Show filters
25 Total Results
Displaying 21-25 of 25
Sort by:
Attacker Value
Unknown
CVE-2009-1820
Disclosure Date: May 29, 2009 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in product.php in 2daybiz Custom T-shirt Design Script allows remote attackers to inject arbitrary web script or HTML via the id parameter.
0
Attacker Value
Unknown
CVE-2009-1819
Disclosure Date: May 29, 2009 (last updated October 04, 2023)
SQL injection vulnerability in product.php in 2daybiz Custom T-shirt Design Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
0
Attacker Value
Unknown
CVE-2009-1767
Disclosure Date: May 22, 2009 (last updated October 04, 2023)
admin/edituser.php in 2daybiz Template Monster Clone does not require administrative authentication, which allows remote attackers to modify arbitrary accounts via the (1) loginname, (2) password, (3) email, (4) firstname, or (5) lastname parameter.
0
Attacker Value
Unknown
CVE-2009-1652
Disclosure Date: May 16, 2009 (last updated October 04, 2023)
admin/adminaddeditdetails.php in Business Community Script does not properly restrict access, which allows remote attackers to gain privileges and add administrators via a direct request.
0
Attacker Value
Unknown
CVE-2009-1651
Disclosure Date: May 16, 2009 (last updated October 04, 2023)
SQL injection vulnerability in admin/member_details.php in 2daybiz Business Community Script allows remote attackers to execute arbitrary SQL commands via the mid parameter.
0
