|
271471
|
- |
|
typo3
|
ttpedit
|
SQL injection vulnerability in the TT_Products editor (ttpedit) extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2010-0338
|
2011-02-1 14:00 |
2010-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271472
|
- |
|
phpmyadmin
|
phpmyadmin
|
libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 uses predictable filenames for temporary files, which has unknown impact and attack vectors.
|
CWE-310
Cryptographic Issues
|
CVE-2008-7252
|
2011-01-28 14:00 |
2010-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271473
|
- |
|
php
|
php
|
Multiple format string vulnerabilities in the phar extension in PHP 5.3 before 5.3.2 allow context-dependent attackers to obtain sensitive information (memory contents) and possibly execute arbitrary…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2010-2094
|
2011-01-26 15:48 |
2010-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271474
|
- |
|
ibm
openafs
|
afs
openafs
|
The cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58, and IBM AFS 3.6 before Patch 19, on Linux allows remote attackers to cause a denial of service (system crash) vi…
|
CWE-189
Numeric Errors
|
CVE-2009-1250
|
2011-01-26 15:35 |
2009-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271475
|
- |
|
unix
openafs
|
unix
openafs
|
Heap-based buffer overflow in the cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58 on Unix platforms allows remote attackers to cause a denial of service (system cras…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-1251
|
2011-01-26 15:35 |
2009-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271476
|
- |
|
typsoft
|
typsoft_ftp_server
|
Typsoft FTP Server 1.11, with "Sub Directory Include" enabled, allows remote attackers to cause a denial of service (crash) by sending multiple RETR commands. NOTE: it was later reported that 1.10 i…
|
CWE-399
Resource Management Errors
|
CVE-2005-3294
|
2011-01-26 14:00 |
2005-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271477
|
- |
|
xfig
|
xfig
|
Stack consumption vulnerability in u_bound.c in Xfig 3.2.5b and earlier allows remote attackers to cause a denial of service (application crash) via a long string in a malformed .fig file that uses t…
|
CWE-399
Resource Management Errors
|
CVE-2009-4228
|
2011-01-20 15:37 |
2009-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271478
|
- |
|
io-socket-ssl
|
io-socket-ssl
|
The verify_hostname_of_cert function in the certificate checking feature in IO-Socket-SSL (IO::Socket::SSL) 1.14 through 1.25 only matches the prefix of a hostname when no wildcard is used, which all…
|
CWE-310
Cryptographic Issues
|
CVE-2009-3024
|
2011-01-20 15:35 |
2009-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271479
|
- |
|
wordpress
|
wordpress
|
WordPress 2.9 before 2.9.2 allows remote authenticated users to read trash posts from other authors via a direct request with a modified p parameter.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-0682
|
2011-01-19 15:55 |
2010-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271480
|
- |
|
phpf1
|
max\'s_image_uploader
|
Unrestricted file upload vulnerability in maxImageUpload/index.php in PHP F1 Max's Image Uploader 1.0, when Apache is not configured to handle the mime-type for files with pjpeg or jpeg extensions, a…
|
NVD-CWE-Other
|
CVE-2010-0390
|
2011-01-12 14:00 |
2010-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
