|
266481
|
- |
|
benjamin_curtis
|
phpbugtracker
|
SQL injection vulnerability in include.php in phpBugTracker 1.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: the provenance of this infor…
|
CWE-89
SQL Injection
|
CVE-2009-1851
|
2009-06-2 13:00 |
2009-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266482
|
- |
|
sun
|
iplanet_web_server
one_web_server
|
The default configuration of Sun ONE/iPlanet Web Server 4.1 SP1 through SP12 and 6.0 SP1 through SP5 responds to the HTTP TRACE request, which can allow remote attackers to steal information using cr…
|
CWE-16
Configuration
|
CVE-2004-2763
|
2009-06-2 13:00 |
2009-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266483
|
- |
|
sun
|
jmf
|
Sun Java Media Framework (JMF) 2.1.1 through 2.1.1c allows unsigned applets to cause a denial of service (JVM crash) and read or write unauthorized memory locations via the ReadEnv class, as demonstr…
|
NVD-CWE-noinfo
|
CVE-2003-1572
|
2009-06-2 13:00 |
2009-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266484
|
- |
|
nlnetlabs
|
nsd
|
Off-by-one error in the packet_read_query_section function in packet.c in nsd 3.2.1, and process_query_section in query.c in nsd 2.3.7, allows remote attackers to cause a denial of service (crash) an…
|
CWE-189
Numeric Errors
|
CVE-2009-1755
|
2009-05-29 13:00 |
2009-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266485
|
- |
|
chinagames
|
igame
|
Stack-based buffer overflow in the Chinagames CGAgent ActiveX control 1.x in CGAgent.dll, as distributed in Chinagames iGame 2009, allows remote attackers to execute arbitrary code via a long argumen…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-1800
|
2009-05-28 23:30 |
2009-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266486
|
- |
|
activecollab
|
activecollab
|
activeCollab 2.1 Corporate allows remote attackers to obtain sensitive information via an invalid re_route parameter to the login script, which reveals the installation path in an error message.
|
CWE-20
Improper Input Validation
|
CVE-2009-1773
|
2009-05-24 13:00 |
2009-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266487
|
- |
|
ulteo
|
open_virtual_desktop
|
Cross-site scripting (XSS) vulnerability in Ulteo Open Virtual Desktop 1.0 allows remote attackers to inject arbitrary web script or HTML via the error parameter to header.php. NOTE: the provenance …
|
CWE-79
Cross-site Scripting
|
CVE-2009-1785
|
2009-05-24 13:00 |
2009-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266488
|
- |
|
cisco
|
wvc54gca
|
The Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 sends configuration data in response to a Setup Wizard remote-management command, which allows remote attackers to o…
|
CWE-200
Information Exposure
|
CVE-2009-1555
|
2009-05-23 14:31 |
2009-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266489
|
- |
|
cisco
|
wvc54gca
|
img/main.cgi on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 allows remote authenticated users to read arbitrary files in img/ via a filename in the next_file pa…
|
CWE-200
Information Exposure
|
CVE-2009-1556
|
2009-05-23 14:31 |
2009-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266490
|
- |
|
cgi_rescue
|
cgi_web_mailer
|
CRLF injection vulnerability in CGI RESCUE Web Mailer before 1.04 allows remote attackers to inject arbitrary HTTP headers, and conduct cross-site scripting (XSS) or HTTP response splitting attacks, …
|
CWE-79
Cross-site Scripting
|
CVE-2009-1591
|
2009-05-23 14:31 |
2009-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
