|
261111
|
- |
|
simple_glossar
|
simple_glossar
|
Cross-site scripting (XSS) vulnerability in the simple Glossar (simple_glossar) extension 1.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified ve…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4164
|
2009-12-3 14:00 |
2009-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261112
|
- |
|
simple_glossar
|
simple_glossar
|
SQL injection vulnerability in the simple Glossar (simple_glossar) extension 1.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2009-4165
|
2009-12-3 14:00 |
2009-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261113
|
- |
|
michal_hadr
|
mchtrips
|
SQL injection vulnerability in the Trips (mchtrips) extension 2.0.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2009-4166
|
2009-12-3 14:00 |
2009-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261114
|
- |
|
scriptlerim
|
radio_isetek_scripti
|
RADIO istek scripti 2.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain user credentials via a direct request for estafresgaf…
|
CWE-255
Credentials Management
|
CVE-2009-4096
|
2009-12-2 14:00 |
2009-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261115
|
- |
|
robo-ftp
|
robo-ftp
|
Buffer overflow in Robo-FTP 3.6.17, and possibly other versions, allows remote FTP servers to cause a denial of service and possibly execute arbitrary code via unspecified FTP server responses. NOTE…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-4103
|
2009-11-30 14:00 |
2009-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261116
|
- |
|
dotnetnuke
|
dotnetnuke
|
The install wizard in DotNetNuke 4.0 through 5.1.4 does not prevent anonymous users from accessing functionality related to determination of the need for an upgrade, which allows remote attackers to …
|
CWE-200
Information Exposure
|
CVE-2009-4109
|
2009-11-30 14:00 |
2009-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261117
|
- |
|
gforge
|
gforge
|
Cross-site scripting (XSS) vulnerability in www/help/tracker.php in GForge 4.5.14, 4.7 rc2, and 4.8.1 allows remote attackers to inject arbitrary web script or HTML via the helpname parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-3303
|
2009-11-25 02:30 |
2009-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261118
|
- |
|
gforge
|
gforge
|
Multiple cross-site scripting (XSS) vulnerabilities in GForge 4.5.14, 4.7.3, and possibly other versions allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4069
|
2009-11-25 02:30 |
2009-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261119
|
- |
|
gforge
|
gforge
|
SQL injection vulnerability in GForge 4.5.14, 4.7.3, and possibly other versions allows remote attackers to execute arbitrary SQL commands via unknown vectors.
|
CWE-89
SQL Injection
|
CVE-2009-4070
|
2009-11-25 02:30 |
2009-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261120
|
- |
|
hp
|
openview_network_node_manager
|
The embedded database engine service (aka ovdbrun.exe) in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to cause a denial of service (daemon crash) via an invalid Er…
|
NVD-CWE-Other
|
CVE-2009-3840
|
2009-11-24 16:04 |
2009-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
