270781
|
- |
|
fr.simon_rundell
|
pd_churchsearch
|
SQL injection vulnerability in the Diocese of Portsmouth Church Search (pd_churchsearch) extension before 0.1.1, and 0.2.10 and earlier 0.2.x versions, an extension for TYPO3, allows remote attackers…
|
CWE-89
SQL Injection
|
CVE-2008-6463
|
2009-08-19 14:23 |
2009-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270782
|
- |
|
apache
|
struts
|
Multiple directory traversal vulnerabilities in Apache Struts 2.0.x before 2.0.12 and 2.1.x before 2.1.3 allow remote attackers to read arbitrary files via a ..%252f (encoded dot dot slash) in a URI …
|
CWE-22
Path Traversal
|
CVE-2008-6505
|
2009-08-19 14:23 |
2009-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270783
|
- |
|
gpsdrive
|
gpsdrive
|
gpsdrive (aka gpsdrive-scripts) 2.10~pre4 allows local users to overwrite arbitrary files via a symlink attack on the (a) /tmp/.smswatch or (b) /tmp/gpsdrivepos temporary file, related to (1) example…
|
CWE-59
Link Following
|
CVE-2008-5703
|
2009-08-19 14:22 |
2008-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270784
|
- |
|
agares_media
|
arcadem_pro
|
SQL injection vulnerability in index.php in Arcadem Pro 2.700 through 2.802 allows remote attackers to execute arbitrary SQL commands via the articlecat parameter, probably related to includes/articl…
|
CWE-89
SQL Injection
|
CVE-2008-6040
|
2009-08-19 14:22 |
2009-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270785
|
- |
|
gpsdrive
|
gpsdrive
|
gpsdrive (aka gpsdrive-scripts) 2.09 allows local users to overwrite arbitrary files via a symlink attack on an (a) /tmp/geo#####, a (b) /tmp/geocaching.loc, a (c) /tmp/geo#####.*, or a (d) /tmp/geo.…
|
CWE-59
Link Following
|
CVE-2008-5380
|
2009-08-19 14:21 |
2008-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270786
|
- |
|
apple microsoft
|
mac_os_x mac_os_x_server windows_vista windows_xp safari
|
Unspecified vulnerability in Apple Safari 4 before 4.0.3 allows remote web servers to place an arbitrary web site in the Top Sites view, and possibly conduct phishing attacks, via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2009-2196
|
2009-08-18 13:00 |
2009-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270787
|
- |
|
freenas
|
freenas
|
Cross-site request forgery (CSRF) vulnerability in the WebGUI in FreeNAS before 0.7RC1 allows remote attackers to hijack the authentication of users for unspecified requests via unknown vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2009-2738
|
2009-08-18 13:00 |
2009-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270788
|
- |
|
ajsquare
|
aj_matrix_dna
|
SQL injection vulnerability in index.php in AJ Matrix DNA allows remote attackers to execute arbitrary SQL commands via the id parameter in a productdetail action.
|
CWE-89
SQL Injection
|
CVE-2009-2779
|
2009-08-18 01:30 |
2009-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270789
|
- |
|
sellatsite.com
|
smart_asp_survey
|
SQL injection vulnerability in showresult.asp in Smart ASP Survey allows remote attackers to execute arbitrary SQL commands via the catid parameter.
|
CWE-89
SQL Injection
|
CVE-2009-2776
|
2009-08-17 13:00 |
2009-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270790
|
- |
|
sun
|
java_system_access_manager java_system_web_server opensso_enterprise
|
Sun Java System Access Manager 6.3 2005Q1, 7.0 2005Q4, and 7.1; and OpenSSO Enterprise 8.0; when AMConfig.properties enables the debug flag, allows local users to discover cleartext passwords by read…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-2712
|
2009-08-15 14:23 |
2009-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|