|
267511
|
- |
|
almondsoft
|
affiliate_network_classifieds
almond_classifieds
|
Cross-site scripting (XSS) vulnerability in index.php in AlmondSoft Almond Classifieds Ads Enterprise and Almond Affiliate Network Classifieds allows remote attackers to inject arbitrary web script o…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3227
|
2009-09-17 13:00 |
2009-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267512
|
- |
|
lantronix
|
mss485-t
|
Lantronix MSS485-T allows remote attackers to cause a denial of service (unstable performance and service loss) via certain vulnerability scans, as demonstrated using (1) Nessus and (2) nmap.
|
CWE-399
Resource Management Errors
|
CVE-2008-7201
|
2009-09-17 13:00 |
2009-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267513
|
- |
|
mozilla
|
firefox
|
Integer overflow in Apple CoreGraphics, as used in Safari before 4.0.3, Mozilla Firefox before 3.0.12, and Mac OS X 10.4.11 and 10.5.8, allows remote attackers to cause a denial of service (applicati…
|
CWE-189
Numeric Errors
|
CVE-2009-2468
|
2009-09-16 14:32 |
2009-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267514
|
- |
|
php
|
php
|
The php_zip_make_relative_path function in php_zip.c in PHP 5.2.x before 5.2.9 allows context-dependent attackers to cause a denial of service (crash) via a ZIP file that contains filenames with rela…
|
CWE-20
Improper Input Validation
|
CVE-2009-1272
|
2009-09-16 14:30 |
2009-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267515
|
- |
|
clamav
|
clamav
|
The CLI_ISCONTAINED macro in libclamav/others.h in ClamAV before 0.95.1 allows remote attackers to cause a denial of service (application crash) via a malformed file with UPack encoding.
|
CWE-20
Improper Input Validation
|
CVE-2009-1371
|
2009-09-16 14:30 |
2009-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267516
|
- |
|
clamav
|
clamav
|
Stack-based buffer overflow in the cli_url_canon function in libclamav/phishcheck.c in ClamAV before 0.95.1 allows remote attackers to cause a denial of service (application crash) and possibly execu…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-1372
|
2009-09-16 14:30 |
2009-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267517
|
- |
|
stanford
|
webauth
|
weblogin/login.fcgi (aka the WebLogin login script) in Stanford University WebAuth 3.5.5, 3.6.0, and 3.6.1 places passwords in URLs in certain circumstances involving conversion of a POST request to …
|
CWE-255
Credentials Management
|
CVE-2009-2945
|
2009-09-16 13:00 |
2009-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267518
|
- |
|
mozilla
|
bugzilla
|
SQL injection vulnerability in the Bug.search WebService function in Bugzilla 3.3.2 through 3.4.1, and 3.5, allows remote attackers to execute arbitrary SQL commands via unspecified parameters.
|
CWE-89
SQL Injection
|
CVE-2009-3125
|
2009-09-16 13:00 |
2009-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267519
|
- |
|
mozilla
|
bugzilla
|
SQL injection vulnerability in the Bug.create WebService function in Bugzilla 2.23.4 through 3.0.8, 3.1.1 through 3.2.4, and 3.3.1 through 3.4.1 allows remote attackers to execute arbitrary SQL comma…
|
CWE-89
SQL Injection
|
CVE-2009-3165
|
2009-09-16 13:00 |
2009-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267520
|
- |
|
videogirls
|
videogirls_biz
|
Multiple cross-site scripting (XSS) vulnerabilities in VideoGirls BiZ allow remote attackers to inject arbitrary web script or HTML via the (1) t parameter to forum.php, (2) profile_name parameter to…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3186
|
2009-09-16 13:00 |
2009-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
