CVE-2009-1506

SQL injection vulnerability in classes/Xp.php in eLitius 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to banner-details.php.

Publication date: Fri, 01 May 2009 22:30:00 +0000

Cyber News related to CVE-2009-1506

CVE-2009-3403 - Unspecified vulnerability in the JRockit component in BEA Product Suite R27.6.4: JRE/JDK, 1.4.2, 5, and, and 6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this issue subsumes ...
12 years ago

CVE-2021-47178 - In the Linux kernel, the following vulnerability has been resolved: ...
8 months ago

CVE-2010-0079 - Multiple vulnerabilities in the JRockit component in BEA Product Suite R27.6.5 using JRE/JDK 1.4.2, 5, and 6 allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this CVE identifier overlaps ...
12 years ago

CVE-2009-0191 - Foxit Reader 2.3 before Build 3902 and 3.0 before Build 1506, including 3.0.2009.1301, does not properly handle a JBIG2 symbol dictionary segment with zero new symbols, which allows remote attackers to execute arbitrary code via a crafted PDF file ...
6 years ago

CVE-2009-3239 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-2139, CVE-2009-2140. Reason: This candidate is a duplicate of CVE-2009-2139 and CVE-2009-2140. Notes: All CVE users should reference CVE-2009-2139 and CVE-2009-2140 instead of ...
54 years ago Tenable.com

CVE-2009-4212 - Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly ...
4 years ago

CVE-2009-1506 - SQL injection vulnerability in classes/Xp.php in eLitius 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to banner-details.php. ...
7 years ago

CVE-2009-0836 - Foxit Reader 2.3 before Build 3902 and 3.0 before Build 1506, including 1120 and 1301, does not require user confirmation before performing dangerous actions defined in a PDF file, which allows remote attackers to execute arbitrary programs and have ...
6 years ago

CVE-2009-0837 - Stack-based buffer overflow in Foxit Reader 3.0 before Build 1506, including 1120 and 1301, allows remote attackers to execute arbitrary code via a long (1) relative path or (2) absolute path in the filename argument in an action, as demonstrated by ...
6 years ago

CVE-2011-1506 - The STARTTLS implementation in Kerio Connect 7.1.4 build 2985 and MailServer 6.x does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is ...
7 years ago

CVE-1999-1506 - Vulnerability in SMI Sendmail 4.0 and earlier, on SunOS up to 4.0.3, allows remote attackers to access user bin. ...
16 years ago

CVE-2002-1506 - Buffer overflow in Linuxconf before 1.28r4 allows local users to execute arbitrary code via a long LINUXCONF_LANG environment variable, which overflows an error string that is generated. ...
16 years ago

CVE-2006-1506 - Unspecified vulnerability in rsh in Sun Microsystems Sun Grid Engine 5.3 before 20060327 and N1 Grid Engine 6.0 before 20060327 allows local users to gain root privileges. This vulnerability affects Sun Microsystems, Sun Grid Engine 5.3 before ...
13 years ago

CVE-2005-1506 - SQL injection vulnerability in out.php in CJ Ultra (CJUltra) Plus 1.0.3 and 1.0.4 allows remote attackers to execute arbitrary SQL commands via the perm parameter. ...
8 years ago

CVE-2014-1506 - Directory traversal vulnerability in Android Crash Reporter in Mozilla Firefox before 28.0 on Android allows attackers to trigger the transmission of local files to arbitrary servers, or cause a denial of service (application crash), via a crafted ...
8 years ago

CVE-2001-1506 - Unknown vulnerability in the file system protection subsystem in HP Secure OS Software for Linux 1.0 allows additional user privileges on some files beyond what is specified in the file system protection rules, which allows local users to conduct ...
7 years ago

CVE-2004-1506 - Multiple cross-site scripting (XSS) vulnerabilities in WebCalendar allow remote attackers to inject arbitrary web script via (1) view_entry.php, (2) view_d.php, (3) usersel.php, (4) datesel.php, (5) trailer.php, or (6) styles.php, as demonstrated ...
7 years ago

CVE-2003-1506 - Cross-site scripting (XSS) vulnerability in dansguardian.pl in Adelix CensorNet 3.0 through 3.2 allows remote attackers to execute arbitrary script as other users by injecting arbitrary HTML or script into the DENIEDURL parameter. ...
7 years ago

CVE-2012-1506 - SQL injection vulnerability in the updateStatus function in lib/models/benefits/Hsp.php in OrangeHRM before 2.7 allows remote authenticated users to execute arbitrary SQL commands via the hspSummaryId parameter to plugins/ajaxCalls/haltResumeHsp.php. ...
7 years ago

CVE-2010-1506 - The Google V8 bindings in Google Chrome before 4.1.249.1059 allow attackers to cause a denial of service (memory corruption) via unknown vectors. ...
7 years ago

CVE-2008-1506 - PEEL, possibly 3.x and earlier, allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function. ...
7 years ago

CVE-2017-1506 - IBM Cognos TM1 10.2 and 10.2.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a ...
6 years ago

CVE-2007-1506 - Cross-site scripting (XSS) vulnerability in PORTAL.wwv_main.render_warning_screen in the Oracle Portal 10g allows remote attackers to inject arbitrary web script or HTML via the (1) p_oldurl and (2) p_newurl parameters. ...
6 years ago

CVE-2017-11150 - Command injection vulnerability in Document.php in Synology Office 2.2.0-1502 and 2.2.1-1506 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the crafted file name of RTF documents. ...
5 years ago

CVE-2019-11073 - A Remote Code Execution vulnerability exists in PRTG Network Monitor before 19.4.54.1506 that allows attackers to execute code due to insufficient sanitization when passing arguments to the HttpTransactionSensor.exe binary. In order to exploit the ...
4 years ago

Latest Cyber News

CVE-2024-48007 - 18 hours ago
CVE-2024-48008 - 18 hours ago
CVE-2024-55889 - 18 hours ago
CVE-2024-11986 - 18 hours ago
CVE-2024-22461 - 18 hours ago
CVE-2024-38488 - 18 hours ago
CVE-2024-9608 - 20 hours ago
CVE-2024-11827 - 20 hours ago
CVE-2024-21576 - 20 hours ago
CVE-2024-21577 - 20 hours ago
CVE-2024-52065 - 21 hours ago
CVE-2024-52066 - 21 hours ago
CVE-2024-52059 - 21 hours ago
CVE-2024-52060 - 21 hours ago
CVE-2024-52061 - 21 hours ago
CVE-2024-52062 - 21 hours ago
CVE-2024-52063 - 21 hours ago
CVE-2024-52064 - 21 hours ago
CVE-2024-52058 - 21 hours ago
CVE-2021-32007 - 21 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

CVE-2024-40849 - 3 days ago
CVE-2024-44219 - 3 days ago
CVE-2024-44303 - 3 days ago
CVE-2024-8116 - 2 days ago
CVE-2024-8650 - 2 days ago
CVE-2024-21575 - 1 day ago
CVE-2024-54842 - 1 day ago
CVE-2024-55633 - 1 day ago
CVE-2024-52901 - 1 day ago
CVE-2024-55099 - 1 day ago
CVE-2024-31670 - 1 day ago
CVE-2024-47238 - 1 day ago
CVE-2024-54810 - 1 day ago
CVE-2024-55662 - 1 day ago
CVE-2024-49071 - 1 day ago
CVE-2024-49147 - 1 day ago
CVE-2024-54811 - 1 day ago
CVE-2024-55663 - 1 day ago
CVE-2024-55875 - 1 day ago
CVE-2024-55876 - 1 day ago