Seyed Behzad Shaghasemi

Researcher fromDeltaHacking.Net
#9454of 53,633
29.3Total CVSS
Vulnerabilities · 4
Medium
1
High
3
PT-2009-5254
9.3
2009-08-20
Pandoratv · Mplayer · CVE-2009-2896
Name of the Vulnerable Software and Affected Versions: KMplayer versions 2.9.4.1433 and earlier Description: The issue allows remote attackers to cause a denial of service or execute arbitrary code via a long string in a subtitle (.srt) playlist file. Recommendations: For KMplayer versions 2.9.4.1433 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2009-1862
7.5
2009-03-02
Remedia · Rae Media Contact Management · CVE-2008-6389
Name of the Vulnerable Software and Affected Versions: Rae Media Contact Management Software versions SOHO, Standard, and Enterprise Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `Password` parameter in the asadmin/default.asp file. Recommendations: For Rae Media Contact Management Software versions SOHO, Standard, and Enterprise, consider restricting access to the asadmin/default.asp file until a patch is available. As a temporary workaround, avoid using the `Password` parameter in the affected file to minimize the risk of exploitation.
PT-2009-1587
5.0
2009-02-11
Ez · Ez Ringtone Manager · CVE-2008-6112
**Name of the Vulnerable Software and Affected Versions** Ez Ringtone Manager (affected versions not specified) **Description** The issue concerns multiple directory traversal vulnerabilities. These vulnerabilities allow remote attackers to read arbitrary files by utilizing a .. (dot dot) in the `id` parameter within a detail action to API endpoints such as "main.php" and "template.php" in the "ringtones/" directory. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2008-6651
7.5
2008-12-16
Kalptaru Infotech · Kalptaru Infotech Product Sale Framework · CVE-2008-5590
**Name of the Vulnerable Software and Affected Versions** Kalptaru Infotech Product Sale Framework version 0.1 beta **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `forum topic id` parameter in the customer.forumtopic.php file. **Recommendations** For Kalptaru Infotech Product Sale Framework version 0.1 beta, consider restricting access to the customer.forumtopic.php file until a patch is available, and avoid using the `forum topic id` parameter in this context to minimize the risk of exploitation.