Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
10 vulnerabilities by phpscriptsnow
CVE-2009-4715 (GCVE-0-2009-4715)
Vulnerability from cvelistv5 – Published: 2010-03-15 21:00 – Updated: 2024-08-07 07:17
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in rates.php in Real Time Currency Exchange allows remote attackers to inject arbitrary web script or HTML via the Amount parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Date Public ?
2009-07-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:17:24.899Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "realtime-rates-xss(51853)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51853"
},
{
"name": "56081",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/56081"
},
{
"name": "35936",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35936"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.org/0907-exploits/rtce-xss.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-07-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in rates.php in Real Time Currency Exchange allows remote attackers to inject arbitrary web script or HTML via the Amount parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "realtime-rates-xss(51853)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51853"
},
{
"name": "56081",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/56081"
},
{
"name": "35936",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35936"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.org/0907-exploits/rtce-xss.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4715",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in rates.php in Real Time Currency Exchange allows remote attackers to inject arbitrary web script or HTML via the Amount parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "realtime-rates-xss(51853)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51853"
},
{
"name": "56081",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/56081"
},
{
"name": "35936",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35936"
},
{
"name": "http://packetstormsecurity.org/0907-exploits/rtce-xss.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/0907-exploits/rtce-xss.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-4715",
"datePublished": "2010-03-15T21:00:00.000Z",
"dateReserved": "2010-03-15T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:17:24.899Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-4685 (GCVE-0-2009-4685)
Vulnerability from cvelistv5 – Published: 2010-03-10 22:00 – Updated: 2024-08-07 07:08
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in celebrities.php in PHP Scripts Now Astrology allows remote attackers to inject arbitrary web script or HTML via the day parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Date Public ?
2009-07-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:08:38.176Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.org/0907-exploits/astrology-xss.txt"
},
{
"name": "35933",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35933"
},
{
"name": "astrology-day-xss(51856)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51856"
},
{
"name": "56083",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/56083"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-07-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in celebrities.php in PHP Scripts Now Astrology allows remote attackers to inject arbitrary web script or HTML via the day parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.org/0907-exploits/astrology-xss.txt"
},
{
"name": "35933",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35933"
},
{
"name": "astrology-day-xss(51856)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51856"
},
{
"name": "56083",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/56083"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4685",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in celebrities.php in PHP Scripts Now Astrology allows remote attackers to inject arbitrary web script or HTML via the day parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.org/0907-exploits/astrology-xss.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/0907-exploits/astrology-xss.txt"
},
{
"name": "35933",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35933"
},
{
"name": "astrology-day-xss(51856)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51856"
},
{
"name": "56083",
"refsource": "OSVDB",
"url": "http://osvdb.org/56083"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-4685",
"datePublished": "2010-03-10T22:00:00.000Z",
"dateReserved": "2010-03-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:08:38.176Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-2888 (GCVE-0-2009-2888)
Vulnerability from cvelistv5 – Published: 2009-08-20 17:00 – Updated: 2024-08-07 06:07
VLAI?
Summary
SQL injection vulnerability in index.php in PHP Scripts Now Hangman allows remote attackers to execute arbitrary SQL commands via the n parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Date Public ?
2009-07-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:07:37.175Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "hangman-index-sql(51884)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51884"
},
{
"name": "56075",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/56075"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.org/0907-exploits/tophangman-sqlxss.txt"
},
{
"name": "35888",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35888"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-07-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in index.php in PHP Scripts Now Hangman allows remote attackers to execute arbitrary SQL commands via the n parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "hangman-index-sql(51884)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51884"
},
{
"name": "56075",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/56075"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.org/0907-exploits/tophangman-sqlxss.txt"
},
{
"name": "35888",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35888"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2888",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in index.php in PHP Scripts Now Hangman allows remote attackers to execute arbitrary SQL commands via the n parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "hangman-index-sql(51884)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51884"
},
{
"name": "56075",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/56075"
},
{
"name": "http://packetstormsecurity.org/0907-exploits/tophangman-sqlxss.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/0907-exploits/tophangman-sqlxss.txt"
},
{
"name": "35888",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35888"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-2888",
"datePublished": "2009-08-20T17:00:00.000Z",
"dateReserved": "2009-08-20T00:00:00.000Z",
"dateUpdated": "2024-08-07T06:07:37.175Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-2885 (GCVE-0-2009-2885)
Vulnerability from cvelistv5 – Published: 2009-08-20 17:00 – Updated: 2024-08-07 06:07
VLAI?
Summary
SQL injection vulnerability in bios.php in PHP Scripts Now World's Tallest Buildings allows remote attackers to execute arbitrary SQL commands via the rank parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Date Public ?
