CVE-2009-2339

SQL injection vulnerability in index.php in Rentventory allows remote attackers to execute arbitrary SQL commands via the product parameter.

Publication date: Wed, 08 Jul 2009 00:30:00 +0000

Cyber News related to CVE-2009-2339

CVE-2009-3403 - Unspecified vulnerability in the JRockit component in BEA Product Suite R27.6.4: JRE/JDK, 1.4.2, 5, and, and 6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this issue subsumes ...
12 years ago

CVE-2012-2699 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-2339. Reason: This candidate is a duplicate of CVE-2012-2339. Notes: All CVE users should reference CVE-2012-2339 instead of this candidate. All references and descriptions in ...
54 years ago Tenable.com

CVE-2010-0079 - Multiple vulnerabilities in the JRockit component in BEA Product Suite R27.6.5 using JRE/JDK 1.4.2, 5, and 6 allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this CVE identifier overlaps ...
12 years ago

CVE-2009-3239 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-2139, CVE-2009-2140. Reason: This candidate is a duplicate of CVE-2009-2139 and CVE-2009-2140. Notes: All CVE users should reference CVE-2009-2139 and CVE-2009-2140 instead of ...
54 years ago Tenable.com

CVE-2009-4212 - Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly ...
4 years ago

CVE-2009-2339 - SQL injection vulnerability in index.php in Rentventory allows remote attackers to execute arbitrary SQL commands via the product parameter. ...
7 years ago

CVE-2008-2339 - SQL injection vulnerability in index.php in Turnkey Web Tools SunShop Shopping Cart 3.5.1 allows remote attackers to execute arbitrary SQL commands via the id parameter in an item action, a different vector than CVE-2008-2038, CVE-2007-4597, and ...
6 years ago

CVE-2015-2338 - TPview.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly ...
7 years ago

CVE-2015-2339 - TPview.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly ...
7 years ago

CVE-2021-2339 - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols ...
3 years ago

CVE-2002-2339 - Cross-site scripting (XSS) vulnerability in configure.asp in Script-Shed GuestBook 1.0 allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in (1) image, (2) img, (3) imageright, (4) imgright, (5) imageleft, and (6) ...
16 years ago

CVE-2005-2339 - Cross-site scripting (XSS) vulnerability in the Unicode version of msearch (unicode-msearch) 1.51(U1)-beta1, 1.51(U1), and 1.52(U1) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. ...
16 years ago

CVE-2006-2339 - SQL injection vulnerability in index.php in evoTopsites 2.x and evoTopsites Pro 2.x allows remote attackers to execute arbitrary SQL commands via the (1) cat_id and (2) id parameters. ...
7 years ago

CVE-2017-2339 - A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of ...
7 years ago

CVE-2010-2339 - SQL injection vulnerability in admin/pages.php in Subdreamer CMS 3.x.x allows remote attackers to execute arbitrary SQL commands via the categoryids[] parameter in an update_pages action. ...
7 years ago

CVE-2012-2339 - Cross-site scripting (XSS) vulnerability in the Glossary module 6.x-1.x before 6.x-1.8 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "taxonomy information." ...
7 years ago

CVE-2014-2339 - Multiple SQL injection vulnerabilities in bbs/ajax.autosave.php in GNUboard 5.x and possibly earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) subject or (2) content parameter. ...
7 years ago

CVE-2011-2339 - WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability ...
7 years ago

CVE-2016-2339 - An exploitable heap overflow vulnerability exists in the Fiddle::Function.new "initialize" function functionality of Ruby. In Fiddle::Function.new "initialize" heap buffer "arg_types" allocation is made based on args array ...
6 years ago

CVE-2007-2339 - Multiple SQL injection vulnerabilities in Phorum before 5.1.22 allow remote attackers to execute arbitrary SQL commands via (1) a modified recipients parameter name in (a) pm.php; (2) the curr parameter to the (b) badwords (aka censorlist) or (c) ...
6 years ago

CVE-2004-2339 - ** DISPUTED ** Microsoft Windows 2000, XP, and possibly 2003 allows local users with the SeDebugPrivilege privilege to execute arbitrary code as kernel and read or write kernel memory via the NtSystemDebugControl function, which does not verify its ...
5 years ago

CVE-2013-2339 - HP Smart Zero Core 4.3 and 4.3.1 on the t410 All-in-One Smart Zero Client, t410 Smart Zero Client, t510 Flexible Thin Client, t5565z Smart Client, t610 Flexible Thin Client, and t610 PLUS Flexible Thin Client allows local users to obtain sensitive ...
5 years ago

CVE-2019-2339 - Out of bound access due to lack of check of whiltelist array size while reading the image elf segments. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon ...
4 years ago

CVE-2022-2339 - With this SSRF vulnerability, an attacker can reach internal addresses to make a request as the server and read it's contents. This attack can lead to leak of sensitive information. ...
2 years ago

CVE-2023-2339 - Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.5.21. ...
1 year ago

Latest Cyber News

CVE-2024-53094 - 16 hours ago
CVE-2024-52289 - 17 hours ago
CVE-2024-52307 - 17 hours ago
CVE-2024-52309 - 18 hours ago
CVE-2024-52799 - 18 hours ago
CVE-2024-52803 - 18 hours ago
CVE-2024-8525 - 19 hours ago
CVE-2024-8526 - 19 hours ago
CVE-2024-28892 - 20 hours ago
CVE-2024-21855 - 20 hours ago
CVE-2024-28025 - 20 hours ago
CVE-2024-28027 - 20 hours ago
CVE-2024-21786 - 20 hours ago
CVE-2024-11592 - 20 hours ago
CVE-2024-11591 - 21 hours ago
CVE-2024-7130 - 21 hours ago
CVE-2024-11590 - 22 hours ago
CVE-2024-11588 - 22 hours ago
CVE-2024-11587 - 22 hours ago
CVE-2024-10316 - 1 day ago

Cyber Trends (last 7 days)

Okta - 11 months ago
23andMe - 11 months ago
Kimsuky - 11 months ago
LogoFAIL - 11 months ago
Gh0st rat - 11 months ago

Trending Cyber News (last 7 days)

CVE-2024-11595 - 2 days ago
CVE-2024-45510 - 2 days ago
CVE-2024-45511 - 2 days ago
CVE-2024-48530 - 2 days ago
CVE-2024-48531 - 2 days ago
CVE-2024-48983 - 2 days ago
CVE-2024-48984 - 2 days ago
CVE-2024-51151 - 2 days ago
CVE-2024-51208 - 2 days ago
CVE-2024-52754 - 2 days ago
CVE-2024-52755 - 2 days ago
CVE-2024-52765 - 2 days ago
CVE-2024-52797 - 2 days ago
CVE-2024-8726 - 2 days ago
CVE-2024-10365 - 2 days ago
CVE-2024-52443 - 2 days ago
CVE-2024-52449 - 1 day ago
CVE-2024-10520 - 1 day ago
CVE-2024-11406 - 1 day ago
CVE-2024-10913 - 1 day ago