268191
|
- |
|
andrew_j.korty
|
pam_ssh
|
pam_ssh 1.92 and possibly other versions, as used when PAM is compiled with USE=ssh, generates different error messages depending on whether the username is valid or invalid, which makes it easier fo…
|
CWE-255
Credentials Management
|
CVE-2009-1273
|
2009-05-13 14:27 |
2009-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268192
|
- |
|
cgi_rescue
|
form2mail
|
Unspecified vulnerability in CGI RESCUE FORM2MAIL before 1.42 allows remote attackers to send email to arbitrary recipients via a web form.
|
NVD-CWE-noinfo
|
CVE-2009-1590
|
2009-05-11 13:00 |
2009-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268193
|
- |
|
mitel
|
mitel_nupoint_messenger
|
The server in Mitel NuPoint Messenger R11 and R3 sends usernames and passwords in cleartext to Exchange servers, which allows remote attackers to obtain sensitive information by sniffing the network.
|
CWE-310
Cryptographic Issues
|
CVE-2008-6797
|
2009-05-8 13:00 |
2009-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268194
|
- |
|
phpexplorer
|
phphotogallery
|
Multiple SQL injection vulnerabilities in index.php in phPhotoGallery 0.92 allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields. NOTE: the provenance…
|
CWE-89
SQL Injection
|
CVE-2008-6802
|
2009-05-8 13:00 |
2009-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268195
|
- |
|
cisco
|
wrt54gc
|
Cross-site request forgery (CSRF) vulnerability in administration.cgi on the Cisco Linksys WRT54GC router with firmware 1.05.7 allows remote attackers to hijack the intranet connectivity of arbitrary…
|
CWE-352
Origin Validation Error
|
CVE-2009-1561
|
2009-05-7 13:00 |
2009-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268196
|
- |
|
beltane
|
beltane
|
Cross-site request forgery (CSRF) vulnerability in Beltane before 2.3.11 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. NOTE: the provenance of this…
|
CWE-352
Origin Validation Error
|
CVE-2009-1518
|
2009-05-5 13:00 |
2009-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268197
|
- |
|
abe_timmerman
|
zml.cgi
|
Directory traversal vulnerability in zml.cgi allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
|
NVD-CWE-Other
|
CVE-2001-1209
|
2009-04-30 13:08 |
2001-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268198
|
- |
|
gecad
|
axigen_mail_server
|
Cross-site scripting (XSS) vulnerability in the web mail interface feature in AXIGEN Mail Server 6.2.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving…
|
CWE-79
Cross-site Scripting
|
CVE-2009-1484
|
2009-04-30 03:30 |
2009-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268199
|
- |
|
apache
|
tiles
|
Apache Tiles 2.1 before 2.1.2, as used in Apache Struts and other products, evaluates Expression Language (EL) expressions twice in certain circumstances, which allows remote attackers to conduct cro…
|
NVD-CWE-Other
|
CVE-2009-1275
|
2009-04-29 14:29 |
2009-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268200
|
- |
|
mpg123
|
mpg123
|
Integer signedness error in the store_id3_text function in the ID3v2 code in mpg123 before 1.7.2 allows remote attackers to cause a denial of service (out-of-bounds memory access) and possibly execut…
|
CWE-189
Numeric Errors
|
CVE-2009-1301
|
2009-04-29 14:29 |
2009-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|