Export limit exceeded: 346183 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346183 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-0401 | 1 Ephpscripts | 1 E-php Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in browsecats.php in E-Php CMS allows remote attackers to execute arbitrary SQL commands via the cid parameter. | ||||
| CVE-2009-0402 | 1 Gplhost | 1 Domain Technologie Control | 2026-04-23 | N/A |
| SQL injection vulnerability in client/new_account.php in Domain Technologie Control (DTC) before 0.29.16 allows remote attackers to execute arbitrary SQL commands via the (1) familyname, (2) christname, (3) company_name, (4) is_company, (5) email, (6) phone, (7) fax, (8) addr1, (9) addr2, (10) addr3, (11) zipcode, (12) city, (13) state, (14) country, and (15) vat_num parameters. | ||||
| CVE-2009-0404 | 1 Bioinformatics | 1 Htmlawed | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Bioinformatics htmLawed 1.1.3 and 1.1.4 allow remote attackers to inject arbitrary web script or HTML via invalid Cascading Style Sheets (CSS) expressions in the style attribute, which is processed by Internet Explorer 7. | ||||
| CVE-2009-0405 | 1 Smartsitecms | 1 Smartsitecms | 2026-04-23 | N/A |
| SQL injection vulnerability in articles.php in smartSite CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the var parameter. | ||||
| CVE-2009-0406 | 1 Community Cms | 1 Community Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Community CMS 0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-0407 | 1 Humayun Shabbir | 1 Php-cms Project | 2026-04-23 | N/A |
| SQL injection vulnerability in admin/login.php in PHP-CMS Project 1 allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||
| CVE-2009-0408 | 1 Oscommerce | 1 Oscommerce | 2026-04-23 | N/A |
| Cross-site request forgery (CSRF) vulnerability in osCommerce 2.2 RC 2a allows remote attackers to hijack the authentication of administrators. | ||||
| CVE-2009-0409 | 1 Mzbservices | 1 Max.blog | 2026-04-23 | N/A |
| SQL injection vulnerability in offline_auth.php in Max.Blog 1.0.6 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||
| CVE-2009-0414 | 1 Tor | 1 Tor | 2026-04-23 | N/A |
| Unspecified vulnerability in Tor before 0.2.0.33 has unspecified impact and remote attack vectors that trigger heap corruption. | ||||
| CVE-2009-0415 | 1 Monkey | 1 Trickle | 2026-04-23 | N/A |
| Untrusted search path vulnerability in trickle 1.07 allows local users to execute arbitrary code via a Trojan horse trickle-overload.so in the current working directory, which is referenced in the LD_PRELOAD path. | ||||
| CVE-2009-0416 | 1 Standards Based Linux Instrumentation | 1 Sblim-sfcb | 2026-04-23 | N/A |
| The SSL certificate setup program (genSslCert.sh) in Standards Based Linux Instrumentation for Manageability (SBLIM) sblim-sfcb 1.3.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /var/tmp/key.pem, (2) /var/tmp/cert.pem, and (3) /var/tmp/ssl.cnf temporary files. | ||||
| CVE-2009-0417 | 1 Agavi | 1 Agavi | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the AgaviWebRouting::gen(null) method in Agavi 0.11 before 0.11.6 and 1.0 before 1.0.0 beta 8 allows remote attackers to inject arbitrary web script or HTML via a crafted URL with certain characters that are not properly handled by web browsers that do not strictly follow RFC 3986, such as Internet Explorer 6 and 7. | ||||
| CVE-2009-0418 | 1 Hp | 1 Hp-ux | 2026-04-23 | N/A |
| The IPv6 Neighbor Discovery Protocol (NDP) implementation in HP HP-UX B.11.11, B.11.23, and B.11.31 does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity), read private network traffic, and possibly execute arbitrary code via a spoofed message that modifies the Forward Information Base (FIB), a related issue to CVE-2008-2476. | ||||
| CVE-2009-0421 | 1 Joomla | 2 Com Eventing, Joomla | 2026-04-23 | N/A |
| SQL injection vulnerability in the Eventing (com_eventing) 1.6.x component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | ||||
| CVE-2009-0423 | 1 Kevin Walker | 1 Php Photo Album | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in Php Photo Album (PHPPA) 0.8 BETA allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the preview parameter. | ||||
| CVE-2009-0425 | 1 Blue Eye Cms | 1 Blue Eye Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Blue Eye CMS 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the clanek parameter. | ||||
| CVE-2009-0426 | 1 Dmxready | 1 Classified Listings Manager | 2026-04-23 | N/A |
| SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Classified Listings Manager 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cid parameter. | ||||
| CVE-2009-0427 | 1 Dmxready | 1 Member Directory Manager | 2026-04-23 | N/A |
| SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Member Directory Manager 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cid parameter. | ||||
| CVE-2009-0428 | 1 Dmxready | 1 Secure Document Library | 2026-04-23 | N/A |
| SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Secure Document Library 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cid parameter. | ||||
| CVE-2009-0430 | 1 Activewebsoftwares | 1 Active Bids | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Active Bids allow remote attackers to inject arbitrary web script or HTML via the (1) search parameter to search.asp and the (2) URL parameter to tellafriend.asp. | ||||