271001
|
- |
|
abe_timmerman
|
zml.cgi
|
Directory traversal vulnerability in zml.cgi allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
|
NVD-CWE-Other
|
CVE-2001-1209
|
2009-04-30 13:08 |
2001-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271002
|
- |
|
gecad
|
axigen_mail_server
|
Cross-site scripting (XSS) vulnerability in the web mail interface feature in AXIGEN Mail Server 6.2.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving…
|
CWE-79
Cross-site Scripting
|
CVE-2009-1484
|
2009-04-30 03:30 |
2009-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271003
|
- |
|
apache
|
tiles
|
Apache Tiles 2.1 before 2.1.2, as used in Apache Struts and other products, evaluates Expression Language (EL) expressions twice in certain circumstances, which allows remote attackers to conduct cro…
|
NVD-CWE-Other
|
CVE-2009-1275
|
2009-04-29 14:29 |
2009-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271004
|
- |
|
mpg123
|
mpg123
|
Integer signedness error in the store_id3_text function in the ID3v2 code in mpg123 before 1.7.2 allows remote attackers to cause a denial of service (out-of-bounds memory access) and possibly execut…
|
CWE-189
Numeric Errors
|
CVE-2009-1301
|
2009-04-29 14:29 |
2009-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271005
|
- |
|
mahara
|
mahara
|
Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.0.x before 1.0.11 and 1.1.x before 1.1.3 allow remote attackers to inject arbitrary web script or HTML via (1) the introduction field i…
|
CWE-79
Cross-site Scripting
|
CVE-2009-0664
|
2009-04-29 14:28 |
2009-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271006
|
- |
|
hp
|
storage_essentials
|
Unspecified vulnerability in Secure NaviCLI in HP Storage Essentials 6.0.2 through 6.0.4 allows remote authenticated users to obtain "access" or "extended privileges" via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2009-0715
|
2009-04-29 14:28 |
2009-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271007
|
- |
|
novell
|
access_manager
|
Novell Access Manager 3 SP4 does not properly expire X.509 certificate sessions, which allows physically proximate attackers to obtain a logged-in session by using a victim's web-browser process that…
|
CWE-200
Information Exposure
|
CVE-2008-6722
|
2009-04-29 14:27 |
2009-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271008
|
- |
|
cisco
|
adaptive_security_appliance_5500 pix
|
Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.1(1) through 7.1(2)82, 7.2 before 7.2(4)27, 8.0 before 8.0(4)25, and 8.1 before 8.1(2)15, when AAA override-account-…
|
CWE-287
Improper Authentication
|
CVE-2009-1155
|
2009-04-28 14:39 |
2009-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271009
|
- |
|
cisco
|
adaptive_security_appliance_5500 pix
|
Per vendor advisory: http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml
"VPN Authentication Bypass Vulnerability
Cisco ASA or Cisco PIX security appliances tha…
|
CWE-287
Improper Authentication
|
CVE-2009-1155
|
2009-04-28 14:39 |
2009-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271010
|
- |
|
cisco
|
adaptive_security_appliance_5500 pix
|
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 8.0 before 8.0(4)25 and 8.1 before 8.1(2)15, when an SSL VPN or ASDM access is configured, allows remote atta…
|
NVD-CWE-noinfo
|
CVE-2009-1156
|
2009-04-28 14:39 |
2009-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|