270711
|
- |
|
jce-tech
|
affiliate_master_datafeed_parser
|
Cross-site scripting (XSS) vulnerability in search.php in JCE-Tech Affiliate Master Datafeed Parser Script 2.0 allows remote attackers to inject arbitrary web script or HTML via the search parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-3198
|
2009-09-16 13:00 |
2009-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270712
|
- |
|
debian
|
newsgate
|
mkmailpost in newsgate 1.6 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/mmp##### temporary file.
|
CWE-59
Link Following
|
CVE-2008-4975
|
2009-09-15 14:19 |
2008-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270713
|
- |
|
shrubbery
|
rancid
|
getipacctg in rancid 2.3.2~a8 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/ipacct.#####.prefixes, (2) /tmp/ipacct.#####.sorted, (3) /tmp/ipacct.#####.pl, and (4) /…
|
CWE-59
Link Following
|
CVE-2008-4979
|
2009-09-15 14:19 |
2008-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270714
|
- |
|
zak_b_elep
|
rccp
|
delqueueask in rccp 0.9 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/cccp_tmp.txt temporary file.
|
CWE-59
Link Following
|
CVE-2008-4980
|
2009-09-15 14:19 |
2008-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270715
|
- |
|
instantsoftwares
|
dating_site
|
Cross-site scripting (XSS) vulnerability in login_form.asp in Instant Softwares Dating Site allows remote attackers to inject arbitrary web script or HTML via the msg parameter, a different product t…
|
CWE-79
Cross-site Scripting
|
CVE-2008-0131
|
2009-09-15 14:10 |
2008-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270716
|
- |
|
zyxel
|
p-330w_router
|
Cross-site scripting (XSS) vulnerability in the web management interface in the ZyXEL P-330W router allows remote attackers to inject arbitrary web script or HTML via the pingstr parameter and other …
|
CWE-79
Cross-site Scripting
|
CVE-2007-6729
|
2009-09-15 14:10 |
2009-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270717
|
- |
|
zyxel
|
p-330w_router
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the web management interface in the ZyXEL P-330W router allow remote attackers to hijack the authentication of administrators for request…
|
CWE-352
Origin Validation Error
|
CVE-2007-6730
|
2009-09-15 14:10 |
2009-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270718
|
- |
|
netkit-ftp
|
netkit_ftp
|
The dataconn function in ftpd.c in netkit ftpd (netkit-ftpd) 0.17, when certain modifications to support SSL have been introduced, calls fclose on an uninitialized file stream, which allows remote at…
|
CWE-20
Improper Input Validation
|
CVE-2007-6263
|
2009-09-15 14:09 |
2007-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270719
|
- |
|
webevents
|
webevents
|
Cross-site scripting (XSS) vulnerability in webevent.cgi in WebEvent 2.61 through 4.03 allows remote attackers to inject arbitrary web script or HTML via the cmd parameter. NOTE: the provenance of t…
|
NVD-CWE-Other
|
CVE-2007-4146
|
2009-09-15 14:05 |
2007-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270720
|
- |
|
yoshinori_tahara geeklog
|
mycaljp geeklog
|
Cross-site scripting (XSS) vulnerability in Site Calendar 'mycaljp' plugin 2.0.0 through 2.0.6, as used in the Japanese extended package of Geeklog 1.5.0 through 1.5.2 and when distributed 20090629 o…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3021
|
2009-09-15 13:00 |
2009-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|