270971
|
- |
|
cisco
|
wrt54gc
|
Cross-site request forgery (CSRF) vulnerability in administration.cgi on the Cisco Linksys WRT54GC router with firmware 1.05.7 allows remote attackers to hijack the intranet connectivity of arbitrary…
|
CWE-352
Origin Validation Error
|
CVE-2009-1561
|
2009-05-7 13:00 |
2009-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270972
|
- |
|
beltane
|
beltane
|
Cross-site request forgery (CSRF) vulnerability in Beltane before 2.3.11 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. NOTE: the provenance of this…
|
CWE-352
Origin Validation Error
|
CVE-2009-1518
|
2009-05-5 13:00 |
2009-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270973
|
- |
|
abe_timmerman
|
zml.cgi
|
Directory traversal vulnerability in zml.cgi allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
|
NVD-CWE-Other
|
CVE-2001-1209
|
2009-04-30 13:08 |
2001-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270974
|
- |
|
gecad
|
axigen_mail_server
|
Cross-site scripting (XSS) vulnerability in the web mail interface feature in AXIGEN Mail Server 6.2.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving…
|
CWE-79
Cross-site Scripting
|
CVE-2009-1484
|
2009-04-30 03:30 |
2009-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270975
|
- |
|
apache
|
tiles
|
Apache Tiles 2.1 before 2.1.2, as used in Apache Struts and other products, evaluates Expression Language (EL) expressions twice in certain circumstances, which allows remote attackers to conduct cro…
|
NVD-CWE-Other
|
CVE-2009-1275
|
2009-04-29 14:29 |
2009-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270976
|
- |
|
mpg123
|
mpg123
|
Integer signedness error in the store_id3_text function in the ID3v2 code in mpg123 before 1.7.2 allows remote attackers to cause a denial of service (out-of-bounds memory access) and possibly execut…
|
CWE-189
Numeric Errors
|
CVE-2009-1301
|
2009-04-29 14:29 |
2009-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270977
|
- |
|
mahara
|
mahara
|
Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.0.x before 1.0.11 and 1.1.x before 1.1.3 allow remote attackers to inject arbitrary web script or HTML via (1) the introduction field i…
|
CWE-79
Cross-site Scripting
|
CVE-2009-0664
|
2009-04-29 14:28 |
2009-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270978
|
- |
|
hp
|
storage_essentials
|
Unspecified vulnerability in Secure NaviCLI in HP Storage Essentials 6.0.2 through 6.0.4 allows remote authenticated users to obtain "access" or "extended privileges" via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2009-0715
|
2009-04-29 14:28 |
2009-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270979
|
- |
|
novell
|
access_manager
|
Novell Access Manager 3 SP4 does not properly expire X.509 certificate sessions, which allows physically proximate attackers to obtain a logged-in session by using a victim's web-browser process that…
|
CWE-200
Information Exposure
|
CVE-2008-6722
|
2009-04-29 14:27 |
2009-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270980
|
- |
|
cisco
|
adaptive_security_appliance_5500 pix
|
Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.1(1) through 7.1(2)82, 7.2 before 7.2(4)27, 8.0 before 8.0(4)25, and 8.1 before 8.1(2)15, when AAA override-account-…
|
CWE-287
Improper Authentication
|
CVE-2009-1155
|
2009-04-28 14:39 |
2009-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|