|
266711
|
- |
|
dotnetnuke
|
dotnetnuke
|
Unspecified vulnerability in DotNetNuke 4.5.2 through 4.9 allows remote attackers to "add additional roles to their user account" via unknown attack vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6399
|
2009-03-6 14:00 |
2009-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266712
|
- |
|
mihai_bazon
|
pical
|
Cross-site scripting (XSS) vulnerability in piCal 0.91h and earlier, a module for XOOPS, allows remote attackers to inject arbitrary web script or HTML via the event_id parameter in index.php.
|
CWE-79
Cross-site Scripting
|
CVE-2009-0805
|
2009-03-5 14:00 |
2009-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266713
|
- |
|
opengoo
|
opengoo
|
Unspecified vulnerability in OpenGoo before 1.2.1 allows remote authenticated users to modify their own permissions via unknown attack vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-0806
|
2009-03-5 14:00 |
2009-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266714
|
- |
|
php.brickhost
|
phpscheduleit
|
Multiple eval injection vulnerabilities in phpScheduleIt before 1.2.11 allow remote attackers to execute arbitrary code via (1) the end_date parameter to reserve.php and (2) the start_date and end_da…
|
CWE-94
Code Injection
|
CVE-2009-0820
|
2009-03-5 14:00 |
2009-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266715
|
- |
|
mozilla
|
firefox
|
Mozilla Firefox 2.0.0.20 and earlier allows remote attackers to cause a denial of service (application crash) via nested calls to the window.print function, as demonstrated by a window.print(window.p…
|
CWE-399
Resource Management Errors
|
CVE-2009-0821
|
2009-03-5 14:00 |
2009-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266716
|
- |
|
ibm
|
aix
|
Buffer overflow in pppdial in IBM AIX 5.3 and 6.1 allows local users to gain privileges via a long "input string."
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-0779
|
2009-03-4 20:30 |
2009-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266717
|
- |
|
sixapart
|
movable_type
|
Unspecified vulnerability in Movable Type Pro and Community Solution 4.x before 4.24 has unknown impact and attack vectors, possibly related to the password recovery mechanism.
|
NVD-CWE-noinfo
|
CVE-2009-0752
|
2009-03-4 14:00 |
2009-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266718
|
- |
|
cisco
|
application_control_engine_device_manager
application_networking_manager
|
Directory traversal vulnerability in Cisco Application Networking Manager (ANM) before 2.0 and Application Control Engine (ACE) Device Manager before A3(2.1) allows remote authenticated users to read…
|
CWE-22
Path Traversal
|
CVE-2009-0615
|
2009-03-3 16:04 |
2009-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266719
|
- |
|
cisco
|
application_networking_manager
|
Cisco Application Networking Manager (ANM) before 2.0 uses default usernames and passwords, which makes it easier for remote attackers to access the application, or cause a denial of service via conf…
|
CWE-255
Credentials Management
|
CVE-2009-0616
|
2009-03-3 16:04 |
2009-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266720
|
- |
|
cisco
|
application_networking_manager
|
Cisco Application Networking Manager (ANM) before 2.0 uses a default MySQL root password, which makes it easier for remote attackers to execute arbitrary operating-system commands or change system fi…
|
CWE-255
Credentials Management
|
CVE-2009-0617
|
2009-03-3 16:04 |
2009-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
