270661
|
- |
|
htmldoc
|
htmldoc
|
Buffer overflow in the set_page_size function in util.cxx in HTMLDOC 1.8.27 and earlier allows context-dependent attackers to execute arbitrary code via a long MEDIA SIZE comment. NOTE: it was later…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-3050
|
2009-09-10 13:00 |
2009-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270662
|
- |
|
oxidforge
|
oxid_eshop oxid_eshop4.0.0.2_14967
|
Unspecified vulnerability in OXID eShop Professional, Enterprise, and Community Edition before 4.1.0 allows remote attackers to gain administrator privileges and access the shop backend via a crafted…
|
NVD-CWE-noinfo
|
CVE-2009-3112
|
2009-09-10 13:00 |
2009-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270663
|
- |
|
oxid
|
eshop
|
Unspecified vulnerability in OXID eShop Professional, Enterprise, and Community Edition before 4.1.2, 3.x, and 2.x allows remote attackers to gain write access to product reviews via a crafted parame…
|
NVD-CWE-noinfo
|
CVE-2009-3113
|
2009-09-10 13:00 |
2009-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270664
|
- |
|
danneo
|
cms
|
SQL injection vulnerability in mod/poll/comment.php in the vote module in Danneo CMS 0.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the comtext parameter, in conjunct…
|
CWE-89
SQL Injection
|
CVE-2009-3118
|
2009-09-10 13:00 |
2009-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270665
|
- |
|
x-iweb.ru
|
download_system_msf
|
SQL injection vulnerability in screen.php in the Download System mSF (dsmsf) module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the view_id parameter.
|
CWE-89
SQL Injection
|
CVE-2009-3119
|
2009-09-10 13:00 |
2009-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270666
|
- |
|
bigace
|
bigace
|
Cross-site scripting (XSS) vulnerability in public/index.php in BIGACE Web CMS 2.6 allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: some of these details ar…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3120
|
2009-09-10 13:00 |
2009-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270667
|
- |
|
ipmotor
|
quarkmail
|
Directory traversal vulnerability in get_message.cgi in QuarkMail allows remote attackers to read arbitrary files via a .. (dot dot) in the tf parameter.
|
CWE-22
Path Traversal
|
CVE-2009-3124
|
2009-09-10 13:00 |
2009-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270668
|
- |
|
bastian_blumentritt
|
local_media_browser
|
Multiple unspecified vulnerabilities in Local Media Browser before 0.1 have unknown impact and attack vectors related to "Security holes."
|
NVD-CWE-noinfo
|
CVE-2008-7189
|
2009-09-10 13:00 |
2009-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270669
|
- |
|
adium
|
adium
|
Unspecified vulnerability in Adium before 1.2 has unknown impact and attack vectors related to javascript: URLs, possibly cross-site scripting (XSS).
|
NVD-CWE-noinfo
|
CVE-2008-7190
|
2009-09-10 13:00 |
2009-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270670
|
- |
|
pps.jussieu
|
polipo
|
Unspecified vulnerability in Polipo before 1.0.4 allows remote attackers to cause a denial of service (crash) via a long request URL.
|
NVD-CWE-noinfo
|
CVE-2008-7191
|
2009-09-10 13:00 |
2009-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|