270991
|
- |
|
drupal
|
nodeaccess_userreference
|
The Node Access User Reference module 5.x before 5.x-2.0-beta4 and 6.x before 6.x-2.0-beta6, a module for Drupal, interprets an empty CCK user reference as a reference to the anonymous user, which mi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-1507
|
2009-05-13 14:28 |
2009-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270992
|
- |
|
r020
|
tematres
|
Multiple SQL injection vulnerabilities in TemaTres 1.031, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) id_correo_electronico and (2) id_pass…
|
CWE-89
SQL Injection
|
CVE-2009-1585
|
2009-05-13 14:28 |
2009-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270993
|
- |
|
hp
|
openview_network_node_manager
|
Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via unknown vectors.
|
NVD-CWE-noinfo CWE-94
Code Injection
|
CVE-2009-0720
|
2009-05-13 14:27 |
2009-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270994
|
- |
|
mpfr
|
gnu_mpfr
|
Multiple buffer overflows in GNU MPFR 2.4.0 allow context-dependent attackers to cause a denial of service (crash) via the (1) mpfr_snprintf and (2) mpfr_vsnprintf functions.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-0757
|
2009-05-13 14:27 |
2009-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270995
|
- |
|
andrew_j.korty
|
pam_ssh
|
pam_ssh 1.92 and possibly other versions, as used when PAM is compiled with USE=ssh, generates different error messages depending on whether the username is valid or invalid, which makes it easier fo…
|
CWE-255
Credentials Management
|
CVE-2009-1273
|
2009-05-13 14:27 |
2009-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270996
|
- |
|
cgi_rescue
|
form2mail
|
Unspecified vulnerability in CGI RESCUE FORM2MAIL before 1.42 allows remote attackers to send email to arbitrary recipients via a web form.
|
NVD-CWE-noinfo
|
CVE-2009-1590
|
2009-05-11 13:00 |
2009-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270997
|
- |
|
mitel
|
mitel_nupoint_messenger
|
The server in Mitel NuPoint Messenger R11 and R3 sends usernames and passwords in cleartext to Exchange servers, which allows remote attackers to obtain sensitive information by sniffing the network.
|
CWE-310
Cryptographic Issues
|
CVE-2008-6797
|
2009-05-8 13:00 |
2009-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270998
|
- |
|
phpexplorer
|
phphotogallery
|
Multiple SQL injection vulnerabilities in index.php in phPhotoGallery 0.92 allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields. NOTE: the provenance…
|
CWE-89
SQL Injection
|
CVE-2008-6802
|
2009-05-8 13:00 |
2009-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270999
|
- |
|
cisco
|
wrt54gc
|
Cross-site request forgery (CSRF) vulnerability in administration.cgi on the Cisco Linksys WRT54GC router with firmware 1.05.7 allows remote attackers to hijack the intranet connectivity of arbitrary…
|
CWE-352
Origin Validation Error
|
CVE-2009-1561
|
2009-05-7 13:00 |
2009-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271000
|
- |
|
beltane
|
beltane
|
Cross-site request forgery (CSRF) vulnerability in Beltane before 2.3.11 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. NOTE: the provenance of this…
|
CWE-352
Origin Validation Error
|
CVE-2009-1518
|
2009-05-5 13:00 |
2009-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|