|
268211
|
- |
|
rim
|
blackberry_enterprise_server
|
Cross-site scripting (XSS) vulnerability in the "Customize Statistics Page" (admin/statistics/ConfigureStatistics) in the MDS Connection Service in Research in Motion (RIM) BlackBerry Enterprise Serv…
|
CWE-79
Cross-site Scripting
|
CVE-2009-0307
|
2009-04-28 14:37 |
2009-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268212
|
- |
|
apache
|
struts
|
Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.0.x before 2.0.11.1 and 2.1.x before 2.1.1 allow remote attackers to inject arbitrary web script or HTML via vectors associated …
|
CWE-79
Cross-site Scripting
|
CVE-2008-6682
|
2009-04-28 14:37 |
2009-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268213
|
- |
|
silverstripe
|
silverstripe
|
SQL injection vulnerability in File::find (filesystem/File.php) in SilverStripe before 2.3.1 allows remote attackers to execute arbitrary SQL commands via the filename parameter.
|
CWE-89
SQL Injection
|
CVE-2009-1433
|
2009-04-27 13:00 |
2009-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268214
|
- |
|
quickersite
|
quickersite
|
asp/bs_login.asp in QuickerSite 1.8.5 does not properly restrict access to administrative functionality, which allows remote attackers to (1) change the admin password via the cSaveAdminPW action; (2…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6673
|
2009-04-23 14:57 |
2009-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268215
|
- |
|
quickersite
|
quickersite
|
mailPage.asp in QuickerSite 1.8.5 allows remote attackers to flood e-mail accounts with messages via a large number of requests with a modified sEmail parameter.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6674
|
2009-04-23 14:57 |
2009-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268216
|
- |
|
quickersite
|
quickersite
|
Unrestricted file upload vulnerability in fckeditor251/editor/filemanager/connectors/asp/upload.asp in QuickerSite 1.8.5 allows remote attackers to execute arbitrary code by uploading a file with an …
|
CWE-94
Code Injection
|
CVE-2008-6677
|
2009-04-23 14:57 |
2009-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268217
|
- |
|
gscripts
|
dns_tools
|
dig.php in GScripts.net DNS Tools allows remote attackers to execute arbitrary commands via shell metacharacters in the host parameter. NOTE: the provenance of this information is unknown; the detail…
|
CWE-20
Improper Input Validation
|
CVE-2009-1361
|
2009-04-23 13:00 |
2009-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268218
|
- |
|
mark_girling
|
myshoutpro
|
Cross-site scripting (XSS) vulnerability in MyShoutPro before 1.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2006-7238
|
2009-04-22 13:00 |
2009-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268219
|
- |
|
drupal
|
print
|
Cross-site scripting (XSS) vulnerability in the Print (aka Printer, e-mail and PDF versions) module 5.x before 5.x-4.5 and 6.x before 6.x-1.5, a module for Drupal, allows remote attackers to inject a…
|
CWE-79
Cross-site Scripting
|
CVE-2009-1343
|
2009-04-21 13:00 |
2009-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268220
|
- |
|
drupal
|
cck_comment_reference
|
Cross-site scripting (XSS) vulnerability in the CCK comment reference module 6.x before 6.x-1.2, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via certain commen…
|
CWE-79
Cross-site Scripting
|
CVE-2009-1342
|
2009-04-20 23:30 |
2009-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
