|
266621
|
- |
|
miranda-im
|
miranda_im
|
Stack-based buffer overflow in Miranda IM 0.6.8 and 0.7.0 allows remote attackers to execute arbitrary code via a crafted Yahoo! Messenger packet. NOTE: this might overlap CVE-2007-5590.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-5543
|
2009-03-18 19:30 |
2009-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266622
|
- |
|
futomis_cgi_cafe
|
fulltext_search_cgi
|
Unspecified vulnerability in futomi's CGI Cafe Fulltext search CGI 1.1.2 allows remote attackers to gain administrative privileges via unknown vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-0469
|
2009-03-13 14:47 |
2009-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266623
|
- |
|
agavi
|
agavi
|
Cross-site scripting (XSS) vulnerability in the AgaviWebRouting::gen(null) method in Agavi 0.11 before 0.11.6 and 1.0 before 1.0.0 beta 8 allows remote attackers to inject arbitrary web script or HTM…
|
CWE-79
Cross-site Scripting
|
CVE-2009-0417
|
2009-03-13 14:46 |
2009-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266624
|
- |
|
graphicsmagick
|
graphicsmagick
|
Multiple unspecified vulnerabilities in GraphicsMagick before 1.1.14, and 1.2.x before 1.2.3, allow remote attackers to cause a denial of service (crash) via unspecified vectors in (1) XCF and (2) CI…
|
NVD-CWE-noinfo
|
CVE-2008-6072
|
2009-03-13 14:45 |
2009-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266625
|
- |
|
canon
|
i-sensys
imagepress
imagerunner
imagerunner_2620
imagerunner_5000i
imagerunner_5020
imagerunner_6870
imagerunner_8500
imagerunner_9070
imagerunner_c3200
imagerunner_c322…
|
The FTP print feature in multiple Canon printers, including imageRUNNER and imagePRESS, allow remote attackers to use the server as an inadvertent proxy via a modified PORT command, aka FTP bounce.
|
NVD-CWE-Other
|
CVE-2008-0303
|
2009-03-13 14:31 |
2008-02-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266626
|
- |
|
cerberus
webgroupmedia
|
cerberus_helpdesk
|
Cerberus Helpdesk before 4.0 (Build 600) allows remote attackers to obtain sensitive information via direct requests for "controllers ... that aren't standard helpdesk pages," possibly involving the …
|
CWE-287
Improper Authentication
|
CVE-2008-6440
|
2009-03-10 13:00 |
2009-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266627
|
- |
|
scriptsez
|
ez_php_comment
|
Cross-site scripting (XSS) vulnerability in ScriptsEz Ez PHP Comment allows remote attackers to inject arbitrary web script or HTML via the name parameter. NOTE: the provenance of this information i…
|
CWE-79
Cross-site Scripting
|
CVE-2009-0762
|
2009-03-6 15:50 |
2009-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266628
|
- |
|
bookelves
|
kipper
|
Directory traversal vulnerability in default.php in Kipper 2.01 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the configfile parameter. NO…
|
CWE-22
Path Traversal
|
CVE-2009-0766
|
2009-03-6 15:50 |
2009-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266629
|
- |
|
berkeley
|
boinc_client
|
The decrypt_public function in lib/crypt.cpp in the client in Berkeley Open Infrastructure for Network Computing (BOINC) 6.2.14 and 6.4.5 does not check the return value from the OpenSSL RSA_public_d…
|
CWE-287
Improper Authentication
|
CVE-2009-0126
|
2009-03-6 15:49 |
2009-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266630
|
- |
|
xchat
|
xchat
|
Untrusted search path vulnerability in the Python module in xchat allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerabil…
|
NVD-CWE-Other
|
CVE-2009-0315
|
2009-03-6 15:49 |
2009-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
