|
266601
|
- |
|
mozilla
|
bugzilla
|
Bugzilla 2.x before 2.22.7, 3.0 before 3.0.7, 3.2 before 3.2.1, and 3.3 before 3.3.2 allows remote authenticated users to conduct cross-site scripting (XSS) and related attacks by uploading HTML and …
|
CWE-79
Cross-site Scripting
|
CVE-2009-0481
|
2009-03-25 14:50 |
2009-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266602
|
- |
|
mozilla
|
bugzilla
|
Cross-site request forgery (CSRF) vulnerability in Bugzilla before 3.2 before 3.2.1, 3.3 before 3.3.2, and other versions before 3.2 allows remote attackers to perform bug updating activities as othe…
|
CWE-352
Origin Validation Error
|
CVE-2009-0482
|
2009-03-25 14:50 |
2009-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266603
|
- |
|
mozilla
|
bugzilla
|
Cross-site request forgery (CSRF) vulnerability in Bugzilla 2.22 before 2.22.7, 3.0 before 3.0.7, 3.2 before 3.2.1, and 3.3 before 3.3.2 allows remote attackers to delete keywords and user preference…
|
CWE-352
Origin Validation Error
|
CVE-2009-0483
|
2009-03-25 14:50 |
2009-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266604
|
- |
|
mozilla
|
bugzilla
|
Cross-site request forgery (CSRF) vulnerability in Bugzilla 3.0 before 3.0.7, 3.2 before 3.2.1, and 3.3 before 3.3.2 allows remote attackers to delete shared or saved searches via a link or IMG tag t…
|
CWE-352
Origin Validation Error
|
CVE-2009-0484
|
2009-03-25 14:50 |
2009-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266605
|
- |
|
mozilla
|
bugzilla
|
Cross-site request forgery (CSRF) vulnerability in Bugzilla 2.17 to 2.22.7, 3.0 before 3.0.7, 3.2 before 3.2.1, and 3.3 before 3.3.2 allows remote attackers to delete unused flag types via a link or …
|
CWE-352
Origin Validation Error
|
CVE-2009-0485
|
2009-03-25 14:50 |
2009-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266606
|
- |
|
mozilla
|
bugzilla
|
Bugzilla 3.2.1, 3.0.7, and 3.3.2, when running under mod_perl, calls the srand function at startup time, which causes Apache children to have the same seed and produce insufficiently random numbers f…
|
CWE-352
Origin Validation Error
|
CVE-2009-0486
|
2009-03-25 14:50 |
2009-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266607
|
- |
|
zipgenius
|
zipgenius
|
Multiple stack-based buffer overflows in ZipGenius 5.5.1.468 and 6.0.2.1041, and other versions before 6.0.2.1050, allow remote attackers to execute arbitrary code via (1) a ZIP archive that contains…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2005-3317
|
2009-03-25 13:00 |
2005-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266608
|
- |
|
phpbb
|
phpbb
|
Unspecified vulnerability in phpBB before 3.0.4 allows attackers to obtain sensitive information via unknown vectors related to the lack of password prompts for a private message that quotes a post i…
|
NVD-CWE-noinfo
|
CVE-2008-6507
|
2009-03-24 13:00 |
2009-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266609
|
- |
|
andrew_freed
|
quotebook
|
Multiple SQL injection vulnerabilities in QuoteBook allow remote attackers to execute arbitrary SQL commands via the (1) MyBox and (2) selectFavorites parameters to (a) quotes.php and the (3) QuoteNa…
|
CWE-89
SQL Injection
|
CVE-2009-0829
|
2009-03-21 14:55 |
2009-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266610
|
- |
|
andrew_freed
|
quotebook
|
Cross-site scripting (XSS) vulnerability in QuoteBook allows remote attackers to inject arbitrary web script or HTML via the (1) QuoteName and (2) QuoteText parameters to quotesadd.php. NOTE: the pr…
|
CWE-79
Cross-site Scripting
|
CVE-2009-0830
|
2009-03-21 14:55 |
2009-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
