271071
|
- |
|
tkman
|
tkman
|
tkman in tkman 2.2 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/tkman##### or (2) /tmp/ll temporary file.
|
CWE-59
Link Following
|
CVE-2008-5137
|
2009-02-17 15:53 |
2008-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271072
|
- |
|
javier_fernandez
|
jailer
|
updatejail in jailer 0.4 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/#####.updatejail temporary file.
|
CWE-59
Link Following
|
CVE-2008-5139
|
2009-02-17 15:53 |
2008-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271073
|
- |
|
federico_di_gregorio
|
nvidia-cg-toolkit
|
nvidia-cg-toolkit-installer in nvidia-cg-toolkit 2.0.0015 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/nvidia-cg-toolkit-manifest temporary file.
|
CWE-59
Link Following
|
CVE-2008-5144
|
2009-02-17 15:53 |
2008-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271074
|
- |
|
aucko
|
libncbi6
|
fwd_check.sh in libncbi6 6.1.20080302 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/##### temporary file.
|
CWE-59
Link Following
|
CVE-2008-5149
|
2009-02-17 15:53 |
2008-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271075
|
- |
|
smsclient
|
smsclient
|
mail2sms.sh in smsclient 2.0.8z allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/header.##### or (2) /tmp/body.##### temporary file, or append data to arbitrary file…
|
CWE-59
Link Following
|
CVE-2008-5155
|
2009-02-17 15:53 |
2008-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271076
|
- |
|
fotoware
|
fotoweb
|
Multiple cross-site scripting (XSS) vulnerabilities in FotoWeb 6.0 (Build 273) allow remote attackers to inject arbitrary web script or HTML via the (1) s parameter to cmdrequest/Login.fwx and the (2…
|
CWE-79
Cross-site Scripting
|
CVE-2009-0573
|
2009-02-16 14:00 |
2009-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271077
|
- |
|
fail2ban
|
fail2ban
|
filter.d/wuftpd.conf in Fail2ban 0.8.3 uses an incorrect regular expression that allows remote attackers to cause a denial of service (forced authentication failures) via a crafted reverse-resolved D…
|
CWE-287
Improper Authentication
|
CVE-2009-0362
|
2009-02-13 14:00 |
2009-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271078
|
- |
|
modernmethod
|
sajax
|
Cross-site scripting (XSS) vulnerability in the sajax_get_common_js function in php/Sajax.php in Sajax 0.12 allows remote attackers to inject arbitrary web script or HTML via the URL parameter, which…
|
CWE-79
Cross-site Scripting
|
CVE-2009-0525
|
2009-02-12 14:00 |
2009-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271079
|
- |
|
semanticscuttle
|
semanticscuttle
|
Unspecified vulnerability in SemanticScuttle before 0.90 has unknown impact and attack vectors related to improper validation of parameters to profile.php.
|
NVD-CWE-noinfo
|
CVE-2008-6110
|
2009-02-11 14:00 |
2009-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271080
|
- |
|
ibm
|
db2
|
IBM DB2 UDB 8.2 before Fixpak 7 (aka fixpack 14), and DB2 9 before Fix Pack 2, on UNIX allows the "fenced" user to access certain unauthorized directories.
|
CWE-287
Improper Authentication
|
CVE-2007-1228
|
2009-02-11 14:00 |
2007-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|