SQL injection vulnerability in admin/member_details.php in 2daybiz Business Community Script allows remote attackers to execute arbitrary SQL commands via the mid parameter.
Publication date: Sat, 16 May 2009 23:30:00 +0000
Cyber News related to CVE-2009-1651
CVE-2002-2151 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-1651. Reason: This candidate is a duplicate of CVE-2002-1651. Notes: All CVE users should reference CVE-2002-1651 instead of this candidate. All references and descriptions in ...
54 years ago Tenable.com
CVE-2009-3403 - Unspecified vulnerability in the JRockit component in BEA Product Suite R27.6.4: JRE/JDK, 1.4.2, 5, and, and 6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this issue subsumes ...
12 years ago
CVE-2010-0079 - Multiple vulnerabilities in the JRockit component in BEA Product Suite R27.6.5 using JRE/JDK 1.4.2, 5, and 6 allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this CVE identifier overlaps ...
12 years ago
CVE-2009-1651 - SQL injection vulnerability in admin/member_details.php in 2daybiz Business Community Script allows remote attackers to execute arbitrary SQL commands via the mid parameter. ...
7 years ago
CVE-2009-3239 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-2139, CVE-2009-2140. Reason: This candidate is a duplicate of CVE-2009-2139 and CVE-2009-2140. Notes: All CVE users should reference CVE-2009-2139 and CVE-2009-2140 instead of ...
54 years ago Tenable.com
CVE-2009-4212 - Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly ...
4 years ago
CVE-2021-1651 - Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1680. ...
3 years ago
CVE-2021-1680 - Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1651. ...
3 years ago
CVE-2005-1651 - Directory traversal vulnerability in message.htm for Woppoware PostMaster 4.2.2 (build 3.2.5) allows remote attackers to determine the existence of arbitrary files via a .. (dot dot) in the wmm parameter. ...
16 years ago
CVE-2007-1651 - Cross-site request forgery (CSRF) vulnerability in OpenID allows remote attackers to restore the login session of a user on an OpenID enabled site via unspecified vectors related to an arbitrary remote web site and cached tokens, after the user has ...
16 years ago
CVE-2011-1651 - Cisco IOS XR 3.9.x and 4.0.x before 4.0.3 and 4.1.x before 4.1.1, when an SPA interface processor is installed, allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 packet, aka Bug ID CSCto45095. ...
13 years ago
CVE-2012-1651 - Cross-site scripting (XSS) vulnerability in the Submenu Tree module before 6.x-1.5 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. ...
12 years ago
CVE-2013-1651 - OXUpdater in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof update servers and install arbitrary software ...
10 years ago
CVE-2020-1651 - On Juniper Networks MX series, receipt of a stream of specific Layer 2 frames may cause a memory leak resulting in the packet forwarding engine (PFE) on the line card to crash and restart, causing traffic interruption. By continuously sending this ...
3 years ago
CVE-2002-1651 - Cross-site scripting (XSS) vulnerability in Verity Search97 allows remote attackers to insert arbitrary web content and steal sensitive information from other clients, possibly due to certain error messages from template pages that use the (1) ...
7 years ago
CVE-2004-1651 - Multiple cross-site scripting (XSS) vulnerabilities in the registration page in phpScheduleIt 1.0.0 RC1 allow remote attackers to inject arbitrary web script or HTML via the (1) Name or (2) Lastname fields during new user registration, or (3) the ...
7 years ago
CVE-2010-1651 - IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.31 and 7.0.x before 7.0.0.11, when Basic authentication and SIP tracing (aka full trace logging for SIP) are enabled, logs the entirety of all inbound and outbound SIP messages, which allows ...
7 years ago
CVE-2014-1651 - SQL injection vulnerability in clientreport.php in the management console in Symantec Web Gateway (SWG) before 5.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. ...
6 years ago
CVE-2008-1651 - Directory traversal vulnerability in admin/login.php in EasyNews 4.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter. Additional information can be found at:
...
6 years ago
CVE-2015-1651 - Use-after-free vulnerability in Microsoft Word 2007 SP3, Word Viewer, and Office Compatibility Pack SP3 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Component Use After Free ...
6 years ago
CVE-2006-1651 - ** DISPUTED ** Microsoft ISA Server 2004 allows remote attackers to bypass certain filtering rules, including ones for (1) ICMP and (2) TCP, via IPv6 packets. NOTE: An established researcher has disputed this issue, saying that "Neither ISA ...
6 years ago
CVE-2016-1651 - fxcodec/codec/fx_codec_jpx_opj.cpp in PDFium, as used in Google Chrome before 50.0.2661.75, does not properly implement the sycc420_to_rgb and sycc422_to_rgb functions, which allows remote attackers to obtain sensitive information from process memory ...
6 years ago
CVE-2017-1651 - IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus ...
5 years ago
CVE-2019-1651 - A vulnerability in the vContainer of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to cause a denial of service (DoS) condition and execute arbitrary code as the root user. The vulnerability is due to improper bounds ...
5 years ago
CVE-2023-1651 - The AI ChatBot WordPress plugin before 4.4.9 does not have authorisation and CSRF in the AJAX action responsible to update the OpenAI settings, allowing any authenticated users, such as subscriber to update them. Furthermore, due to the lack of ...
1 year ago