271101
|
- |
|
twiki
|
twiki
|
Eval injection vulnerability in TWiki before 4.2.4 allows remote attackers to execute arbitrary Perl code via the %SEARCH{}% variable.
|
CWE-94
Code Injection
|
CVE-2008-5305
|
2009-03-3 16:00 |
2008-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271102
|
- |
|
weber-ebusiness
|
wes_facilities
|
SQL injection vulnerability in the WEBERkommunal Facilities (wes_facilities) extension 2.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2008-6338
|
2009-03-2 14:00 |
2009-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271103
|
- |
|
mathieu_vidal
|
mv_vox_populi
|
Cross-site scripting (XSS) vulnerability in the Vox populi (mv_vox_populi) extension 0.3.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2008-6340
|
2009-03-2 14:00 |
2009-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271104
|
- |
|
typo3
|
sb_universal_plugin
|
Cross-site scripting (XSS) vulnerability in the SB Universal Plugin (SBuniplug) extension 2.0.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified ve…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6341
|
2009-03-2 14:00 |
2009-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271105
|
- |
|
lobacher_patrick
|
simplefilebrowser
|
Unspecified vulnerability in the TYPO3 Simple File Browser (simplefilebrowser) extension 1.0.2 and earlier allows remote attackers to obtain sensitive information via unknown attack vectors.
|
NVD-CWE-noinfo CWE-200
Information Exposure
|
CVE-2008-6342
|
2009-03-2 14:00 |
2009-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271106
|
- |
|
typo3
|
tu-clausthal_odin
|
Cross-site scripting (XSS) vulnerability in the TU-Clausthal ODIN (tuc_odin) extension 0.0.1, 0.1.0, 0.1.1, and 0.2.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unsp…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6343
|
2009-03-2 14:00 |
2009-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271107
|
- |
|
typo3
|
tu-clausthal_staff
|
SQL injection vulnerability in the TU-Clausthal Staff (tuc_staff) 0.3.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2008-6344
|
2009-03-2 14:00 |
2009-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271108
|
- |
|
dennis_royer
|
dr_wiki
|
Cross-site scripting (XSS) vulnerability in the DR Wiki (dr_wiki) extension 1.7.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2008-6346
|
2009-03-2 14:00 |
2009-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271109
|
- |
|
cisco
|
application_control_engine_module
|
Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.1) uses default (1) usernames and (2) passwords for (a) the administrator and (b) web management, w…
|
CWE-255
Credentials Management
|
CVE-2009-0620
|
2009-02-27 14:00 |
2009-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271110
|
- |
|
cisco
|
ace_4710
|
Cisco ACE 4710 Application Control Engine Appliance before A1(8a) uses default (1) usernames and (2) passwords for (a) the administrator, (b) web management, and (c) device management, which makes it…
|
CWE-16
Configuration
|
CVE-2009-0621
|
2009-02-27 14:00 |
2009-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|