|
306131
|
- |
|
atutor
|
acollab
|
Cross-site request forgery (CSRF) vulnerability in ACollab 1.2 allows remote attackers to hijack the authentication of arbitrary users for requests that add personal agenda items.
|
CWE-352
Origin Validation Error
|
CVE-2009-4942
|
2024-11-21 10:10 |
2010-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306132
|
- |
|
atutor
|
acollab
|
Cross-site scripting (XSS) vulnerability in sign_in.php in ATRC ACollab 1.2 allows remote attackers to inject arbitrary web script or HTML via the f parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4941
|
2024-11-21 10:10 |
2010-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306133
|
- |
|
zeuscart
|
zeuscart
|
SQL injection vulnerability in index.php in Zeus Cart 2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the maincatid parameter in a showmaincatlanding action.
|
CWE-89
SQL Injection
|
CVE-2009-4940
|
2024-11-21 10:10 |
2010-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306134
|
- |
|
impactsoftcompany
|
adpeeps
|
Multiple cross-site scripting (XSS) vulnerabilities in index.php in AdPeeps 8.5d1 allow remote attackers to inject arbitrary web script or HTML via the (1) uid parameter, (2) uid parameter in a login…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4939
|
2024-11-21 10:10 |
2010-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306135
|
- |
|
warphd
|
com_jvideo
|
SQL injection vulnerability in the JVideo! (com_jvideo) component 0.3.11c Beta and 0.3.x for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter in a user acti…
|
CWE-89
SQL Injection
|
CVE-2009-4938
|
2024-11-21 10:10 |
2010-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306136
|
- |
|
spirate
|
small_pirate
|
Cross-site scripting (XSS) vulnerability in Small Pirate (SPirate) 2.1 allows remote attackers to inject arbitrary web script or HTML via an onmouseover action in an img BBCode tag within a url BBCod…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4937
|
2024-11-21 10:10 |
2010-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306137
|
- |
|
spirate
|
small_pirate
|
Multiple SQL injection vulnerabilities in Small Pirate (SPirate) 2.1 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to the default URI in an rss .xml action, or the…
|
CWE-89
SQL Injection
|
CVE-2009-4936
|
2024-11-21 10:10 |
2010-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306138
|
- |
|
artifex
|
gpl_ghostscript
afpl_ghostscript
ghostscript_fonts
|
Buffer overflow in gs/psi/iscan.c in Ghostscript 8.64 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document contain…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-4897
|
2024-11-21 10:10 |
2010-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306139
|
- |
|
esoftpro
|
online_guestbook_pro
|
SQL injection vulnerability in ogp_show.php in Online Guestbook Pro allows remote attackers to execute arbitrary SQL commands via the display parameter.
|
CWE-89
SQL Injection
|
CVE-2009-4935
|
2024-11-21 10:10 |
2010-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306140
|
- |
|
esoftpro
|
online_photo_pro
|
Cross-site scripting (XSS) vulnerability in index.php in Online Photo Pro 2.0 allows remote attackers to inject arbitrary web script or HTML via the section parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4934
|
2024-11-21 10:10 |
2010-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
