnerability in the Solidbase Bannermanagement (SBbanner) extension 1.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2009-4969
|
2024-11-21 10:10 |
2010-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306105
|
- |
|
christian_ehmann
|
event_registr
|
SQL injection vulnerability in the Event Registration (event_registr) extension 1.0.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2009-4968
|
2024-11-21 10:10 |
2010-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306106
|
- |
|
jochen_rieger
|
car
|
SQL injection vulnerability in the Car (car) extension before 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2009-4967
|
2024-11-21 10:10 |
2010-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306107
|
- |
|
elemente
|
ast_addresszipsearch
|
SQL injection vulnerability in the AST ZipCodeSearch (ast_addresszipsearch) extension 0.5.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2009-4966
|
2024-11-21 10:10 |
2010-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306108
|
- |
|
thomas_waggershauser
|
air_lexicon
|
SQL injection vulnerability in the AIRware Lexicon (air_lexicon) extension 0.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2009-4965
|
2024-11-21 10:10 |
2010-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306109
|
- |
|
ksplayer
|
ksp_sound_player
|
Stack-based buffer overflow in KSP 2006 FINAL allows remote attackers to execute arbitrary code via a long string in a .M3U playlist file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-4964
|
2024-11-21 10:10 |
2010-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306110
|
- |
|
typo3
|
commerce_extension
|
Cross-site scripting (XSS) vulnerability in the Commerce extension before 0.9.9 for TYPO3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4963
|
2024-11-21 10:10 |
2010-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
