267181
|
- |
|
webtrends
|
reporting_center
|
WebTrends Reporting Center 4.0d allows remote attackers to determine the real path of the web server via a GET request to get_od_toc.pl with an empty Profile parameter, which leaks the pathname in an…
|
CWE-200
Information Exposure
|
CVE-2002-0596
|
2010-01-16 14:00 |
2002-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267182
|
- |
|
fedoraproject
|
sssd
|
System Security Services Daemon (SSSD) before 1.0.1, when the krb5 auth_provider is configured but the KDC is unreachable, allows physically proximate attackers to authenticate, via an arbitrary pass…
|
CWE-287
Improper Authentication
|
CVE-2010-0014
|
2010-01-15 14:00 |
2010-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267183
|
- |
|
sap
|
sap_kernel
|
Unspecified vulnerability in sapstartsrv.exe in the SAP Kernel 6.40, 7.00, 7.01, 7.10, 7.11, and 7.20, as used in SAP NetWeaver 7.x and SAP Web Application Server 6.x and 7.x, allows remote attackers…
|
NVD-CWE-noinfo
|
CVE-2009-4603
|
2010-01-13 22:33 |
2010-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267184
|
- |
|
zeeways
|
zeejobsite
|
Cross-site scripting (XSS) vulnerability in basic_search_result.php in Zeeways ZeeJobsite 3x allows remote attackers to inject arbitrary web script or HTML via the title parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4601
|
2010-01-13 22:15 |
2010-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267185
|
- |
|
phpwares
|
php_inventory
|
SQL injection vulnerability in index.php in PHP Inventory 1.2 allows remote authenticated users to execute arbitrary SQL commands via the sup_id parameter in a suppliers details action. NOTE: the pr…
|
CWE-89
SQL Injection
|
CVE-2009-4595
|
2010-01-13 14:00 |
2010-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267186
|
- |
|
drupal
|
randomizer
|
Cross-site scripting (XSS) vulnerability in the Randomizer module 5.x through 5.x-1.0 and 6.x through 6.x-1.0, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via …
|
CWE-79
Cross-site Scripting
|
CVE-2009-4602
|
2010-01-13 14:00 |
2010-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267187
|
- |
|
zabbix
|
zabbix
|
The process_trap function in trapper/trapper.c in Zabbix Server before 1.6.6 allows remote attackers to cause a denial of service (crash) via a crafted request with data that lacks an expected : (col…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-4500
|
2010-01-12 14:00 |
2010-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267188
|
- |
|
sun
|
java_system_web_server
|
Unspecified vulnerability in Sun Java System Web Server 7.0 Update 6 on Linux allows remote attackers to execute arbitrary code by sending a process memory address and crafted data to TCP port 80, as…
|
NVD-CWE-noinfo
|
CVE-2010-0273
|
2010-01-11 22:37 |
2010-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267189
|
- |
|
adobe
|
illustrator
|
Buffer overflow in Adobe Illustrator CS3 13.0.3 and earlier and Illustrator CS4 14.0.0 allows attackers to execute arbitrary code via unspecified vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-3952
|
2010-01-11 21:25 |
2010-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267190
|
- |
|
astha_bhatnagar
|
shindigintegrator
|
Cross-site scripting (XSS) vulnerability in the OpenSocial Shindig-Integrator module 5.x and 6.x before 6.x-2.1, a module for Drupal, allows remote authenticated users, with "create application" priv…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4514
|
2010-01-11 14:00 |
2010-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|