CVE-2009-0394
published 2009-02-03CVE-2009-0394: SQL injection vulnerability in login.php in Pre Lecture Exercises (PLEs) CMS 1.0 beta 4.2 allows remote attackers to execute arbitrary SQL commands via the…
PriorityP341high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
0.95%
56.8th percentile
SQL injection vulnerability in login.php in Pre Lecture Exercises (PLEs) CMS 1.0 beta 4.2 allows remote attackers to execute arbitrary SQL commands via the school parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ple_cms | ple_cms | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Bugzilla
CVE-2009-1093 OpenJDK remote LDAP Denial-Of-Service (6717680)
bugzilla·2009-03-13·CVSS 5.0
CVE-2009-1093 [MEDIUM] CVE-2009-1093 OpenJDK remote LDAP Denial-Of-Service (6717680)
CVE-2009-1093 OpenJDK remote LDAP Denial-Of-Service (6717680)
The LdapCtx in the LDAP service in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) does not close the connection when initialization fails, which allows remote attackers to cause a denial of service (LDAP service hang).
5.0 Update 17 and earlier;
6 Update 12 and earlier;
SDK and JRE 1.3.1_24 and earlier;
and 1.4.2_19 and earlier
Discussion:
This issue has been addressed in following products:
Extras for RHEL 4
Extras for Red Hat Enterprise Linux 5
Via RHSA-2009:0392 https://rhn.redhat.com/errata/RHSA-2009-0392.html
---
This issue has been addressed in following products:
Extras for RHEL 4
Extras for Red Hat Enterprise Linux 5
Via RHSA-2009:0394 https://rhn.redhat.com/errata/RHSA-2009-0394.html
---
Th
Bugzilla
CVE-2009-1094 OpenJDK LDAP client remote code execution (6737315)
bugzilla·2009-03-13·CVSS 10.0
CVE-2009-1094 [CRITICAL] CVE-2009-1094 OpenJDK LDAP client remote code execution (6737315)
CVE-2009-1094 OpenJDK LDAP client remote code execution (6737315)
An unspecified vulnerability in the LDAP implementation in Java SE
Development Kit (JDK) and Java Runtime Environment (JRE) allows remote LDAP servers to execute arbitrary code via unknown vectors related to serialized data.
5.0 Update 17 and earlier;
6 Update 12 and earlier;
SDK and JRE 1.3.1_24 and earlier;
and 1.4.2_19 and earlier
Discussion:
This issue has been addressed in following products:
Extras for RHEL 4
Extras for Red Hat Enterprise Linux 5
Via RHSA-2009:0392 https://rhn.redhat.com/errata/RHSA-2009-0392.html
---
This issue has been addressed in following products:
Extras for RHEL 4
Extras for Red Hat Enterprise Linux 5
Via RHSA-2009:0394 https://rhn.redhat.com/errata/RHSA-2009-0394.html
---
This issue
Bugzilla
CVE-2009-1098 OpenJDK GIF processing buffer overflow vulnerability (6804998)
bugzilla·2009-03-13·CVSS 9.3
CVE-2009-1098 [CRITICAL] CVE-2009-1098 OpenJDK GIF processing buffer overflow vulnerability (6804998)
CVE-2009-1098 OpenJDK GIF processing buffer overflow vulnerability (6804998)
Buffer overflow in Java SE Development Kit (JDK) and Java Runtime
Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier;
1.4.2_19 and earlier; and 1.3.1_24 and earlier allows remote attackers
to access files or execute arbitrary code via a crafted GIF image, aka
CR 6804998.
Discussion:
This issue has been addressed in following products:
Extras for RHEL 4
Extras for Red Hat Enterprise Linux 5
Via RHSA-2009:0392 https://rhn.redhat.com/errata/RHSA-2009-0392.html
---
This issue has been addressed in following products:
Extras for RHEL 4
Extras for Red Hat Enterprise Linux 5
Via RHSA-2009:0394 https://rhn.redhat.com/errata/RHSA-2009-0394.html
---
This issue has been addressed in following pro
2009-02-03
Published