|
276001
|
- |
|
phpspot
|
php_\&_css_bbs
php_bbs
php_bbs_ce
php_image_capture_bbs
php_rss_builder
webshot
|
Directory traversal vulnerability in phpspot PHP BBS, PHP Image Capture BBS, PHP & CSS BBS, PHP BBS CE, PHP_RSS_Builder, and webshot, dated before 20090914, allows remote attackers to read arbitrary …
|
CWE-22
Path Traversal
|
CVE-2009-3284
|
2009-09-24 13:00 |
2009-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276002
|
- |
|
phpspot
|
php_\&_css_bbs
php_bbs
php_bbs_ce
php_image_capture_bbs
php_rss_builder
webshot
|
Cross-site scripting (XSS) vulnerability in phpspot PHP BBS, PHP Image Capture BBS, PHP & CSS BBS, PHP BBS CE, PHP_RSS_Builder, and webshot, dated before 20090914, allows remote attackers to inject a…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3283
|
2009-09-22 19:30 |
2009-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276003
|
- |
|
macournoyer
|
thin
|
lib/thin/connection.rb in Thin web server before 1.2.4 relies on the X-Forwarded-For header to determine the IP address of the client, which allows remote attackers to spoof the IP address and hide a…
|
CWE-20
Improper Input Validation
|
CVE-2009-3287
|
2009-09-22 19:30 |
2009-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276004
|
- |
|
ibm
|
websphere_mq
|
Unspecified vulnerability in the rriDecompress function in IBM WebSphere MQ 7.0.0.0, 7.0.0.1, and 7.0.0.2 allows remote attackers to cause a denial of service via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2009-3159
|
2009-09-22 14:27 |
2009-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276005
|
- |
|
ibm
|
websphere_mq
|
The server in IBM WebSphere MQ 7.0.0.1, 7.0.0.2, and 7.0.1.0 allows attackers to cause a denial of service (trap) or possibly have unspecified other impact via malformed data.
|
NVD-CWE-noinfo
|
CVE-2009-3161
|
2009-09-22 14:27 |
2009-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276006
|
- |
|
livestreet
|
livestreet
|
update/update_0.1.2_to_0.2.php in LiveStreet 0.2 does not require administrative authentication, which allows remote attackers to perform DROP TABLE operations via unspecified vectors.
|
CWE-287
Improper Authentication
|
CVE-2009-3261
|
2009-09-22 13:00 |
2009-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276007
|
- |
|
livestreet
|
livestreet
|
Cross-site scripting (XSS) vulnerability in include/ajax/blogInfo.php in LiveStreet 0.2 allows remote attackers to inject arbitrary web script or HTML via the URI, as demonstrated by a SCRIPT element…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3256
|
2009-09-21 13:00 |
2009-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276008
|
- |
|
livestreet
|
livestreet
|
Cross-site scripting (XSS) vulnerability in LiveStreet 0.2 allows remote attackers to inject arbitrary web script or HTML via the header of the topic in a comment.
|
CWE-79
Cross-site Scripting
|
CVE-2009-3260
|
2009-09-21 13:00 |
2009-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276009
|
- |
|
ibm
|
tivoli_identity_manager
|
Cross-site scripting (XSS) vulnerability in the Self Service UI (SSUI) in IBM Tivoli Identity Manager (ITIM) 5.0.0.5 allows remote authenticated users to inject arbitrary web script or HTML via the l…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3262
|
2009-09-21 13:00 |
2009-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276010
|
- |
|
ibm
|
tivoli_identity_manager
|
Per http://www-01.ibm.com/support/docview.wss?uid=swg1IZ54747
A fix is available
IBM Tivoli Identity Manager, ver 5.0, Interim Fix 5.0.0.6-TIV-TIM-IF0031
|
CWE-79
Cross-site Scripting
|
CVE-2009-3262
|
2009-09-21 13:00 |
2009-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
