271251
|
- |
|
drupal
|
internationalization
|
Unspecified vulnerability in Internationalization (i18n) Translation 5.x before 5.x-2.5, a module for Drupal, allows remote attackers with "translate node" permissions to bypass intended access restr…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-0382
|
2009-02-3 04:30 |
2009-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271252
|
- |
|
hp
|
hplip
|
hplip.postinst in HP Linux Imaging and Printing (HPLIP) 2.7.7 and 2.8.2 on Ubuntu allows local users to change the ownership of arbitrary files via unspecified manipulations in advance of an HPLIP in…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-0122
|
2009-01-31 15:54 |
2009-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271253
|
- |
|
apple
|
cups
|
The web interface (cgi-bin/admin.c) in CUPS before 1.3.8 uses the guest username when a user is not logged on to the web server, which makes it easier for remote attackers to bypass intended policy a…
|
CWE-255
Credentials Management
|
CVE-2008-5184
|
2009-01-29 15:58 |
2008-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271254
|
- |
|
bizdirectory
|
bizdirectory
|
Cross-site scripting (XSS) vulnerability in BizDirectory 2.04 and earlier allows remote attackers to inject arbitrary web script or HTML via the page parameter in a search action to the default URI.
|
CWE-79
Cross-site Scripting
|
CVE-2008-3941
|
2009-01-29 15:54 |
2008-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271255
|
- |
|
openbsd
|
openssh
|
sshd in OpenSSH 3.5p1, when PermitRootLogin is disabled, immediately closes the TCP connection after a root login attempt with the correct password, but leaves the connection open after an attempt wi…
|
CWE-16
Configuration
|
CVE-2004-2760
|
2009-01-29 14:37 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271256
|
- |
|
netscape
|
navigator
|
Netscape 4 sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data.
|
CWE-200
Information Exposure
|
CVE-2003-1560
|
2009-01-29 14:28 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271257
|
- |
|
opera
|
opera
|
Opera, probably before 7.50, sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer …
|
NVD-CWE-noinfo CWE-200
Information Exposure
|
CVE-2003-1561
|
2009-01-29 14:28 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271258
|
- |
|
webhelpdesk
|
web_help_desk
|
Cross-site scripting (XSS) vulnerability in Web Help Desk before 9.1.18 allows remote attackers to inject arbitrary web script or HTML via vectors related to "encoded JavaScript" and Helpdesk.woa.
|
CWE-79
Cross-site Scripting
|
CVE-2009-0303
|
2009-01-28 14:00 |
2009-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271259
|
- |
|
ipswitch
|
imail
|
Multiple buffer overflows in Ipswitch IMail before 2006.21 allow remote attackers or authenticated users to execute arbitrary code via (1) the authentication feature in IMailsec.dll, which triggers h…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-2795
|
2009-01-28 14:00 |
2009-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271260
|
- |
|
ryneezy
|
phosheezy
|
Static code injection vulnerability in admin.php in Ryneezy phoSheezy 0.2 allows remote authenticated administrators to inject arbitrary PHP code into config/header via the header parameter. NOTE: t…
|
CWE-94
Code Injection
|
CVE-2009-0275
|
2009-01-27 05:30 |
2009-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|