271291
|
- |
|
dokeos
|
dokeos
|
Cross-site request forgery (CSRF) vulnerability in Dokeos 1.8.5, and possibly earlier, allows remote attackers to hijack the authentication of unspecified victims and add new personal agenda items vi…
|
CWE-352
Origin Validation Error
|
CVE-2009-2005
|
2009-06-9 13:00 |
2009-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271292
|
- |
|
drupal
|
drupal
|
Multiple cross-site scripting (XSS) vulnerabilities in Drupal 5.x before 5.18 and 6.x before 6.12 allow (1) remote authenticated users to inject arbitrary web script or HTML via crafted UTF-8 byte se…
|
CWE-79
Cross-site Scripting
|
CVE-2009-1844
|
2009-06-8 14:27 |
2009-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271293
|
- |
|
drupal
|
quiz
|
Cross-site scripting (XSS) vulnerability in the Quiz module 5.x, 6.x-2.x before 6.x-2.2, and 6.x-3.x before 6.x-3.0, a module for Drupal, allows remote authenticated users, with create quizzes or qui…
|
CWE-79
Cross-site Scripting
|
CVE-2009-1942
|
2009-06-8 13:00 |
2009-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271294
|
- |
|
ibm
|
websphere_application_server
|
Multiple cross-site scripting (XSS) vulnerabilities in sample applications in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.35, and 6.1 before 6.1.0.23 on z/OS, allow remote attackers to …
|
CWE-79
Cross-site Scripting
|
CVE-2009-0856
|
2009-06-5 13:00 |
2009-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271295
|
- |
|
openskip
|
skip
|
Cross-site scripting (XSS) vulnerability in Skip 1.0.2 and earlier, and 1.1RC2 and earlier 1.1RC versions, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2009-1908
|
2009-06-5 13:00 |
2009-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271296
|
- |
|
openskip
|
skip
|
SQL injection vulnerability in Skip 1.0.2 and earlier, and 1.1RC2 and earlier 1.1RC versions, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2009-1909
|
2009-06-5 13:00 |
2009-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271297
|
- |
|
mt312
|
rep-bbs
|
Cross-site scripting (XSS) vulnerability in MT312 REP-BBS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) model.php and (2) config.php with times…
|
CWE-79
Cross-site Scripting
|
CVE-2009-1880
|
2009-06-3 00:30 |
2009-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271298
|
- |
|
benjamin_curtis
|
phpbugtracker
|
SQL injection vulnerability in include.php in phpBugTracker 1.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: the provenance of this infor…
|
CWE-89
SQL Injection
|
CVE-2009-1851
|
2009-06-2 13:00 |
2009-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271299
|
- |
|
sun
|
iplanet_web_server one_web_server
|
The default configuration of Sun ONE/iPlanet Web Server 4.1 SP1 through SP12 and 6.0 SP1 through SP5 responds to the HTTP TRACE request, which can allow remote attackers to steal information using cr…
|
CWE-16
Configuration
|
CVE-2004-2763
|
2009-06-2 13:00 |
2009-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271300
|
- |
|
sun
|
jmf
|
Sun Java Media Framework (JMF) 2.1.1 through 2.1.1c allows unsigned applets to cause a denial of service (JVM crash) and read or write unauthorized memory locations via the ReadEnv class, as demonstr…
|
NVD-CWE-noinfo
|
CVE-2003-1572
|
2009-06-2 13:00 |
2009-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|