Show filters
110 Total Results
Displaying 71-80 of 110
Sort by:
Attacker Value
Unknown

CVE-2009-1750

Disclosure Date: May 22, 2009 (last updated October 04, 2023)
Unrestricted file upload vulnerability in VidSharePro allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via unspecified vectors.
0
0
Attacker Value
Unknown

CVE-2009-1734

Disclosure Date: May 20, 2009 (last updated October 04, 2023)
SQL injection vulnerability in listing_video.php in VidSharePro allows remote attackers to execute arbitrary SQL commands via the catid parameter.
0
0
Attacker Value
Unknown

CVE-2009-1735

Disclosure Date: May 20, 2009 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in search.php in VidSharePro allows remote attackers to inject arbitrary web script or HTML via the searchtxt parameter. NOTE: some of these details are obtained from third party information.
0
0
Attacker Value
Unknown

CVE-2009-0430

Disclosure Date: February 05, 2009 (last updated October 04, 2023)
Multiple cross-site scripting (XSS) vulnerabilities in Active Bids allow remote attackers to inject arbitrary web script or HTML via the (1) search parameter to search.asp and the (2) URL parameter to tellafriend.asp.
0
0
Attacker Value
Unknown

CVE-2009-0429

Disclosure Date: February 05, 2009 (last updated October 04, 2023)
Multiple SQL injection vulnerabilities in Active Bids allow remote attackers to execute arbitrary SQL commands via the (1) search parameter to search.asp, (2) SortDir parameter to auctionsended.asp, and the (3) catid parameter to wishlist.php.
0
0
Attacker Value
Unknown

CVE-2008-5640

Disclosure Date: December 17, 2008 (last updated October 04, 2023)
SQL injection vulnerability in bidhistory.asp in Active Bids 3.5 allows remote attackers to execute arbitrary SQL commands via the ItemID parameter.
0
0
Attacker Value
Unknown

CVE-2008-4965

Disclosure Date: November 06, 2008 (last updated October 04, 2023)
liguidsoap.py in liguidsoap 0.3.8.1+2 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/liguidsoap.liq, (2) /tmp/lig.#####.log, and (3) /tmp/emission.ogg temporary files.
0
0
Attacker Value
Unknown

CVE-2008-4872

Disclosure Date: November 01, 2008 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in bidhistory.php in iTechBids Gold 5.0 allows remote attackers to inject arbitrary web script or HTML via the item_id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
0
0
Attacker Value
Unknown

CVE-2008-4175

Disclosure Date: September 23, 2008 (last updated October 04, 2023)
Multiple SQL injection vulnerabilities in Link Bid Script 1.5 allow remote attackers to execute arbitrary SQL commands via the (1) ucat parameter to upgrade.php and the (2) id parameter to linkadmin/edit.php.
0
0
Attacker Value
Unknown

CVE-2008-3237

Disclosure Date: July 21, 2008 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in forward_to_friend.php in ITechBids 7.0 Gold allows remote attackers to inject arbitrary web script or HTML via the productid parameter.
0
0
View More Topics  < Previous  Next >