271141
|
- |
|
cisco
|
application_control_engine_module ace_4710
|
The username command in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers and Cisco ACE 4710 Application Control Engine Appliance stores a cleartext password by …
|
CWE-310
Cryptographic Issues
|
CVE-2009-0742
|
2009-02-27 14:00 |
2009-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271142
|
- |
|
cisco
|
application_control_engine_module ace_4710
|
Note that CVE-2009-0742 is not referenced on the vendor advisory page at:
http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc82.shtml
|
CWE-310
Cryptographic Issues
|
CVE-2009-0742
|
2009-02-27 14:00 |
2009-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271143
|
- |
|
a4desk
|
a4desk_flash_event_calendar
|
SQL injection vulnerability in A4Desk PHP Event Calendar allows remote attackers to execute arbitrary SQL commands via the eventid parameter to admin/index.php.
|
CWE-89
SQL Injection
|
CVE-2008-6104
|
2009-02-26 16:06 |
2009-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271144
|
- |
|
futomi
|
access_analyzer_cgi
|
futomi CGI Cafe Access Analyzer CGI Standard 4.0.1 and earlier and Access Analyzer CGI Professional 4.11.3 and earlier use a predictable session id, which makes it easier for remote attackers to hija…
|
CWE-287
Improper Authentication
|
CVE-2008-5809
|
2009-02-26 16:05 |
2009-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271145
|
- |
|
sapporoworks
|
blackjumbodog
|
SapporoWorks BlackJumboDog (BJD) before 4.2.3 allows remote attackers to bypass authentication and obtain sensitive information via unspecified vectors.
|
CWE-287
Improper Authentication
|
CVE-2008-5721
|
2009-02-26 16:04 |
2008-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271146
|
- |
|
eterm
|
eterm
|
Eterm 0.9.4 opens a terminal window on :0 if -display is not specified and the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: realistic attac…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-1692
|
2009-02-26 15:51 |
2008-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271147
|
- |
|
aterm eterm mrxvt multi-aterm rxvt rxvt-unicode wterm
|
aterm eterm mrxvt multi-aterm rxvt rxvt-unicode wterm
|
rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: it was later reported that rxvt-unicode, mrxvt…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-1142
|
2009-02-26 14:00 |
2008-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271148
|
- |
|
rakhisoftware
|
rakhisoftware_shopping_cart
|
Multiple cross-site scripting (XSS) vulnerabilities in product.php in RakhiSoftware Price Comparison Script (aka Shopping Cart) allow remote attackers to inject arbitrary web script or HTML via the (…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6278
|
2009-02-26 14:00 |
2009-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271149
|
- |
|
rakhisoftware
|
rakhisoftware_shopping_cart
|
RakhiSoftware Price Comparison Script (aka Shopping Cart) allows remote attackers to obtain sensitive information via an invalid PHPSESSID cookie, which reveals the installation path in an error mess…
|
CWE-200
Information Exposure
|
CVE-2008-6279
|
2009-02-26 14:00 |
2009-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271150
|
- |
|
tor
|
tor
|
Tor 0.2.0.28, and probably 0.2.0.34 and earlier, allows remote attackers, with control of an entry router and an exit router, to confirm that a sender and receiver are communicating via vectors invol…
|
NVD-CWE-Other
|
CVE-2009-0654
|
2009-02-25 14:00 |
2009-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|