|
271221
|
- |
|
fotoware
|
fotoweb
|
Multiple cross-site scripting (XSS) vulnerabilities in FotoWeb 6.0 (Build 273) allow remote attackers to inject arbitrary web script or HTML via the (1) s parameter to cmdrequest/Login.fwx and the (2…
|
CWE-79
Cross-site Scripting
|
CVE-2009-0573
|
2009-02-16 14:00 |
2009-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271222
|
- |
|
fail2ban
|
fail2ban
|
filter.d/wuftpd.conf in Fail2ban 0.8.3 uses an incorrect regular expression that allows remote attackers to cause a denial of service (forced authentication failures) via a crafted reverse-resolved D…
|
CWE-287
Improper Authentication
|
CVE-2009-0362
|
2009-02-13 14:00 |
2009-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271223
|
- |
|
modernmethod
|
sajax
|
Cross-site scripting (XSS) vulnerability in the sajax_get_common_js function in php/Sajax.php in Sajax 0.12 allows remote attackers to inject arbitrary web script or HTML via the URL parameter, which…
|
CWE-79
Cross-site Scripting
|
CVE-2009-0525
|
2009-02-12 14:00 |
2009-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271224
|
- |
|
semanticscuttle
|
semanticscuttle
|
Unspecified vulnerability in SemanticScuttle before 0.90 has unknown impact and attack vectors related to improper validation of parameters to profile.php.
|
NVD-CWE-noinfo
|
CVE-2008-6110
|
2009-02-11 14:00 |
2009-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271225
|
- |
|
ibm
|
db2
|
IBM DB2 UDB 8.2 before Fixpak 7 (aka fixpack 14), and DB2 9 before Fix Pack 2, on UNIX allows the "fenced" user to access certain unauthorized directories.
|
CWE-287
Improper Authentication
|
CVE-2007-1228
|
2009-02-11 14:00 |
2007-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271226
|
- |
|
freedesktop
|
xdg-utils
|
Interaction error in xdg-open allows remote attackers to execute arbitrary code by sending a file with a dangerous MIME type but using a safe type that Firefox sends to xdg-open, which causes xdg-ope…
|
CWE-94
Code Injection
|
CVE-2009-0068
|
2009-02-10 15:59 |
2009-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271227
|
- |
|
xrdp
|
xrdp
|
Buffer overflow in the xrdp_bitmap_invalidate function in xrdp/xrdp_bitmap.c in xrdp 0.4.1 and earlier allows remote attackers to execute arbitrary code via a crafted request.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-5902
|
2009-02-10 15:59 |
2009-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271228
|
- |
|
mantis
|
mantis
|
core/string_api.php in Mantis before 1.1.3 does not check the privileges of the viewer before composing a link with issue data in the source anchor, which allows remote attackers to discover an issue…
|
CWE-200
Information Exposure
|
CVE-2008-4688
|
2009-02-10 15:56 |
2008-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271229
|
- |
|
sentex
|
jhead
|
Buffer overflow in the DoCommand function in jhead before 2.84 might allow context-dependent attackers to cause a denial of service (crash) via (1) a long -cmd argument and (2) unspecified vectors re…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-4575
|
2009-02-10 15:55 |
2008-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271230
|
- |
|
onlinegrades
|
online_grades
|
Multiple SQL injection vulnerabilities in admin/admin_login.php in Online Grades 3.2.4 allow remote attackers to execute arbitrary SQL commands via the (1) uname or (2) pword parameter. NOTE: the pr…
|
CWE-89
SQL Injection
|
CVE-2009-0479
|
2009-02-9 14:00 |
2009-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