2009-07-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:07:37.264Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "35935",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35935"
},
{
"name": "phpscripts-bios-sql-injection(51870)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51870"
},
{
"name": "56121",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/56121"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.org/0907-exploits/tallestbuildings-sql.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-07-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in bios.php in PHP Scripts Now World\u0027s Tallest Buildings allows remote attackers to execute arbitrary SQL commands via the rank parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "35935",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35935"
},
{
"name": "phpscripts-bios-sql-injection(51870)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51870"
},
{
"name": "56121",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/56121"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.org/0907-exploits/tallestbuildings-sql.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2885",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in bios.php in PHP Scripts Now World\u0027s Tallest Buildings allows remote attackers to execute arbitrary SQL commands via the rank parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "35935",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35935"
},
{
"name": "phpscripts-bios-sql-injection(51870)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51870"
},
{
"name": "56121",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/56121"
},
{
"name": "http://packetstormsecurity.org/0907-exploits/tallestbuildings-sql.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/0907-exploits/tallestbuildings-sql.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-2885",
"datePublished": "2009-08-20T17:00:00.000Z",
"dateReserved": "2009-08-20T00:00:00.000Z",
"dateUpdated": "2024-08-07T06:07:37.264Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-2887 (GCVE-0-2009-2887)
Vulnerability from cvelistv5 – Published: 2009-08-20 17:00 – Updated: 2024-08-07 06:07
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in bios.php in PHP Scripts Now President Bios allows remote attackers to inject arbitrary web script or HTML via the rank parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Date Public ?
2009-07-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:07:37.211Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "35935",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35935"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.org/0907-exploits/presidentbios-sqlxss.txt"
},
{
"name": "phpscripts-bios-xss(51871)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51871"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-07-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in bios.php in PHP Scripts Now President Bios allows remote attackers to inject arbitrary web script or HTML via the rank parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "35935",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35935"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.org/0907-exploits/presidentbios-sqlxss.txt"
},
{
"name": "phpscripts-bios-xss(51871)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51871"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2887",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in bios.php in PHP Scripts Now President Bios allows remote attackers to inject arbitrary web script or HTML via the rank parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "35935",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35935"
},
{
"name": "http://packetstormsecurity.org/0907-exploits/presidentbios-sqlxss.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/0907-exploits/presidentbios-sqlxss.txt"
},
{
"name": "phpscripts-bios-xss(51871)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51871"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-2887",
"datePublished": "2009-08-20T17:00:00.000Z",
"dateReserved": "2009-08-20T00:00:00.000Z",
"dateUpdated": "2024-08-07T06:07:37.211Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-2884 (GCVE-0-2009-2884)
Vulnerability from cvelistv5 – Published: 2009-08-20 17:00 – Updated: 2024-08-07 06:07
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in bios.php in PHP Scripts Now World's Tallest Buildings allows remote attackers to inject arbitrary web script or HTML via the rank parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Date Public ?
2009-07-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:07:37.166Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "35935",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35935"
},
{
"name": "phpscripts-bios-xss(51871)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51871"
},
{
"name": "56122",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/56122"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.org/0907-exploits/tallestbuildings-sql.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-07-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in bios.php in PHP Scripts Now World\u0027s Tallest Buildings allows remote attackers to inject arbitrary web script or HTML via the rank parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "35935",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35935"
},
{
"name": "phpscripts-bios-xss(51871)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51871"
},
{
"name": "56122",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/56122"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.org/0907-exploits/tallestbuildings-sql.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2884",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in bios.php in PHP Scripts Now World\u0027s Tallest Buildings allows remote attackers to inject arbitrary web script or HTML via the rank parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "35935",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35935"
},
{
"name": "phpscripts-bios-xss(51871)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51871"
},
{
"name": "56122",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/56122"
},
{
"name": "http://packetstormsecurity.org/0907-exploits/tallestbuildings-sql.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/0907-exploits/tallestbuildings-sql.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-2884",
"datePublished": "2009-08-20T17:00:00.000Z",
"dateReserved": "2009-08-20T00:00:00.000Z",
"dateUpdated": "2024-08-07T06:07:37.166Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-2889 (GCVE-0-2009-2889)
Vulnerability from cvelistv5 – Published: 2009-08-20 17:00 – Updated: 2024-08-07 06:07
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in index.php in PHP Scripts Now Hangman allows remote attackers to inject arbitrary web script or HTML via the letters parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Date Public ?
2009-07-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:07:37.201Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "56074",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/56074"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.org/0907-exploits/tophangman-sqlxss.txt"
},
{
"name": "35888",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35888"
},
{
"name": "hangman-index-xss(51883)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51883"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-07-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in index.php in PHP Scripts Now Hangman allows remote attackers to inject arbitrary web script or HTML via the letters parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "56074",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/56074"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.org/0907-exploits/tophangman-sqlxss.txt"
},
{
"name": "35888",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35888"
},
{
"name": "hangman-index-xss(51883)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51883"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2889",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in index.php in PHP Scripts Now Hangman allows remote attackers to inject arbitrary web script or HTML via the letters parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "56074",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/56074"
},
{
"name": "http://packetstormsecurity.org/0907-exploits/tophangman-sqlxss.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/0907-exploits/tophangman-sqlxss.txt"
},
{
"name": "35888",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35888"
},
{
"name": "hangman-index-xss(51883)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51883"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-2889",
"datePublished": "2009-08-20T17:00:00.000Z",
"dateReserved": "2009-08-20T00:00:00.000Z",
"dateUpdated": "2024-08-07T06:07:37.201Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-2886 (GCVE-0-2009-2886)
Vulnerability from cvelistv5 – Published: 2009-08-20 17:00 – Updated: 2024-08-07 06:07
VLAI?
