|
275621
|
- |
|
mauro_lorenzutti
|
wfqbe
|
Unspecified vulnerability in the DB Integration (wfqbe) extension 1.3.1 and earlier for TYPO3 allows local users to execute arbitrary commands via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2009-4162
|
2009-12-3 14:00 |
2009-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275622
|
- |
|
simple_glossar
|
simple_glossar
|
Cross-site scripting (XSS) vulnerability in the simple Glossar (simple_glossar) extension 1.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified ve…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4164
|
2009-12-3 14:00 |
2009-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275623
|
- |
|
simple_glossar
|
simple_glossar
|
SQL injection vulnerability in the simple Glossar (simple_glossar) extension 1.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2009-4165
|
2009-12-3 14:00 |
2009-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275624
|
- |
|
michal_hadr
|
mchtrips
|
SQL injection vulnerability in the Trips (mchtrips) extension 2.0.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2009-4166
|
2009-12-3 14:00 |
2009-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275625
|
- |
|
scriptlerim
|
radio_isetek_scripti
|
RADIO istek scripti 2.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain user credentials via a direct request for estafresgaf…
|
CWE-255
Credentials Management
|
CVE-2009-4096
|
2009-12-2 14:00 |
2009-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275626
|
- |
|
robo-ftp
|
robo-ftp
|
Buffer overflow in Robo-FTP 3.6.17, and possibly other versions, allows remote FTP servers to cause a denial of service and possibly execute arbitrary code via unspecified FTP server responses. NOTE…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-4103
|
2009-11-30 14:00 |
2009-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275627
|
- |
|
dotnetnuke
|
dotnetnuke
|
The install wizard in DotNetNuke 4.0 through 5.1.4 does not prevent anonymous users from accessing functionality related to determination of the need for an upgrade, which allows remote attackers to …
|
CWE-200
Information Exposure
|
CVE-2009-4109
|
2009-11-30 14:00 |
2009-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275628
|
- |
|
gforge
|
gforge
|
Cross-site scripting (XSS) vulnerability in www/help/tracker.php in GForge 4.5.14, 4.7 rc2, and 4.8.1 allows remote attackers to inject arbitrary web script or HTML via the helpname parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-3303
|
2009-11-25 02:30 |
2009-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275629
|
- |
|
gforge
|
gforge
|
Multiple cross-site scripting (XSS) vulnerabilities in GForge 4.5.14, 4.7.3, and possibly other versions allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4069
|
2009-11-25 02:30 |
2009-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275630
|
- |
|
gforge
|
gforge
|
SQL injection vulnerability in GForge 4.5.14, 4.7.3, and possibly other versions allows remote attackers to execute arbitrary SQL commands via unknown vectors.
|
CWE-89
SQL Injection
|
CVE-2009-4070
|
2009-11-25 02:30 |
2009-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
