|
267411
|
- |
|
mediawiki
|
mediawiki
|
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.6.11, 1.12.x before 1.12.2, and 1.13.x before 1.13.3, when Internet Explorer is used and uploads are enabled, or an SVG scripting browse…
|
CWE-79
Cross-site Scripting
|
CVE-2008-5250
|
2009-10-14 14:17 |
2008-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267412
|
- |
|
mediawiki
|
mediawiki
|
Cross-site request forgery (CSRF) vulnerability in the Special:Import feature in MediaWiki 1.3.0 through 1.6.10, 1.12.x before 1.12.2, and 1.13.x before 1.13.3 allows remote attackers to perform unsp…
|
CWE-352
Origin Validation Error
|
CVE-2008-5252
|
2009-10-14 14:17 |
2008-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267413
|
- |
|
navision
|
financials_server
|
Integer overflow in the ktruser function in NetBSD-current before 20061022, NetBSD 3 and 3-0 before 20061024, and NetBSD 2 before 20070209, when the kernel is built with the COMPAT_FREEBSD or COMPAT_…
|
NVD-CWE-Other
|
CVE-2007-1273
|
2009-10-14 13:56 |
2007-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267414
|
- |
|
vmware
|
server
|
Unspecified vulnerability in VMware Server before 1.0.4 causes user passwords to be recorded in cleartext in server logs, which might allow local users to gain privileges.
|
NVD-CWE-noinfo
|
CVE-2007-5619
|
2009-10-14 13:00 |
2007-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267415
|
- |
|
apple
|
mac_os_x
|
Mac OS X 10.3.9 and earlier allows users to install, create, and execute setuid/setgid scripts, contrary to the intended design, which may allow attackers to conduct unauthorized activities with esca…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2005-0970
|
2009-10-14 13:00 |
2005-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267416
|
- |
|
sips
|
sips
|
Unspecified vulnerability in Haakon Nilsen simple, integrated publishing system (SIPS) before 0.2.4 has an unknown impact and attack vectors, related to a "grave security fault."
|
NVD-CWE-noinfo
|
CVE-2000-1241
|
2009-10-14 13:00 |
2000-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267417
|
- |
|
netgear
|
fm114p
|
NETGEAR FM114P allows remote attackers to bypass access restrictions for web sites via a URL that uses the IP address instead of the hostname.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2002-1877
|
2009-10-14 13:00 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267418
|
- |
|
persits
hp
|
xupload
loadrunner
|
Directory traversal vulnerability in the Persits.XUpload.2 ActiveX control (XUpload.ocx) in HP LoadRunner 9.5 allows remote attackers to create arbitrary files via \.. (backwards slash dot dot) seque…
|
CWE-22
Path Traversal
|
CVE-2009-3693
|
2009-10-13 19:30 |
2009-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267419
|
- |
|
roshan_shah
|
subdomain_manager
|
Multiple unspecified vulnerabilities in the Subdomain Manager module for Drupal have unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2009-3350
|
2009-10-12 13:00 |
2009-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267420
|
- |
|
frontrange
|
heat
|
Multiple SQL injection vulnerabilities in the Call Logging feature in FrontRange HEAT 8.01 allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters.
|
CWE-89
SQL Injection
|
CVE-2009-3642
|
2009-10-12 13:00 |
2009-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
