270481
|
- |
|
tftgallery
|
tftgallery
|
Cross-site scripting (XSS) vulnerability in index.php in TFTgallery 0.13 allows remote attackers to inject arbitrary web script or HTML via the album parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-3833
|
2009-11-3 00:30 |
2009-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270482
|
- |
|
systemtap
|
systemtap
|
SystemTap 1.0, when the --unprivileged option is used, does not properly restrict certain data sizes, which allows local users to (1) cause a denial of service or gain privileges via a print operatio…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-2911
|
2009-10-31 15:22 |
2009-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270483
|
- |
|
craig_barratt
|
backuppc
|
CgiUserConfigEdit in BackupPC 3.1.0, when SSH keys and Rsync are in use in a multi-user environment, does not restrict users from the ClientNameAlias function, which allows remote authenticated users…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-3369
|
2009-10-31 15:22 |
2009-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270484
|
- |
|
dec
|
dec_openvms
|
Vulnerability in Monitor utility (SYS$SHARE:SPISHR.EXE) in VMS 5.0 through 5.4-2 allows local users to gain privileges.
|
NVD-CWE-Other
|
CVE-1999-1395
|
2009-10-31 13:02 |
1992-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270485
|
- |
|
mutt
|
mutt
|
mutt_ssl.c in mutt 1.5.19 and 1.5.20, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows ma…
|
CWE-310
Cryptographic Issues
|
CVE-2009-3765
|
2009-10-29 13:00 |
2009-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270486
|
- |
|
ibm
|
lotus_connections
|
Multiple cross-site scripting (XSS) vulnerabilities in Activities pages in the Mobile subsystem in IBM Lotus Connections 2.5.0.0 allow remote attackers to inject arbitrary web script or HTML via unsp…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3816
|
2009-10-28 19:30 |
2009-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270487
|
- |
|
ordasoft
|
com_booklibrary
|
PHP remote file inclusion vulnerability in doc/releasenote.php in the BookLibrary (com_booklibrary) component 1.0 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mo…
|
CWE-94
Code Injection
|
CVE-2009-3817
|
2009-10-28 19:30 |
2009-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270488
|
- |
|
stanislas_rolland
|
sr_freecap
|
Unspecified vulnerability in the session handling feature in freeCap CAPTCHA (sr_freecap) extension 1.2.0 and earlier for TYPO3 has unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2009-3818
|
2009-10-28 19:30 |
2009-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270489
|
- |
|
fijiwebdesign
|
com_ajaxchat
|
PHP remote file inclusion vulnerability in Fiji Web Design Ajax Chat (com_ajaxchat) component 1.0 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[mosConfig_…
|
CWE-94
Code Injection
|
CVE-2009-3822
|
2009-10-28 19:30 |
2009-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270490
|
- |
|
opendocman
|
opendocman
|
SQL injection vulnerability in index.php in OpenDocMan 1.2.5 allows remote attackers to execute arbitrary SQL commands via the frmpass (aka Password) parameter. NOTE: the provenance of this informat…
|
CWE-89
SQL Injection
|
CVE-2009-3801
|
2009-10-28 13:00 |
2009-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|