|
276201
|
- |
|
scriptsez
|
ez_php_comment
|
Cross-site scripting (XSS) vulnerability in ScriptsEz Ez PHP Comment allows remote attackers to inject arbitrary web script or HTML via the name parameter. NOTE: the provenance of this information i…
|
CWE-79
Cross-site Scripting
|
CVE-2009-0762
|
2009-03-6 15:50 |
2009-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276202
|
- |
|
bookelves
|
kipper
|
Directory traversal vulnerability in default.php in Kipper 2.01 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the configfile parameter. NO…
|
CWE-22
Path Traversal
|
CVE-2009-0766
|
2009-03-6 15:50 |
2009-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276203
|
- |
|
berkeley
|
boinc_client
|
The decrypt_public function in lib/crypt.cpp in the client in Berkeley Open Infrastructure for Network Computing (BOINC) 6.2.14 and 6.4.5 does not check the return value from the OpenSSL RSA_public_d…
|
CWE-287
Improper Authentication
|
CVE-2009-0126
|
2009-03-6 15:49 |
2009-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276204
|
- |
|
xchat
|
xchat
|
Untrusted search path vulnerability in the Python module in xchat allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerabil…
|
NVD-CWE-Other
|
CVE-2009-0315
|
2009-03-6 15:49 |
2009-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276205
|
- |
|
vivvo
|
vivvo
|
Cross-site scripting (XSS) vulnerability in Vivvo CMS before 4.1.1 allows remote attackers to inject arbitrary web script or HTML via a URI that triggers a 404 Page Not Found response.
|
CWE-79
Cross-site Scripting
|
CVE-2009-0466
|
2009-03-6 15:49 |
2009-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276206
|
- |
|
devil
|
developers_image_library
|
Multiple stack-based buffer overflows in the iGetHdrHeader function in src-IL/src/il_hdr.c in DevIL 1.7.4 allow context-dependent attackers to execute arbitrary code via a crafted Radiance RGBE file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-5262
|
2009-03-6 15:46 |
2009-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276207
|
- |
|
dotnetnuke
|
dotnetnuke
|
Unspecified vulnerability in DotNetNuke 4.5.2 through 4.9 allows remote attackers to "add additional roles to their user account" via unknown attack vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6399
|
2009-03-6 14:00 |
2009-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276208
|
- |
|
mihai_bazon
|
pical
|
Cross-site scripting (XSS) vulnerability in piCal 0.91h and earlier, a module for XOOPS, allows remote attackers to inject arbitrary web script or HTML via the event_id parameter in index.php.
|
CWE-79
Cross-site Scripting
|
CVE-2009-0805
|
2009-03-5 14:00 |
2009-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276209
|
- |
|
opengoo
|
opengoo
|
Unspecified vulnerability in OpenGoo before 1.2.1 allows remote authenticated users to modify their own permissions via unknown attack vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-0806
|
2009-03-5 14:00 |
2009-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276210
|
- |
|
php.brickhost
|
phpscheduleit
|
Multiple eval injection vulnerabilities in phpScheduleIt before 1.2.11 allow remote attackers to execute arbitrary code via (1) the end_date parameter to reserve.php and (2) the start_date and end_da…
|
CWE-94
Code Injection
|
CVE-2009-0820
|
2009-03-5 14:00 |
2009-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
