|
275691
|
- |
|
bpowerhouse
|
bpholidaylettings
|
Multiple SQL injection vulnerabilities in search.aspx in BPowerHouse BPHolidayLettings 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) rid and (2) tid parameters.
|
CWE-89
SQL Injection
|
CVE-2009-3503
|
2009-10-1 13:00 |
2009-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275692
|
- |
|
alibabaclone
|
alibaba_clone
|
SQL injection vulnerability in offers_buy.php in Alibaba Clone 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2009-3504
|
2009-10-1 13:00 |
2009-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275693
|
- |
|
henriksjokvist
|
markdown_preview
|
Cross-site scripting (XSS) vulnerability in the live preview feature in the Markdown Preview module 6.x for Drupal allows remote attackers to inject arbitrary web script or HTML via "Markdown input."
|
CWE-79
Cross-site Scripting
|
CVE-2009-3437
|
2009-09-30 13:00 |
2009-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275694
|
- |
|
apple
|
safari
|
Apple Safari, possibly before 4.0.3, on Mac OS X does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-mi…
|
CWE-310
Cryptographic Issues
|
CVE-2009-3455
|
2009-09-30 13:00 |
2009-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275695
|
- |
|
google
|
chrome
|
Google Chrome, possibly 3.0.195.21 and earlier, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-mid…
|
CWE-310
Cryptographic Issues
|
CVE-2009-3456
|
2009-09-30 13:00 |
2009-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275696
|
- |
|
internet2
|
shibboleth-sp
|
Internet2 Shibboleth Service Provider software 1.3.x before 1.3.3 and 2.x before 2.2.1, when using PKIX trust validation, does not properly handle a '\0' character in the subject or subjectAltName fi…
|
CWE-310
Cryptographic Issues
|
CVE-2009-3475
|
2009-09-30 13:00 |
2009-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275697
|
- |
|
steve_lockwood
|
node2node
|
Multiple unspecified vulnerabilities in the Node2Node module for Drupal have unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2009-3353
|
2009-09-29 13:00 |
2009-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275698
|
- |
|
fastballproductions
|
com_fastball
|
SQL injection vulnerability in the Fastball (com_fastball) component 1.1.0 through 1.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the league parameter to index.php.
|
CWE-89
SQL Injection
|
CVE-2009-3443
|
2009-09-29 13:00 |
2009-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275699
|
- |
|
code-crafters
|
ability_mail_server
|
Unspecified vulnerability in Code-Crafters Ability Mail Server before 2.70 allows remote attackers to cause a denial of service (daemon crash) via an IMAP4 FETCH command.
|
NVD-CWE-noinfo
|
CVE-2009-3445
|
2009-09-29 13:00 |
2009-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275700
|
- |
|
mcafee
|
email_and_web_security_appliance
|
Unspecified vulnerability in McAfee Email and Web Security Appliance 5.1 VMtrial allows remote attackers to read arbitrary files via unknown vectors, as demonstrated by a certain module in VulnDisco …
|
NVD-CWE-noinfo
|
CVE-2009-3339
|
2009-09-28 13:00 |
2009-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
