|
271271
|
- |
|
microsoft
|
internet_information_services
|
The undocumented TRACK method in Microsoft Internet Information Services (IIS) 5.0 returns the content of the original request in the body of the response, which makes it easier for remote attackers …
|
CWE-200
Information Exposure
|
CVE-2003-1567
|
2009-01-16 14:00 |
2009-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271272
|
- |
|
punbb
|
punbb
|
Cross-site scripting (XSS) vulnerability in moderate.php in PunBB before 1.3.1 allows remote attackers to inject arbitrary web script or HTML via a topic subject.
|
CWE-79
Cross-site Scripting
|
CVE-2008-5435
|
2009-01-15 15:33 |
2008-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271273
|
- |
|
goople_cms
|
goople_cms
|
SQL injection vulnerability in frontpage.php in Goople CMS 1.8.2 allows remote attackers to execute arbitrary SQL commands via the password parameter. NOTE: the provenance of this information is unk…
|
CWE-89
SQL Injection
|
CVE-2009-0121
|
2009-01-15 14:00 |
2009-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271274
|
- |
|
injader
|
injader
|
Cross-site scripting (XSS) vulnerability in the profile editing functionality in Injader before 2.1.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: so…
|
CWE-79
Cross-site Scripting
|
CVE-2008-5891
|
2009-01-13 05:00 |
2009-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271275
|
- |
|
intel
|
trusted_execution_technology
|
Multiple unspecified vulnerabilities in Intel system software for Trusted Execution Technology (TXT) allow attackers to bypass intended loader integrity protections, as demonstrated by exploitation o…
|
NVD-CWE-noinfo
|
CVE-2009-0066
|
2009-01-8 14:00 |
2009-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271276
|
- |
|
sun
|
opensolaris
solaris
|
The name service cache daemon (nscd) in Sun Solaris 10 and OpenSolaris snv_50 through snv_104 does not properly check permissions, which allows local users to gain privileges and obtain sensitive inf…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-5699
|
2009-01-6 15:02 |
2008-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271277
|
- |
|
fujitsu-siemens
|
webtransactions
|
Multiple cross-site scripting (XSS) vulnerabilities in Fujitsu-Siemens WebTransactions 7.0, 7.1, and possibly other versions allow remote attackers to inject arbitrary web script or HTML via vectors …
|
CWE-79
Cross-site Scripting
|
CVE-2008-5842
|
2009-01-6 14:00 |
2009-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271278
|
- |
|
ibm
|
aix
|
enq in bos.rte.printers in IBM AIX 6.1.0 through 6.1.2, when a print queue is defined in /etc/qconfig, allows local users to delete arbitrary files via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-5385
|
2008-12-17 15:40 |
2008-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271279
|
- |
|
ibm
|
aix
|
Buffer overflow in ndp in IBM AIX 6.1.0 through 6.1.2, when the netcd daemon is running, allows local users to gain privileges via unspecified vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-5386
|
2008-12-17 15:40 |
2008-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271280
|
- |
|
magnolia
|
ce
|
ActivationHandler in Magnolia CE 3.5.x before 3.5.4 does not check permissions during importing, which allows remote attackers to have an unknown impact via activation of a new item, possibly involvi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-0701
|
2008-12-17 15:24 |
2008-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
