|
267771
|
- |
|
microsoft
|
windows_2003_server
windows_vista
|
win32k.sys in Microsoft Windows Server 2003 and Vista allows local users to cause a denial of service (system crash) via vectors related to CreateWindow, TranslateMessage, and DispatchMessage, possib…
|
CWE-362
Race Condition
|
CVE-2008-6819
|
2009-06-29 13:00 |
2009-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267772
|
- |
|
peter_wolanin
|
openid
|
Cross-site scripting (XSS) vulnerability in OpenID 5.x before 5.x-1.2, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2008-6835
|
2009-06-29 13:00 |
2009-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267773
|
- |
|
peter_wolanin
|
openid
|
Cross-site request forgery (CSRF) vulnerability in OpenID 5.x before 5x.-1.2, a module for Drupal, allows remote attackers to hijack the authentication of unspecified victims to delete OpenID identit…
|
CWE-352
Origin Validation Error
|
CVE-2008-6836
|
2009-06-29 13:00 |
2009-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267774
|
- |
|
foxitsoftware
|
jpeg2000_jbig2_decoder_add-on
foxit_reader
|
The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for Foxit Reader 3.0 before Build 1817 does not properly handle a fatal error during decoding of a JPEG2000 (aka JPX) header, which allows …
|
CWE-399
Resource Management Errors
|
CVE-2009-0691
|
2009-06-26 13:00 |
2009-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267775
|
- |
|
serendipitynz
|
serene_bach
|
SerendipityNZ (aka SimpleBoxes) Serene Bach 2.20R and earlier, and 3.00 beta023 and earlier 3.x versions, uses a predictable session id, which makes it easier for remote attackers to hijack sessions …
|
NVD-CWE-Other
|
CVE-2009-2165
|
2009-06-26 13:00 |
2009-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267776
|
- |
|
urdland
|
urd
|
Multiple cross-site scripting (XSS) vulnerabilities in URD before 0.6.2 allow remote attackers to inject arbitrary web script or HTML via vectors related to the fatal_error page and unspecified other…
|
CWE-79
Cross-site Scripting
|
CVE-2009-2215
|
2009-06-26 13:00 |
2009-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267777
|
- |
|
wowbb
|
wowbb_web_forum
|
Multiple SQL injection vulnerabilities in WowBB Forum 1.61 allow remote attackers to execute arbitrary SQL commands via the (1) sort_by or (2) page parameters to view_user.php, or the (3) forum_id pa…
|
NVD-CWE-Other
|
CVE-2004-2181
|
2009-06-25 13:25 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267778
|
- |
|
openssl
|
openssl
|
OpenSSL, probably 0.9.6, does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-mid…
|
CWE-287
Improper Authentication
|
CVE-2009-0653
|
2009-06-25 13:00 |
2009-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267779
|
- |
|
4homepages
|
4images
|
Directory traversal vulnerability in global.php in 4images before 1.7.7, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversa…
|
CWE-22
Path Traversal
|
CVE-2009-2132
|
2009-06-25 13:00 |
2009-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267780
|
- |
|
sugarcrm
|
sugarcrm
|
Unrestricted file upload vulnerability in the Compose Email feature in the Emails module in Sugar Community Edition (aka SugarCRM) before 5.2f allows remote authenticated users to execute arbitrary c…
|
NVD-CWE-Other
|
CVE-2009-2146
|
2009-06-25 13:00 |
2009-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
