268041
|
- |
|
secureideas
|
basic_analysis_and_security_engine
|
SQL injection vulnerability in base_ag_common.php in Basic Analysis and Security Engine (BASE) before 1.4.3.1 allows remote attackers to execute arbitrary SQL commands via unspecified parameters. NO…
|
CWE-89
SQL Injection
|
CVE-2009-4838
|
2012-07-3 13:00 |
2010-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268042
|
- |
|
secureideas
|
basic_analysis_and_security_engine
|
Multiple cross-site scripting (XSS) vulnerabilities in Basic Analysis and Security Engine (BASE), possibly 1.4.4 and earlier, allow remote attackers to inject arbitrary web script or HTML via unspeci…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4839
|
2012-07-3 13:00 |
2010-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268043
|
- |
|
secureideas
|
basic_analysis_and_security_engine
|
Multiple cross-site scripting (XSS) vulnerabilities in base_qry_main.php in Base Analysis and Security Engine (BASE) before 1.3.9 allow remote attackers to inject arbitrary web script or HTML via the…
|
CWE-79
Cross-site Scripting
|
CVE-2007-6156
|
2012-07-3 13:00 |
2007-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268044
|
- |
|
acid secureideas
|
analysis_console_for_intrusion_databases basic_analysis_and_security_engine
|
Multiple SQL injection vulnerabilities in (1) acid_qry_main.php in Analysis Console for Intrusion Databases (ACID) 0.9.6b20 and (2) base_qry_main.php in Basic Analysis and Security Engine (BASE) 1.2,…
|
CWE-89
SQL Injection
|
CVE-2005-3325
|
2012-07-3 13:00 |
2005-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268045
|
- |
|
david_paleino
|
wicd
|
The DBus configuration file for Wicd before 1.5.9 allows arbitrary users to own org.wicd.daemon, which allows local users to receive messages that were intended for the Wicd daemon, possibly includin…
|
CWE-16
Configuration
|
CVE-2009-0489
|
2012-07-2 13:00 |
2009-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268046
|
- |
|
php
|
php
|
PHP 4.0.4pl1 and 4.0.5 in safe mode allows remote attackers to read and write files owned by the web server UID by uploading a PHP script that uses the error_log function to access the files.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2001-1247
|
2012-06-25 13:00 |
2001-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268047
|
- |
|
perforce
|
perforce_server
|
Directory traversal vulnerability in Perforce Server 2008.1 allows remote authenticated users to create arbitrary files via a .. (dot dot) in the argument to the "p4 add" command.
|
CWE-22
Path Traversal
|
CVE-2010-0933
|
2012-06-15 13:00 |
2010-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268048
|
- |
|
opera
|
opera_browser
|
Unspecified vulnerability in Opera before 9.24 allows remote attackers to overwrite functions on pages from other domains and bypass the same-origin policy via unknown vectors.
|
CWE-20
Improper Input Validation
|
CVE-2007-5540
|
2012-06-8 06:14 |
2007-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268049
|
- |
|
opera
|
opera_browser
|
Opera before 9.26 allows remote attackers to "bypass sanitization filters" and conduct cross-site scripting (XSS) attacks via crafted attribute values in an XML document, which are not properly handl…
|
CWE-79
Cross-site Scripting
|
CVE-2008-1082
|
2012-06-8 03:06 |
2008-02-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268050
|
- |
|
opera
|
opera_browser
|
Opera before 9.26 allows user-assisted remote attackers to execute arbitrary script via images that contain custom comments, which are treated as script when the user displays the image properties.
|
CWE-94
Code Injection
|
CVE-2008-1081
|
2012-06-8 03:02 |
2008-02-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|