Summary
SQL injection vulnerability in bios.php in PHP Scripts Now President Bios allows remote attackers to execute arbitrary SQL commands via the rank parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Date Public ?
2009-07-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:07:37.192Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "35935",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35935"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.org/0907-exploits/presidentbios-sqlxss.txt"
},
{
"name": "phpscripts-bios-sql-injection(51870)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51870"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-07-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in bios.php in PHP Scripts Now President Bios allows remote attackers to execute arbitrary SQL commands via the rank parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "35935",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35935"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.org/0907-exploits/presidentbios-sqlxss.txt"
},
{
"name": "phpscripts-bios-sql-injection(51870)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51870"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2886",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in bios.php in PHP Scripts Now President Bios allows remote attackers to execute arbitrary SQL commands via the rank parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "35935",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35935"
},
{
"name": "http://packetstormsecurity.org/0907-exploits/presidentbios-sqlxss.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/0907-exploits/presidentbios-sqlxss.txt"
},
{
"name": "phpscripts-bios-sql-injection(51870)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51870"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-2886",
"datePublished": "2009-08-20T17:00:00.000Z",
"dateReserved": "2009-08-20T00:00:00.000Z",
"dateUpdated": "2024-08-07T06:07:37.192Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-2890 (GCVE-0-2009-2890)
Vulnerability from cvelistv5 – Published: 2009-08-20 17:00 – Updated: 2024-08-07 06:07
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in results.php in PHP Scripts Now Riddles allows remote attackers to inject arbitrary web script or HTML via the searchquery parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Date Public ?
2009-07-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:07:37.249Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.org/0907-exploits/riddledepot-sqlxss.txt"
},
{
"name": "riddles-results-xss(51874)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51874"
},
{
"name": "56124",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/56124"
},
{
"name": "35932",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35932"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-07-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in results.php in PHP Scripts Now Riddles allows remote attackers to inject arbitrary web script or HTML via the searchquery parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.org/0907-exploits/riddledepot-sqlxss.txt"
},
{
"name": "riddles-results-xss(51874)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51874"
},
{
"name": "56124",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/56124"
},
{
"name": "35932",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35932"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2890",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in results.php in PHP Scripts Now Riddles allows remote attackers to inject arbitrary web script or HTML via the searchquery parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.org/0907-exploits/riddledepot-sqlxss.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/0907-exploits/riddledepot-sqlxss.txt"
},
{
"name": "riddles-results-xss(51874)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51874"
},
{
"name": "56124",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/56124"
},
{
"name": "35932",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35932"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-2890",
"datePublished": "2009-08-20T17:00:00.000Z",
"dateReserved": "2009-08-20T00:00:00.000Z",
"dateUpdated": "2024-08-07T06:07:37.249Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-2891 (GCVE-0-2009-2891)
Vulnerability from cvelistv5 – Published: 2009-08-20 17:00 – Updated: 2024-08-07 06:07
VLAI?
Summary
SQL injection vulnerability in list.php in PHP Scripts Now Riddles allows remote attackers to execute arbitrary SQL commands via the catid parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Date Public ?
2009-07-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:07:37.283Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.org/0907-exploits/riddledepot-sqlxss.txt"
},
{
"name": "56123",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/56123"
},
{
"name": "35932",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35932"
},
{
"name": "riddles-list-sql-injection(51872)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51872"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-07-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in list.php in PHP Scripts Now Riddles allows remote attackers to execute arbitrary SQL commands via the catid parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.org/0907-exploits/riddledepot-sqlxss.txt"
},
{
"name": "56123",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/56123"
},
{
"name": "35932",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35932"
},
{
"name": "riddles-list-sql-injection(51872)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51872"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2891",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in list.php in PHP Scripts Now Riddles allows remote attackers to execute arbitrary SQL commands via the catid parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.org/0907-exploits/riddledepot-sqlxss.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/0907-exploits/riddledepot-sqlxss.txt"
},
{
"name": "56123",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/56123"
},
{
"name": "35932",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35932"
},
{
"name": "riddles-list-sql-injection(51872)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51872"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-2891",
"datePublished": "2009-08-20T17:00:00.000Z",
"dateReserved": "2009-08-20T00:00:00.000Z",
"dateUpdated": "2024-08-07T06:07:37.283Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}