|
267871
|
- |
|
mitel
|
mitel_nupoint_messenger
|
The server in Mitel NuPoint Messenger R11 and R3 sends usernames and passwords in cleartext to Exchange servers, which allows remote attackers to obtain sensitive information by sniffing the network.
|
CWE-310
Cryptographic Issues
|
CVE-2008-6797
|
2009-05-8 13:00 |
2009-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267872
|
- |
|
phpexplorer
|
phphotogallery
|
Multiple SQL injection vulnerabilities in index.php in phPhotoGallery 0.92 allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields. NOTE: the provenance…
|
CWE-89
SQL Injection
|
CVE-2008-6802
|
2009-05-8 13:00 |
2009-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267873
|
- |
|
cisco
|
wrt54gc
|
Cross-site request forgery (CSRF) vulnerability in administration.cgi on the Cisco Linksys WRT54GC router with firmware 1.05.7 allows remote attackers to hijack the intranet connectivity of arbitrary…
|
CWE-352
Origin Validation Error
|
CVE-2009-1561
|
2009-05-7 13:00 |
2009-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267874
|
- |
|
beltane
|
beltane
|
Cross-site request forgery (CSRF) vulnerability in Beltane before 2.3.11 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. NOTE: the provenance of this…
|
CWE-352
Origin Validation Error
|
CVE-2009-1518
|
2009-05-5 13:00 |
2009-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267875
|
- |
|
abe_timmerman
|
zml.cgi
|
Directory traversal vulnerability in zml.cgi allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
|
NVD-CWE-Other
|
CVE-2001-1209
|
2009-04-30 13:08 |
2001-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267876
|
- |
|
gecad
|
axigen_mail_server
|
Cross-site scripting (XSS) vulnerability in the web mail interface feature in AXIGEN Mail Server 6.2.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving…
|
CWE-79
Cross-site Scripting
|
CVE-2009-1484
|
2009-04-30 03:30 |
2009-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267877
|
- |
|
apache
|
tiles
|
Apache Tiles 2.1 before 2.1.2, as used in Apache Struts and other products, evaluates Expression Language (EL) expressions twice in certain circumstances, which allows remote attackers to conduct cro…
|
NVD-CWE-Other
|
CVE-2009-1275
|
2009-04-29 14:29 |
2009-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267878
|
- |
|
mpg123
|
mpg123
|
Integer signedness error in the store_id3_text function in the ID3v2 code in mpg123 before 1.7.2 allows remote attackers to cause a denial of service (out-of-bounds memory access) and possibly execut…
|
CWE-189
Numeric Errors
|
CVE-2009-1301
|
2009-04-29 14:29 |
2009-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267879
|
- |
|
mahara
|
mahara
|
Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.0.x before 1.0.11 and 1.1.x before 1.1.3 allow remote attackers to inject arbitrary web script or HTML via (1) the introduction field i…
|
CWE-79
Cross-site Scripting
|
CVE-2009-0664
|
2009-04-29 14:28 |
2009-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267880
|
- |
|
hp
|
storage_essentials
|
Unspecified vulnerability in Secure NaviCLI in HP Storage Essentials 6.0.2 through 6.0.4 allows remote authenticated users to obtain "access" or "extended privileges" via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2009-0715
|
2009-04-29 14:28 |
2009-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
