|
312401
|
- |
|
hp
|
palm_pre_webos
|
The LunaSysMgr process in Palm Pre WebOS 1.1 and earlier, when not viewing web pages in landscape mode, allows remote attackers to cause a denial of service (crash) via a web page containing a long s…
|
CWE-399
Resource Management Errors
|
CVE-2009-5098
|
2024-11-21 10:11 |
2011-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312402
|
- |
|
hp
|
palm_pre_webos
|
Palm Pre WebOS 1.1 and earlier processes JavaScript in email messages, which allows remote attackers to execute arbitrary JavaScript, as demonstrated by reading PalmDatabase.db3.
|
CWE-94
Code Injection
|
CVE-2009-5097
|
2024-11-21 10:11 |
2011-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312403
|
- |
|
khalid_baheyeldin
|
flag_content
|
Cross-site scripting (XSS) vulnerability in the Flag Content module 5.x-2.x before 5.x-2.10 for Drupal allows remote attackers to inject arbitrary web script or HTML via the Reason parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-5096
|
2024-11-21 10:11 |
2011-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312404
|
- |
|
ea-style
|
gbook
|
PHP remote file inclusion vulnerability in index_inc.php in ea gBook 0.1 and 0.1.4 allows remote attackers to execute arbitrary PHP code via a URL in the inc_ordner parameter.
|
CWE-94
Code Injection
|
CVE-2009-5095
|
2024-11-21 10:11 |
2011-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312405
|
- |
|
cmsfaethon
|
cms_faethon
|
SQL injection vulnerability in info.php in CMS Faethon 2.2.0 Ultimate allows remote attackers to execute arbitrary SQL commands via the item parameter.
|
CWE-89
SQL Injection
|
CVE-2009-5094
|
2024-11-21 10:11 |
2011-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312406
|
- |
|
php4scripte
|
gastebuch
|
Directory traversal vulnerability in gastbuch.php in Gästebuch (Gastebuch) 1.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the start parameter.
|
CWE-22
Path Traversal
|
CVE-2009-5093
|
2024-11-21 10:11 |
2011-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312407
|
- |
|
microsoft
|
fast_esp
|
Cross-site scripting (XSS) vulnerability in the management interface in Microsoft FAST ESP 5.1.5 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2009-5092
|
2024-11-21 10:11 |
2011-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312408
|
- |
|
vlinks
|
vlinks
|
SQL injection vulnerability in page.php in Vlinks 1.0.3 and 1.1.6 allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2009-5091
|
2024-11-21 10:11 |
2011-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312409
|
- |
|
daman371
|
bloggeruniverse
|
SQL injection vulnerability in editcomments.php in Bloggeruniverse Beta 2, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter and possib…
|
CWE-89
SQL Injection
|
CVE-2009-5090
|
2024-11-21 10:11 |
2011-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312410
|
- |
|
ideacart
|
ideacart
|
Directory traversal vulnerability in index.php in IdeaCart 0.02 and 0.02a allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter.
|
CWE-22
Path Traversal
|
CVE-2009-5089
|
2024-11-21 10:11 |
2011-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
