270681
|
- |
|
dag.wieers
|
dstat
|
Untrusted search path vulnerability in dstat before r3199 allows local users to gain privileges via a Trojan horse Python module in the current working directory, a different vulnerability than CVE-2…
|
NVD-CWE-Other
|
CVE-2009-4081
|
2009-12-31 16:04 |
2009-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270682
|
- |
|
azeotech
|
daqfactory
|
Buffer overflow in the web service in AzeoTech DAQFactory 5.77 might allow remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by a certain module in VulnDisco Pack Pr…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-4480
|
2009-12-31 14:00 |
2009-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270683
|
- |
|
mailsite
|
mailsite
|
Unspecified vulnerability in LDAP3A.exe in MailSite 8.0.4 allows remote attackers to cause a denial of service (daemon crash) via unknown vectors, as demonstrated by a certain module in VulnDisco Pac…
|
NVD-CWE-noinfo
|
CVE-2009-4483
|
2009-12-31 14:00 |
2009-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270684
|
- |
|
flatpress
|
flatpress
|
Multiple cross-site scripting (XSS) vulnerabilities in FlatPress 0.909 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) contact.php, (2) login.php, and (3) searc…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4461
|
2009-12-31 05:00 |
2009-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270685
|
- |
|
php.html
|
kandalf_upper
|
Unrestricted file upload vulnerability in upper.php in kandalf upper 0.1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a di…
|
NVD-CWE-Other
|
CVE-2009-4451
|
2009-12-30 14:00 |
2009-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270686
|
- |
|
virtuemart
|
virtuemart
|
SQL injection vulnerability in index.php in VirtueMart 1.0 allows remote attackers to execute arbitrary SQL commands via the product_id parameter in a shop.product_details shop.flypage action.
|
CWE-89
SQL Injection
|
CVE-2009-4430
|
2009-12-29 14:00 |
2009-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270687
|
- |
|
codemight
|
videocms
|
SQL injection vulnerability in index.php in CodeMight VideoCMS 3.1 allows remote attackers to execute arbitrary SQL commands via the v parameter in a video action.
|
CWE-89
SQL Injection
|
CVE-2009-4432
|
2009-12-29 14:00 |
2009-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270688
|
- |
|
idevspot
|
isupport
|
Directory traversal vulnerability in index.php in IDevSpot iSupport 1.8 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the include_file parameter.
|
CWE-22
Path Traversal
|
CVE-2009-4434
|
2009-12-29 14:00 |
2009-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270689
|
- |
|
fr.simon_rundell
|
pd_resources
|
Cross-site scripting (XSS) vulnerability in the Diocese of Portsmouth Resources Database (pd_resources) extension 0.1.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4397
|
2009-12-28 14:00 |
2009-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270690
|
- |
|
zend
|
framework
|
The shutdown function in the Zend_Log_Writer_Mail class in Zend Framework (ZF) allows context-dependent attackers to send arbitrary e-mail messages to any recipient address via vectors related to "ev…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-4417
|
2009-12-28 14:00 |
2009-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|