Search Results (362808 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-3334 2 Joomla, Lhacky 2 Joomla\!, Com Jinc 2026-04-23 N/A
SQL injection vulnerability in the Lhacky! Extensions Cave Joomla! Integrated Newsletters Component (aka JINC or com_jinc) component 0.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the newsid parameter in a messages action to index.php.
CVE-2009-3335 2 Joomla, Turtus 2 Joomla\!, Turtushout 2026-04-23 N/A
SQL injection vulnerability in the TurtuShout component 0.11 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Name field.
CVE-2009-3348 1 Datavore 1 Gyro 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in Datavore Gyro 5.0 allows remote attackers to inject arbitrary web script or HTML via the cid parameter in a cat action to the home component.
CVE-2009-3349 1 Datavore 1 Gyro 2026-04-23 N/A
SQL injection vulnerability in Datavore Gyro 5.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter in a cat action to the home component.
CVE-2009-3350 2 Drupal, Roshan Shah 2 Drupal, Subdomain Manager 2026-04-23 N/A
Multiple unspecified vulnerabilities in the Subdomain Manager module for Drupal have unknown impact and attack vectors.
CVE-2009-3351 2 Drupal, Kristy Frey 2 Drupal, Node Browser Module 2026-04-23 N/A
Multiple unspecified vulnerabilities in the Node Browser module for Drupal have unknown impact and attack vectors.
CVE-2009-3354 2 Andrew Sterling Hanenkamp, Drupal 2 Rest Api Module, Drupal 2026-04-23 N/A
Multiple unspecified vulnerabilities in the Rest API module for Drupal have unknown impact and attack vectors.
CVE-2009-3355 1 Datetopia 1 Buy Dating Site 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in profile.php in Datetopia Buy Dating Site 1.0 allows remote attackers to inject arbitrary web script or HTML via the s_r parameter.
CVE-2009-3356 1 Plohni 1 Image Voting 2026-04-23 N/A
SQL injection vulnerability in index.php in Image voting 1.0 allows remote attackers to execute arbitrary SQL commands via the show parameter.
CVE-2009-3358 1 Tourismscripts 1 Adult Portal Escort Listing 2026-04-23 N/A
SQL injection vulnerability in profile.php in Tourism Scripts Adult Portal escort listing allows remote attackers to execute arbitrary SQL commands via the user_id parameter.
CVE-2009-3359 1 Datetopia 1 Match Agency Biz 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Match Agency BiZ 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) important parameter to edit_profile.php and (2) pid parameter to report.php.
CVE-2009-3360 1 Datemill 1 Datemill 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Datemill 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) return parameter to photo_view.php, and st parameter to (2) photo_search.php and (3) search.php.
CVE-2009-3361 1 Paul Gibbs 1 Php-ipnmonitor 2026-04-23 N/A
SQL injection vulnerability in index.php in PHP-IPNMonitor allows remote attackers to execute arbitrary SQL commands via the maincat_id parameter.
CVE-2009-3363 2 Drupal, Ufku Bayburt 2 Drupal, Bueditor 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the BUEditor module 5.x before 5.x-1.2 and 6.x before 6.x-1.4, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via input to the "plain textarea editor."
CVE-2009-3364 1 Ftpshell 1 Ftpshell 2026-04-23 N/A
Stack-based buffer overflow in FTPShell Client 4.1 RC2 allows remote FTP servers to execute arbitrary code via a long response to a PASV command.
CVE-2009-3365 1 Traza 1 Aurora 2026-04-23 N/A
PHP remote file inclusion vulnerability in add-ons/modules/sysmanager/plugins/install.plugin.php in Aurora CMS 1.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the AURORA_MODULES_FOLDER parameter.
CVE-2009-3366 1 Plohni 1 An Image Gallery 2026-04-23 N/A
Directory traversal vulnerability in navigation.php in An image gallery 1.0 allows remote attackers to list arbitrary directories via a .. (dot dot) in the path parameter.
CVE-2009-3368 2 Joomla, Joomlahbs 2 Joomla\!, Com Hbssearch 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the Hotel Booking Reservation System (aka HBS or com_hbssearch) component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the adult parameter in a showhoteldetails action to index.php.
CVE-2009-3371 1 Mozilla 1 Firefox 2026-04-23 N/A
Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by creating JavaScript web-workers recursively.
CVE-2009-3373 2 Mozilla, Redhat 3 Firefox, Seamonkey, Enterprise Linux 2026-04-23 N/A
Heap-based buffer overflow in the GIF image parser in Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via unspecified vectors.