266381
|
- |
|
clamav
|
clamav
|
Stack-based buffer overflow in the cli_url_canon function in libclamav/phishcheck.c in ClamAV before 0.95.1 allows remote attackers to cause a denial of service (application crash) and possibly execu…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-1372
|
2009-09-16 14:30 |
2009-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266382
|
- |
|
stanford
|
webauth
|
weblogin/login.fcgi (aka the WebLogin login script) in Stanford University WebAuth 3.5.5, 3.6.0, and 3.6.1 places passwords in URLs in certain circumstances involving conversion of a POST request to …
|
CWE-255
Credentials Management
|
CVE-2009-2945
|
2009-09-16 13:00 |
2009-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266383
|
- |
|
mozilla
|
bugzilla
|
SQL injection vulnerability in the Bug.search WebService function in Bugzilla 3.3.2 through 3.4.1, and 3.5, allows remote attackers to execute arbitrary SQL commands via unspecified parameters.
|
CWE-89
SQL Injection
|
CVE-2009-3125
|
2009-09-16 13:00 |
2009-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266384
|
- |
|
mozilla
|
bugzilla
|
SQL injection vulnerability in the Bug.create WebService function in Bugzilla 2.23.4 through 3.0.8, 3.1.1 through 3.2.4, and 3.3.1 through 3.4.1 allows remote attackers to execute arbitrary SQL comma…
|
CWE-89
SQL Injection
|
CVE-2009-3165
|
2009-09-16 13:00 |
2009-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266385
|
- |
|
videogirls
|
videogirls_biz
|
Multiple cross-site scripting (XSS) vulnerabilities in VideoGirls BiZ allow remote attackers to inject arbitrary web script or HTML via the (1) t parameter to forum.php, (2) profile_name parameter to…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3186
|
2009-09-16 13:00 |
2009-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266386
|
- |
|
standalonearcade
|
saa
|
Cross-site scripting (XSS) vulnerability in gamelist.php in Stand Alone Arcade 1.1 allows remote attackers to inject arbitrary web script or HTML via the cat parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-3187
|
2009-09-16 13:00 |
2009-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266387
|
- |
|
digioz
|
digioz_guestbook
|
Cross-site scripting (XSS) vulnerability in search.php in DigiOz Guestbook 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the search_term parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-3189
|
2009-09-16 13:00 |
2009-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266388
|
- |
|
jce-tech
|
searchfeed_script
|
Cross-site scripting (XSS) vulnerability in index.php in JCE-Tech SearchFeed Script allows remote attackers to inject arbitrary web script or HTML via the search parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-3194
|
2009-09-16 13:00 |
2009-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266389
|
- |
|
jce-tech
|
auction_rss_content_script
|
Multiple cross-site scripting (XSS) vulnerabilities in JCE-Tech Auction RSS Content Script 3.0 allow remote attackers to inject arbitrary web script or HTML via the id parameter to (1) rss.php and (2…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3195
|
2009-09-16 13:00 |
2009-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266390
|
- |
|
jce-tech
|
php_video_script
|
Cross-site scripting (XSS) vulnerability in index.php in JCE-Tech PHP Video Script allows remote attackers to inject arbitrary web script or HTML via the key parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-3196
|
2009-09-16 13:00 |
2009-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|