CVE-2009-1481

SQL injection vulnerability in action.asp in PuterJam's Blog (PJBlog3) 3.0.6.170 allows remote attackers to execute arbitrary SQL commands via the cname parameter in a checkAlias action, as exploited in the wild in April 2009. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Publication date: Wed, 29 Apr 2009 23:30:00 +0000

Cyber News related to CVE-2009-1481

CVE-2009-3403 - Unspecified vulnerability in the JRockit component in BEA Product Suite R27.6.4: JRE/JDK, 1.4.2, 5, and, and 6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this issue subsumes ...
12 years ago

CVE-2024-36927 - In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix uninit-value access in __ip_make_skb() KMSAN reported uninit-value access in __ip_make_skb() [1]. __ip_make_skb() tests HDRINCL to know if the skb has icmphdr. However, ...
5 months ago Tenable.com

CVE-2010-0079 - Multiple vulnerabilities in the JRockit component in BEA Product Suite R27.6.5 using JRE/JDK 1.4.2, 5, and 6 allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this CVE identifier overlaps ...
12 years ago

CVE-2009-1481 - SQL injection vulnerability in action.asp in PuterJam's Blog (PJBlog3) 3.0.6.170 allows remote attackers to execute arbitrary SQL commands via the cname parameter in a checkAlias action, as exploited in the wild in April 2009. NOTE: the ...
7 years ago

CVE-2009-3239 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-2139, CVE-2009-2140. Reason: This candidate is a duplicate of CVE-2009-2139 and CVE-2009-2140. Notes: All CVE users should reference CVE-2009-2139 and CVE-2009-2140 instead of ...
54 years ago Tenable.com

CVE-2009-4212 - Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly ...
4 years ago

CVE-2019-1481 - An information disclosure vulnerability exists in Windows Media Player when it fails to properly handle objects in memory, aka 'Windows Media Player Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1480. ...
4 years ago

CVE-2019-1480 - An information disclosure vulnerability exists in Windows Media Player when it fails to properly handle objects in memory, aka 'Windows Media Player Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1481. ...
4 years ago

CVE-2005-2629 - Integer overflow in RealNetworks RealPlayer 8, 10, and 10.5, RealOne Player 1 and 2, and Helix Player 10.0.0 allows remote attackers to execute arbitrary code via an .rm movie file with a large value in the length field of the first data packet, ...
11 months ago

CVE-2004-1481 - Integer overflow in pnen3260.dll in RealPlayer 8 through 10.5 (6.0.12.1040) and earlier, and RealOne Player 1 or 2 on Windows or Mac OS, allows remote attackers to execute arbitrary code via a SMIL file and a .rm movie file with a large length field ...
3 years ago

CVE-2002-1481 - savesettings.php in phpGB 1.20 and earlier does not require authentication, which allows remote attackers to cause a denial of service or execute arbitrary PHP code by using savesettings.php to modify config.php. ...
16 years ago

CVE-2001-1481 - Xitami 2.4 through 2.5 b4 stores the Administrator password in plaintext in the default.aut file, whose default permissions are world-readable, which allows remote attackers to gain privileges. ...
9 months ago

CVE-2005-1481 - Multiple SQL injection vulnerabilities in Aaron Outpost ASP Inline Corporate Calendar allow remote attackers to execute arbitrary SQL commands via the Event_ID parameter to (1) defer.asp or (2) details.asp. ...
7 years ago

CVE-2003-1481 - CommuniGate Pro 3.1 through 4.0.6 sends the session ID in the referer field for an HTTP request for an image, which allows remote attackers to hijack mail sessions via an e-mail with an IMG tag that references a malicious URL that captures the ...
7 years ago

CVE-2016-1481 - A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.Affected Products: ...
7 years ago

CVE-2008-1481 - Cross-site scripting (XSS) vulnerability in index.php in webSPELL 4.1.2 allows remote attackers to inject arbitrary web script or HTML via the board parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from ...
7 years ago

CVE-1999-1481 - Squid 2.2.STABLE5 and below, when using external authentication, allows attackers to bypass access controls via a newline in the user/password pair. ...
7 years ago

CVE-2007-1481 - SQL injection vulnerability in index.php in WBBlog allows remote attackers to execute arbitrary SQL commands via the e_id parameter in a viewentry cmd. ...
7 years ago

CVE-2006-1481 - SQL injection vulnerability in search.php in PHP Ticket 0.71 allows remote authenticated users to execute arbitrary SQL commands and obtain usernames and passwords via the frm_search_in parameter. ...
7 years ago

CVE-2017-1481 - IBM Sterling B2B Integrator Standard Edition 5.2 allows a user to view sensitive information that belongs to another user. IBM X-Force ID: 128619. ...
6 years ago

CVE-2012-1481 - Unspecified vulnerability in the Textdroid (com.app.android.textdroid) application 2.5.2 for Android has unknown impact and attack vectors. ...
6 years ago

CVE-2011-1481 - Multiple cross-site scripting (XSS) vulnerabilities in Francisco Burzi PHP-Nuke 8.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) sender_name or (2) sender_email parameter in a Feedback action to modules.php. ...
6 years ago

CVE-2015-1481 - Ansible Tower (aka Ansible UI) before 2.0.5 allows remote organization administrators to gain privileges by creating a superuser account. ...
6 years ago

CVE-2010-1481 - Cross-site scripting (XSS) vulnerability in the table feature in PmWiki 2.2.15 allows remote authenticated users to inject arbitrary web script or HTML via the width attribute. ...
6 years ago

CVE-2018-1481 - IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser ...
5 years ago

Latest Cyber News

CVE-2024-11586 - 21 hours ago
CVE-2024-50054 - 1 day ago
CVE-2024-47138 - 1 day ago
CVE-2024-52034 - 1 day ago
CVE-2024-47407 - 1 day ago
CVE-2024-0138 - 1 day ago
CVE-2024-9113 - 1 day ago
CVE-2024-9112 - 1 day ago
CVE-2024-7565 - 1 day ago
CVE-2024-7511 - 1 day ago
CVE-2024-7510 - 1 day ago
CVE-2024-7352 - 1 day ago
CVE-2024-7253 - 1 day ago
CVE-2024-7245 - 1 day ago
CVE-2024-6871 - 1 day ago
CVE-2024-11394 - 1 day ago
CVE-2024-11393 - 1 day ago
CVE-2024-11392 - 1 day ago
CVE-2024-6822 - 1 day ago
CVE-2024-6821 - 1 day ago

Cyber Trends (last 7 days)

Okta - 11 months ago
23andMe - 11 months ago
Kimsuky - 11 months ago
LogoFAIL - 11 months ago
Gh0st rat - 11 months ago

Trending Cyber News (last 7 days)

CVE-2024-52440 - 3 days ago
CVE-2024-52441 - 3 days ago
CVE-2024-52447 - 3 days ago
CVE-2024-11484 - 3 days ago
CVE-2024-11489 - 3 days ago
CVE-2018-9471 - 3 days ago
CVE-2018-9479 - 3 days ago
CVE-2018-9480 - 3 days ago
CVE-2018-9482 - 3 days ago
CVE-2018-9486 - 3 days ago
CVE-2024-33439 - 3 days ago
CVE-2024-48534 - 3 days ago
CVE-2024-48982 - 3 days ago
CVE-2024-49203 - 3 days ago
CVE-2024-52677 - 3 days ago
CVE-2024-52701 - 3 days ago
CVE-2024-9875 - 3 days ago
CVE-2024-11233 - 2 days ago
CVE-2024-11234 - 2 days ago
CVE-2024-11236 - 2 days ago