|
266511
|
- |
|
mybb
|
mybb
|
Multiple cross-site request forgery (CSRF) vulnerabilities in MyBB 1.2.11 and earlier allow remote attackers to (1) hijack the authentication of moderators or administrators for requests that delete …
|
CWE-352
Origin Validation Error
|
CVE-2008-0788
|
2009-08-20 13:00 |
2008-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266512
|
- |
|
ibm
|
tklm
|
Unspecified vulnerability in IBM Tivoli Key Lifecycle Manager (TKLM) 1.0 has unknown impact and attack vectors, related to a "password security vulnerability."
|
NVD-CWE-noinfo
|
CVE-2009-2667
|
2009-08-19 14:29 |
2009-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266513
|
- |
|
apple
|
safari
|
Multiple unspecified vulnerabilities in Safari RSS in Apple Mac OS X 10.4.11 and 10.5.6, and Windows XP and Vista, allow remote attackers to execute arbitrary JavaScript in the local security zone vi…
|
CWE-20
Improper Input Validation
|
CVE-2009-0137
|
2009-08-19 14:25 |
2009-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266514
|
- |
|
dotnetnuke
|
dotnetnuke
|
Unrestricted file upload vulnerability in the file manager module in DotNetNuke before 4.8.2 allows remote administrators to upload arbitrary files and gain privileges to the server via unspecified v…
|
CWE-20
Improper Input Validation
|
CVE-2008-6541
|
2009-08-19 14:24 |
2009-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266515
|
- |
|
thomas_waggershauser
|
air_filemanager
|
Unspecified vulnerability in Frontend Filemanager (air_filemanager) 0.6.1 and earlier extension for TYPO3 allows remote attackers to execute arbitrary commands via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2008-6685
|
2009-08-19 14:24 |
2009-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266516
|
- |
|
sophos
|
anti-virus
anti-virus7.6.3
|
Sophos Anti-Virus for Windows before 7.6.3, Anti-Virus for Windows NT/9x before 4.7.18, Anti-Virus for OS X before 4.9.18, Anti-Virus for Linux before 6.4.5, Anti-Virus for UNIX before 7.0.5, Anti-Vi…
|
CWE-399
Resource Management Errors
|
CVE-2008-6903
|
2009-08-19 14:24 |
2009-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266517
|
- |
|
ezphotogallery
|
ezphotogallery
|
SQL injection vulnerability in gallery.php in Easy Photo Gallery (aka Ezphotogallery) 2.1 allows remote attackers to execute arbitrary SQL commands via the password parameter. NOTE: the provenance o…
|
CWE-89
SQL Injection
|
CVE-2008-6990
|
2009-08-19 14:24 |
2009-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266518
|
- |
|
php
|
php
|
PHP 5.2.5 does not enforce (a) open_basedir and (b) safe_mode_exec_dir restrictions for certain functions, which might allow local users to bypass intended access restrictions and call programs outsi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7002
|
2009-08-19 14:24 |
2009-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266519
|
- |
|
fr.simon_rundell
|
pd_churchsearch
|
SQL injection vulnerability in the Diocese of Portsmouth Church Search (pd_churchsearch) extension before 0.1.1, and 0.2.10 and earlier 0.2.x versions, an extension for TYPO3, allows remote attackers…
|
CWE-89
SQL Injection
|
CVE-2008-6463
|
2009-08-19 14:23 |
2009-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266520
|
- |
|
apache
|
struts
|
Multiple directory traversal vulnerabilities in Apache Struts 2.0.x before 2.0.12 and 2.1.x before 2.1.3 allow remote attackers to read arbitrary files via a ..%252f (encoded dot dot slash) in a URI …
|
CWE-22
Path Traversal
|
CVE-2008-6505
|
2009-08-19 14:23 |
2009-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
