|
274281
|
- |
|
drupal
|
comment_upload_module
|
The Comment Upload 4.7.x before 4.7.x-0.1 and 5.x before 5.x-0.1 module for Drupal does not properly use functions in the upload module, which allows remote attackers to bypass upload validation, and…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-0569
|
2011-03-8 12:04 |
2008-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274282
|
- |
|
drupal
|
openid
|
The OpenID 5.x-1.0 and earlier module for Drupal does not properly verify the claimed_id returned by an OpenID provider, which allows remote OpenID providers to spoof OpenID authentication for domain…
|
CWE-20
Improper Input Validation
|
CVE-2008-0570
|
2011-03-8 12:04 |
2008-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274283
|
- |
|
drupal
|
userpoints_module
|
The point moderation form in the Userpoints 4.7.x before 4.7.x-2.3, 5.x-2 before 5.x-2.16, and 5.x-3 before 5.x-3.3 module for Drupal does not follow Drupal's Forms API submission model, which allows…
|
CWE-352
Origin Validation Error
|
CVE-2008-0571
|
2011-03-8 12:04 |
2008-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274284
|
- |
|
drupal
|
project_issue_tracking_module
|
Cross-site scripting (XSS) vulnerability in the Project Issue Tracking module 5.x-2.x-dev before 20080130 in the 5.x-2.x series, 5.x-1.2 and earlier in the 5.x-1.x series, 4.7.x-2.6 and earlier in th…
|
CWE-79
Cross-site Scripting
|
CVE-2008-0576
|
2011-03-8 12:04 |
2008-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274285
|
- |
|
drupal
|
project_issue_tracking_module
|
The Project Issue Tracking module 5.x-2.x-dev before 20080130 in the 5.x-2.x series, 5.x-1.2 and earlier in the 5.x-1.x series, 4.7.x-2.6 and earlier in the 4.7.x-2.x series, and 4.7.x-1.6 and earlie…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-0577
|
2011-03-8 12:04 |
2008-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274286
|
- |
|
apple
|
mac_os_x
|
X11 in Apple Mac OS X 10.5 through 10.5.1 does not properly handle when the "Allow connections from network client" preference is disabled, which allows remote attackers to bypass intended access res…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-0037
|
2011-03-8 12:03 |
2008-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274287
|
- |
|
apple
|
mac_os_x
|
Launch Services in Apple Mac OS X 10.5 through 10.5.1 allows an uninstalled application to be launched if it is in a Time Machine backup, which might allow local users to bypass intended security res…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-0038
|
2011-03-8 12:03 |
2008-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274288
|
- |
|
apple
|
mail
|
Unspecified vulnerability in Mail in Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary commands via a crafted file:// URL.
|
CWE-94
Code Injection
|
CVE-2008-0039
|
2011-03-8 12:03 |
2008-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274289
|
- |
|
apple
|
mac_os_x
|
Unspecified vulnerability in NFS in Apple Mac OS X 10.5 through 10.5.1 allows remote attackers to cause a denial of service (system shutdown) or execute arbitrary code via unknown vectors related to …
|
CWE-399
Resource Management Errors
|
CVE-2008-0040
|
2011-03-8 12:03 |
2008-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274290
|
- |
|
apple
|
mac_os_x
|
Parental Controls in Apple Mac OS X 10.5 through 10.5.1 contacts www.apple.com "when a website is unblocked," which allows remote attackers to determine when a system is running Parental Controls.
|
CWE-200
Information Exposure
|
CVE-2008-0041
|
2011-03-8 12:03 |
2008-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
