|
266421
|
- |
|
wowbb
|
wowbb_web_forum
|
Multiple SQL injection vulnerabilities in WowBB Forum 1.61 allow remote attackers to execute arbitrary SQL commands via the (1) sort_by or (2) page parameters to view_user.php, or the (3) forum_id pa…
|
NVD-CWE-Other
|
CVE-2004-2181
|
2009-06-25 13:25 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266422
|
- |
|
openssl
|
openssl
|
OpenSSL, probably 0.9.6, does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-mid…
|
CWE-287
Improper Authentication
|
CVE-2009-0653
|
2009-06-25 13:00 |
2009-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266423
|
- |
|
4homepages
|
4images
|
Directory traversal vulnerability in global.php in 4images before 1.7.7, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversa…
|
CWE-22
Path Traversal
|
CVE-2009-2132
|
2009-06-25 13:00 |
2009-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266424
|
- |
|
sugarcrm
|
sugarcrm
|
Unrestricted file upload vulnerability in the Compose Email feature in the Emails module in Sugar Community Edition (aka SugarCRM) before 5.2f allows remote authenticated users to execute arbitrary c…
|
NVD-CWE-Other
|
CVE-2009-2146
|
2009-06-25 13:00 |
2009-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266425
|
- |
|
sun
|
opensolaris
solaris
|
Multiple memory leaks in the (1) IP and (2) IPv6 multicast implementation in the kernel in Sun Solaris 10, and OpenSolaris snv_67 through snv_93, allow local users to cause a denial of service (memor…
|
CWE-399
Resource Management Errors
|
CVE-2009-2187
|
2009-06-25 13:00 |
2009-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266426
|
- |
|
gupnp
|
gupnp
|
GUPnP 0.12.7 allows remote attackers to cause a denial of service (crash) via an empty (1) subscription or (2) control message.
|
NVD-CWE-Other
|
CVE-2009-2174
|
2009-06-25 03:52 |
2009-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266427
|
- |
|
irfanview
|
irfanview
|
Integer overflow in IrfanView 4.23, when the resampling or screen fitting option is enabled, allows remote attackers to execute arbitrary code via a crafted TIFF 1 BPP image, which triggers a heap-ba…
|
CWE-94
Code Injection
|
CVE-2009-2118
|
2009-06-24 14:34 |
2009-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266428
|
- |
|
foxitsoftware
|
foxit_reader
jpeg2000\/jbig2_decoder_add-on
|
The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for Foxit Reader 3.0 before Build 1817 does not properly handle a negative value for the stream offset in a JPEG2000 (aka JPX) stream, whic…
|
CWE-189
Numeric Errors
|
CVE-2009-0690
|
2009-06-24 13:00 |
2009-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266429
|
- |
|
mahara
|
mahara
|
Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.0 before 1.0.12 and 1.1 before 1.1.5 allow remote attackers to inject arbitrary web script or HTML via unknown vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2009-2170
|
2009-06-24 13:00 |
2009-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266430
|
- |
|
mahara
|
mahara
|
Mahara 1.1 before 1.1.5 does not apply permission checks when saving a view that contains artefacts, which allows remote authenticated users to read another user's artefact.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-2171
|
2009-06-24 13:00 |
2009-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
