|
345201
|
- |
|
logoshows
|
logoshows_bbs
|
SQL injection vulnerability in globepersonnel_forum.asp in Logoshows BBS 2.0 allows remote attackers to execute arbitrary SQL commands via the forumid parameter.
|
CWE-89
SQL Injection
|
CVE-2009-4871
|
2017-09-19 10:30 |
2010-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345202
|
- |
|
logoshows
|
logoshows_bbs
|
Multiple SQL injection vulnerabilities in globepersonnel_login.asp in Logoshows BBS 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields.
|
CWE-89
SQL Injection
|
CVE-2009-4872
|
2017-09-19 10:30 |
2010-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345203
|
- |
|
scripts.oldguy
|
talkback
|
TalkBack 2.3.14 does not properly restrict access to the edit comment feature (comments.php), which allows remote attackers to modify comments.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-4874
|
2017-09-19 10:30 |
2010-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345204
|
- |
|
netrix
|
netrix_cms
|
admin/cikkform.php in Netrix CMS 1.0 allows remote attackers to modify arbitrary pages via a direct request using the cid parameter.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-4876
|
2017-09-19 10:30 |
2010-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345205
|
- |
|
todd_rogers
|
phprecipebook
|
SQL injection vulnerability in index.php in PHPRecipeBook 2.24 and 2.39 allows remote attackers to execute arbitrary SQL commands via the (1) base_id or (2) course_id parameter in a search action.
|
CWE-89
SQL Injection
|
CVE-2009-4883
|
2017-09-19 10:30 |
2010-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345206
|
- |
|
sbuilder
|
cms_s.builder
|
PHP remote file inclusion vulnerability in index.php in CMS S.Builder 3.7 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in a binn_incl…
|
CWE-94
Code Injection
|
CVE-2009-4887
|
2017-09-19 10:30 |
2010-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345207
|
- |
|
basti2web
|
book_panel
|
SQL injection vulnerability in books.php in the Book Panel (book_panel) module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the bookid parameter.
|
CWE-89
SQL Injection
|
CVE-2009-4889
|
2017-09-19 10:30 |
2010-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345208
|
- |
|
cs-cart
|
cs-cart
|
SQL injection vulnerability in index.php in CS-Cart 2.0.0 Beta 3 allows remote attackers to execute arbitrary SQL commands via the product_id parameter in a products.view action.
|
CWE-89
SQL Injection
|
CVE-2009-4891
|
2017-09-19 10:30 |
2010-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345209
|
- |
|
webjump
|
webjump\!
|
SQL injection vulnerability in Content Management System WEBjump! allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) portfolio_genre.php and (2) news_id.php.
|
CWE-89
SQL Injection
|
CVE-2009-4892
|
2017-09-19 10:30 |
2010-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345210
|
- |
|
vmware
|
esx_server
virtualcenter
|
Cross-site scripting (XSS) vulnerability in WebAccess in VMware VirtualCenter 2.0.2 and 2.5 and VMware ESX 3.0.3 and 3.5 allows remote attackers to inject arbitrary web script or HTML via vectors rel…
|
CWE-79
Cross-site Scripting
|
CVE-2009-2277
|
2017-09-19 10:29 |
2010-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
