|
276011
|
- |
|
mozilla
|
bugzilla
|
token.cgi in Bugzilla 3.4rc1 through 3.4.1 places a password in a URL at the beginning of a login session that occurs immediately after a password reset, which allows context-dependent attackers to d…
|
CWE-255
Credentials Management
|
CVE-2009-3166
|
2009-09-19 14:32 |
2009-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276012
|
- |
|
apple
|
mac_os_x
mac_os_x_server
java_1.4
java_1.5
java_1.6
|
Stack-based buffer overflow in the Java Web Start command launcher in Java for Mac OS X 10.5 before Update 5 allows attackers to execute arbitrary code or cause a denial of service (application crash…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-2205
|
2009-09-19 14:30 |
2009-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276013
|
- |
|
intertwingly
|
planet
planet_venus
|
Cross-site scripting (XSS) vulnerability in Planet 2.0 and Planet Venus allows remote attackers to inject arbitrary web script or HTML via the SRC attribute of an IMG element in a feed.
|
CWE-79
Cross-site Scripting
|
CVE-2009-2937
|
2009-09-18 19:30 |
2009-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276014
|
- |
|
ohwada
|
xf-section
|
Cross-site scripting (XSS) vulnerability in the Happy Linux XF-Section module 1.12a for XOOPS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2009-3240
|
2009-09-18 19:30 |
2009-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276015
|
- |
|
punbb
|
punbb
|
Cross-site request forgery (CSRF) vulnerability in PunBB before 1.2.17 allows remote attackers to hijack the authentication of unspecified users for requests related to a logout, probably a forced lo…
|
CWE-352
Origin Validation Error
|
CVE-2008-7241
|
2009-09-18 13:00 |
2009-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276016
|
- |
|
cameron_morland
|
changetrack
|
changetrack 4.3 allows local users to execute arbitrary commands via CRLF sequences and shell metacharacters in a filename in a directory that is checked by changetrack.
|
CWE-78
OS Command
|
CVE-2009-3233
|
2009-09-17 19:30 |
2009-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276017
|
- |
|
sun
|
opensolaris
solaris
|
Unspecified vulnerability in the TCP/IP networking stack in Sun Solaris 10, and OpenSolaris snv_01 through snv_82 and snv_111 through snv_117, when a Cassini GigaSwift Ethernet Adapter (aka CE) inter…
|
NVD-CWE-noinfo
|
CVE-2009-2136
|
2009-09-17 14:26 |
2009-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276018
|
- |
|
sun
|
opensolaris
solaris
|
Per http://sunsolve.sun.com/search/document.do?assetkey=1-66-257008-1
"Note 2: A system is only vulnerable to this issue if it is using a GigaSwift Ethernet Adapter (CE) interface (ce(7D)) which h…
|
NVD-CWE-noinfo
|
CVE-2009-2136
|
2009-09-17 14:26 |
2009-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276019
|
- |
|
almondsoft
|
almond_classifieds
|
Multiple cross-site scripting (XSS) vulnerabilities in AlmondSoft Almond Classifieds Wap and Pro, and possibly Almond Affiliate Network Classifieds, allow remote attackers to inject arbitrary web scr…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3225
|
2009-09-17 13:00 |
2009-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276020
|
- |
|
almondsoft
|
affiliate_network_classifieds
almond_classifieds
|
SQL injection vulnerability in index.php in AlmondSoft Almond Classifieds Ads Enterprise and Almond Affiliate Network Classifieds allows remote attackers to execute arbitrary SQL commands via the rep…
|
CWE-89
SQL Injection
|
CVE-2009-3226
|
2009-09-17 13:00 |
2009-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
