|
268031
|
- |
|
verlihub-project
|
verlihub_control_panel
|
Multiple cross-site scripting (XSS) vulnerabilities in Verlihub Control Panel (VHCP) 1.7e allow remote attackers to inject arbitrary web script or HTML via (1) the nick parameter in a login action to…
|
CWE-79
Cross-site Scripting
|
CVE-2009-2569
|
2009-07-23 02:30 |
2009-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268032
|
- |
|
3ds
ibm
|
enovia_smarteam
catia
|
The Web Editor in Dassault Systemes ENOVIA SmarTeam V5 before Release 18 Service Pack 8, and possibly CATIA and other products, allows remote authenticated users to read the profile card of an object…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-0809
|
2009-07-22 13:00 |
2009-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268033
|
- |
|
3ds
ibm
|
enovia_smarteam
catia
|
Per http://www-01.ibm.com/support/docview.wss?uid=swg1HD80332
"Scenario:
1. Create a document class and give permissions to joe only.
2. When someone else but joe logs onto Web editor, and does …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-0809
|
2009-07-22 13:00 |
2009-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268034
|
- |
|
gnu
|
mailman
|
Cross-site scripting vulnerabilities in Mailman before 2.0.11 allow remote attackers to execute script via (1) the admin login page, or (2) the Pipermail index summaries.
|
NVD-CWE-Other
|
CVE-2002-0388
|
2009-07-22 06:00 |
2002-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268035
|
- |
|
bistudio
|
arma
arma_2
|
Format string vulnerability in Armed Assault (aka ArmA) 1.14 and earlier, and 1.16 beta, and Armed Assault II 1.02 and earlier allows remote attackers to cause a denial of service (crash) and possibl…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2009-2548
|
2009-07-21 13:00 |
2009-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268036
|
- |
|
bistudio
|
arma
arma_2
|
Armed Assault (aka ArmA) 1.14 and earlier, and 1.16 beta, and Armed Assault II 1.02 and earlier allows remote attackers to cause a denial of service via a join packet with a final field whose value i…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-2549
|
2009-07-21 13:00 |
2009-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268037
|
- |
|
iglues
|
bulmages-servers
|
bulmages-servers 0.11.1 allows local users to overwrite arbitrary files via a symlink attack on the (a) /tmp/error.txt, (b) /tmp/errores.txt, and possibly other temporary files, related to the (1) cr…
|
CWE-59
Link Following
|
CVE-2008-4943
|
2009-07-21 13:00 |
2008-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268038
|
- |
|
atmail
|
\@tmail
|
Multiple cross-site scripting (XSS) vulnerabilities in webadmin/admin.php in @mail 5.6.1 allow remote attackers to inject arbitrary web script or HTML via the (1) type and (2) func parameters. NOTE: …
|
CWE-79
Cross-site Scripting
|
CVE-2009-2455
|
2009-07-20 13:00 |
2009-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268039
|
- |
|
convirture
|
convirt
|
convirt 0.8.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/set_output temporary file, related to the (1) _template_/provision.sh, (2) Linux_CD_Install/provision.sh…
|
CWE-59
Link Following
|
CVE-2008-4946
|
2009-07-20 13:00 |
2008-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268040
|
- |
|
duncan_webb
|
freevo
|
freevo.real in freevo 1.8.1 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/*-#####.pid, (2) /tmp/freevo-gdb, (3) /tmp/freevo-gdb.sh, and (4) /tmp/*.stats temporary f…
|
CWE-59
Link Following
|
CVE-2008-4955
|
2009-07-20 13:00 |
2008-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
