Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-09-04 | CVE-2008-7164 | Unspecified vulnerability in Ryo-Oh-Ki Shareaza 2.0.0.0/2.2.0.0/2.2.1.0 Multiple unspecified vulnerabilities in Shareaza before 2.3.1.0 have unknown impact and attack vectors related to "very important security fixes," possibly involving update notifications and a domain that is no longer controlled by the vendor. | 10.0 |
| 2009-09-04 | CVE-2008-7163 | Path Traversal vulnerability in Sinecms Directory traversal vulnerability in mods/Integrated/index.php in SineCMS 2.3.5 and earlier, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via the sine[config][index_main] parameter. | 6.8 |
| 2009-09-04 | CVE-2008-7162 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Heroshare Hero Super Player 3000 Buffer overflow in Hero Super Player 3000 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long filename in a .M3U file. | 9.3 |
| 2009-09-04 | CVE-2008-7161 | Permissions, Privileges, and Access Controls vulnerability in Fortinet Fortigate-1000 3.00 Fortinet FortiGuard Fortinet FortiGate-1000 3.00 build 040075,070111 allows remote attackers to bypass URL filtering via fragmented GET or POST requests that use HTTP/1.0 without the Host header. | 7.5 |
| 2009-09-03 | CVE-2009-3067 | Cross-Site Scripting vulnerability in Webformatique Reservation Manager Cross-site scripting (XSS) vulnerability in index.php in Reservation Manager allows remote attackers to inject arbitrary web script or HTML via the resman_startdate parameter. | 4.3 |
| 2009-09-03 | CVE-2009-3066 | Cross-Site Scripting vulnerability in Propertywatchscript Property Watch 2.0 Multiple cross-site scripting (XSS) vulnerabilities in PropertyWatchScript.com Property Watch 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) videoid parameter to tools/email.php and (2) redirect parameter to tools/login.php. | 4.3 |
| 2009-09-03 | CVE-2009-3065 | Code Injection vulnerability in Rein Velt Vedit 01.4 PHP remote file inclusion vulnerability in editor/edit_htmlarea.php in Ve-EDIT 0.1.4 allows remote attackers to execute arbitrary PHP code via a URL in the highlighter parameter. | 7.5 |
| 2009-09-03 | CVE-2009-3064 | Path Traversal vulnerability in Rein Velt Vedit 01.4 Directory traversal vulnerability in debugger/debug_php.php in Ve-EDIT 0.1.4 allows remote attackers to include and execute arbitrary local files via a .. | 7.5 |
| 2009-09-03 | CVE-2009-3063 | SQL Injection vulnerability in Indianpulses COM Gameserver 1.0 SQL injection vulnerability in the Game Server (com_gameserver) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a gamepanel action to index.php. | 7.5 |
| 2009-09-03 | CVE-2009-3062 | SQL Injection vulnerability in PHPlivesupport. PHPlive! 3.3 SQL injection vulnerability in message_box.php in OSI Codes PHP Live! 3.3 allows remote attackers to execute arbitrary SQL commands via the deptid parameter. | 7.5 |