|
270741
|
- |
|
kristof_de_jaeger
|
commentreference
|
The CCK Comment Reference module 5.x before 5.x-1.2 and 6.x before 6.x-1.3, a module for Drupal, allows remote attackers to bypass intended access restrictions and read comments by using the autocomp…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-4520
|
2010-01-6 14:00 |
2010-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270742
|
- |
|
joao_ventura
|
print
|
The Send by e-mail sub-module in the Print (aka Printer, e-mail and PDF versions) module 5.x before 5.x-4.9 and 6.x before 6.x-1.9, a module for Drupal, does not properly enforce privilege requiremen…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-4526
|
2010-01-5 04:51 |
2010-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270743
|
- |
|
pedro_lineu_orso
|
sarg
|
Cross-site scripting (XSS) vulnerability in Squid Analysis Report Generator (Sarg) 2.2.4 allows remote attackers to inject arbitrary web script or HTML via a JavaScript onload event in the User-Agent…
|
CWE-79
Cross-site Scripting
|
CVE-2008-7250
|
2010-01-5 02:31 |
2009-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270744
|
- |
|
mailsite
|
mailsite
|
LDAP3A.exe in MailSite 8.0.4 allows remote attackers to cause a denial of service (heap memory corruption and daemon crash) via unspecified vectors, as demonstrated by a certain module in VulnDisco P…
|
CWE-399
Resource Management Errors
|
CVE-2009-4479
|
2010-01-4 14:00 |
2009-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270745
|
- |
|
tversity
|
tversity
|
Buffer overflow in MediaServer.exe in TVersity 1.6 allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by the vd_tversity module in VulnDisco Pack Professional …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-4482
|
2010-01-4 14:00 |
2009-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270746
|
- |
|
sergey_lyubka
|
mongoose
|
Mongoose 2.8.0 and earlier allows remote attackers to obtain the source code for a web page by appending ::$DATA to the URI.
|
CWE-200
Information Exposure
|
CVE-2009-4530
|
2010-01-4 14:00 |
2010-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270747
|
- |
|
nanwich
|
faq_ask
|
Open redirect vulnerability in the FAQ Ask module 5.x and 6.x before 6.x-2.0, a module for Drupal, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via un…
|
NVD-CWE-Other
|
CVE-2009-4534
|
2010-01-4 14:00 |
2010-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270748
|
- |
|
zabbix
|
zabbix
|
The zbx_get_next_field function in libs/zbxcommon/str.c in Zabbix Server before 1.6.8 allows remote attackers to cause a denial of service (crash) via a request that lacks expected separators, which …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-4501
|
2010-01-1 14:00 |
2010-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270749
|
- |
|
zabbix
|
zabbix
|
The NET_TCP_LISTEN function in net.c in Zabbix Agent before 1.6.7, when running on FreeBSD or Solaris, allows remote attackers to bypass the EnableRemoteCommands setting and execute arbitrary command…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-4502
|
2010-01-1 14:00 |
2010-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270750
|
- |
|
tatsuhiro_tsujikawa
|
aria2
|
Buffer overflow in DHTRoutingTableDeserializer.cc in aria2 0.15.3, 1.2.0, and other versions allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unkno…
|
NVD-CWE-noinfo
|
CVE-2009-3575
|
2009-12-31 16:04 |
2009-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
