|
267731
|
- |
|
fr.simon_rundell
|
pd_resources
|
Cross-site scripting (XSS) vulnerability in the Diocese of Portsmouth Resources Database (pd_resources) extension 0.1.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4397
|
2009-12-28 14:00 |
2009-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267732
|
- |
|
zend
|
framework
|
The shutdown function in the Zend_Log_Writer_Mail class in Zend Framework (ZF) allows context-dependent attackers to send arbitrary e-mail messages to any recipient address via vectors related to "ev…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-4417
|
2009-12-28 14:00 |
2009-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267733
|
- |
|
nvidia
|
video_driver
|
NVIDIA drivers (nvidia-drivers) before 1.0.7185, 1.0.9639, and 100.14.11, as used in Gentoo Linux and possibly other distributions, creates /dev/nvidia* device files with insecure permissions, which …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-3532
|
2009-12-28 14:00 |
2007-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267734
|
- |
|
rocomotion
|
p_forum
|
Directory traversal vulnerability in Pforum.php in Rocomotion P forum before 1.28 allows remote attackers to read arbitrary files via directory traversal sequences in unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2009-4383
|
2009-12-24 14:00 |
2009-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267735
|
- |
|
daniel_regelein
|
dr_blob
|
Cross-site scripting (XSS) vulnerability in the File list (dr_blob) extension 2.1.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4391
|
2009-12-24 04:50 |
2009-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267736
|
- |
|
jochen_rieger
|
car
|
SQL injection vulnerability in the Car (car) extension 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2009-4390
|
2009-12-24 04:03 |
2009-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267737
|
- |
|
robert_puntigam
|
aba_watchdog
|
Unspecified vulnerability in the Watchdog (aba_watchdog) extension 2.0.2 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown attack vectors.
|
NVD-CWE-noinfo
|
CVE-2009-4389
|
2009-12-24 03:46 |
2009-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267738
|
- |
|
frank_krger
|
nl_listman
|
Cross-site scripting (XSS) vulnerability in the ListMan (nl_listman) extension 1.2.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4388
|
2009-12-24 03:37 |
2009-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267739
|
- |
|
scriptsez
|
ez_poll_hoster
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Scriptsez.net Ez Poll Hoster (EPH) allow remote attackers to (1) hijack the authentication of arbitrary users for requests that delete po…
|
CWE-352
Origin Validation Error
|
CVE-2009-4385
|
2009-12-24 03:02 |
2009-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267740
|
- |
|
scriptsez
|
ez_poll_hoster
|
Multiple cross-site scripting (XSS) vulnerabilities in Scriptsez.net Ez Poll Hoster (EPH) allow remote attackers to inject arbitrary web script or HTML via the (1) pid parameter in a code action to i…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4384
|
2009-12-24 02:57 |
2009-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
