Max CVSS 7.5 Min CVSS 4.3 Total Count14
IDCVSSSummaryLast (major) updatePublished
CVE-2009-3002 4.9
The Linux kernel before 2.6.31-rc7 does not initialize certain data structures within getname functions, which allows local users to read the contents of some kernel memory locations by calling getsockname on (1) an AF_APPLETALK socket, related to th
13-07-2013 - 02:36 28-08-2009 - 11:30
CVE-2009-4614 7.5
Multiple PHP remote file inclusion vulnerabilities in Moa Gallery 1.2.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the MOA_PATH parameter to (1) _error_funcs.php, (2) _integrity_funcs.php, (3) _template_component_ad
29-04-2011 - 00:00 18-01-2010 - 15:30
CVE-2009-4627 5.0
Directory traversal vulnerability in sources/_template_parser.php in Moa Gallery 1.2.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the p_filename parameter, a different issue than CVE-2009-4614.
28-04-2011 - 00:00 18-01-2010 - 15:30
CVE-2009-4974 7.5
Directory traversal vulnerability in box_display.php in TotalCalendar 2.4 allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the box parameter.
28-07-2010 - 00:00 28-07-2010 - 10:43
CVE-2009-4973 7.5
SQL injection vulnerability in rss.php in TotalCalendar 2.4 allows remote attackers to execute arbitrary SQL commands via the selectedCal parameter in a SwitchCal action.
28-07-2010 - 00:00 28-07-2010 - 10:43
CVE-2009-3196 4.3
Cross-site scripting (XSS) vulnerability in index.php in JCE-Tech PHP Video Script allows remote attackers to inject arbitrary web script or HTML via the key parameter.
16-09-2009 - 00:00 15-09-2009 - 17:30
CVE-2009-3195 4.3
Multiple cross-site scripting (XSS) vulnerabilities in JCE-Tech Auction RSS Content Script 3.0 allow remote attackers to inject arbitrary web script or HTML via the id parameter to (1) rss.php and (2) search.php.
16-09-2009 - 00:00 15-09-2009 - 17:30
CVE-2009-3194 4.3
Cross-site scripting (XSS) vulnerability in index.php in JCE-Tech SearchFeed Script allows remote attackers to inject arbitrary web script or HTML via the search parameter.
16-09-2009 - 00:00 15-09-2009 - 17:30
CVE-2009-3191 4.3
Multiple cross-site scripting (XSS) vulnerabilities in PAD Site Scripts 3.6 allow remote attackers to inject arbitrary web script or HTML via the cat parameter to (1) rss.php and (2) opml.php.
16-09-2009 - 00:00 15-09-2009 - 17:30
CVE-2009-3190 7.5
Multiple SQL injection vulnerabilities in PAD Site Scripts 3.6 allow remote attackers to execute arbitrary SQL commands via the (1) search parameter to list.php and (2) cat parameter to rss.php.
16-09-2009 - 00:00 15-09-2009 - 17:30
CVE-2009-3189 4.3
Cross-site scripting (XSS) vulnerability in search.php in DigiOz Guestbook 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the search_term parameter.
16-09-2009 - 00:00 15-09-2009 - 17:30
CVE-2009-3188 7.5
PHP remote file inclusion vulnerability in save.php in phpSANE 0.5.0 allows remote attackers to execute arbitrary PHP code via a URL in the file_save parameter.
16-09-2009 - 00:00 15-09-2009 - 17:30
CVE-2009-3186 4.3
Multiple cross-site scripting (XSS) vulnerabilities in VideoGirls BiZ allow remote attackers to inject arbitrary web script or HTML via the (1) t parameter to forum.php, (2) profile_name parameter to profile.php, and (3) p parameter to view.php.
16-09-2009 - 00:00 15-09-2009 - 17:30
CVE-2009-3185 7.5
SQL injection vulnerability in plugin.php in the Crazy Star plugin 2.0 for Discuz! allows remote authenticated users to execute arbitrary SQL commands via the fmid parameter in a view action.
16-09-2009 - 00:00 15-09-2009 - 17:30
Back to Top Mark selected
Back to Top