PHP remote file inclusion vulnerability in add-ons/modules/sysmanager/plugins/install.plugin.php in Aurora CMS 1.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the AURORA_MODULES_FOLDER parameter. Date published : 2009-09-24 http://www.exploit-db.com/exploits/9656
Stack-based buffer overflow in FTPShell Client 4.1 RC2 allows remote FTP servers to execute arbitrary code via a long response to a PASV command. Date published : 2009-09-24 http://www.securityfocus.com/bid/36327 http://www.exploit-db.com/exploits/9613
Cross-site scripting (XSS) vulnerability in the BUEditor module 5.x before 5.x-1.2 and 6.x before 6.x-1.4, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via input to the "plain...
PHP remote file inclusion vulnerability in printnews.php3 in SZNews 2.7 allows remote attackers to execute arbitrary PHP code via a URL in the id parameter. Date published : 2009-09-24 http://packetstormsecurity.org/0909-exploits/sznews-rfi.txt http://osvdb.org/57986
SQL injection vulnerability in index.php in PHP-IPNMonitor allows remote attackers to execute arbitrary SQL commands via the maincat_id parameter. Date published : 2009-09-24 http://www.exploit-db.com/exploits/9647
Multiple cross-site scripting (XSS) vulnerabilities in Datemill 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) return parameter to photo_view.php, and st parameter to (2) photo_search.php and (3) search.php....
Multiple cross-site scripting (XSS) vulnerabilities in Match Agency BiZ 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) important parameter to edit_profile.php and (2) pid parameter to report.php. Date...
SQL injection vulnerability in profile.php in Tourism Scripts Adult Portal escort listing allows remote attackers to execute arbitrary SQL commands via the user_id parameter. Date published : 2009-09-24 http://www.exploit-db.com/exploits/9634 https://exchange.xforce.ibmcloud.com/vulnerabilities/53134
Multiple SQL injection vulnerabilities in the Hotel Booking Reservation System (aka HBS or com_hbssearch) component for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) h_id, (2) id, and (3) rid...
SQL injection vulnerability in index.php in Image voting 1.0 allows remote attackers to execute arbitrary SQL commands via the show parameter. Date published : 2009-09-24 http://www.exploit-db.com/exploits/9639 http://secunia.com/advisories/36705
Cross-site scripting (XSS) vulnerability in profile.php in Datetopia Buy Dating Site 1.0 allows remote attackers to inject arbitrary web script or HTML via the s_r parameter. Date published : 2009-09-24 http://packetstormsecurity.org/0909-exploits/buydatingsite-xss.txt http://osvdb.org/57967
Multiple unspecified vulnerabilities in the Rest API module for Drupal have unknown impact and attack vectors. Date published : 2009-09-24 http://www.securityfocus.com/bid/36331 http://drupal.org/node/572852
Multiple unspecified vulnerabilities in the Node2Node module for Drupal have unknown impact and attack vectors. Date published : 2009-09-24 http://www.securityfocus.com/bid/36323 http://drupal.org/node/572852
Multiple unspecified vulnerabilities in the quota_by_role (Quota by role) module for Drupal have unknown impact and attack vectors. Date published : 2009-09-24 http://www.securityfocus.com/bid/36330 http://drupal.org/node/572852