268061
|
- |
|
gnome
|
nautilus-python
|
Untrusted search path vulnerability in the Python language bindings for Nautilus (nautilus-python) allows local users to execute arbitrary code via a Trojan horse Python file in the current working d…
|
NVD-CWE-Other
|
CVE-2009-0317
|
2009-02-5 15:53 |
2009-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268062
|
- |
|
asp-dev
|
xm_events_diary
|
SQL injection vulnerability in diary_viewC.asp in ASP-DEv XM Events Diary allows remote attackers to execute arbitrary SQL commands via the cat parameter. NOTE: the provenance of this information is…
|
CWE-89
SQL Injection
|
CVE-2008-5924
|
2009-02-5 15:52 |
2009-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268063
|
- |
|
torrenttrader
|
torrenttrader
|
TorrentTrader 1.07 and earlier sets insecure permissions for files in the root directory, which allows attackers to execute arbitrary PHP code by modifying (1) disclaimer.txt, (2) sponsors.txt, and (…
|
NVD-CWE-Other
|
CVE-2007-4536
|
2009-02-5 15:29 |
2007-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268064
|
- |
|
keep_toolkit
|
keep_toolkit
|
SQL injection vulnerability in lib/patUser.php in KEEP Toolkit before 2.5.1 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password.
|
CWE-89
SQL Injection
|
CVE-2009-0287
|
2009-02-5 14:00 |
2009-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268065
|
- |
|
codefixer
|
linkspro
|
SQL injection vulnerability in Default.asp in LinksPro Standard Edition allows remote attackers to execute arbitrary SQL commands via the OrderDirection parameter.
|
CWE-89
SQL Injection
|
CVE-2009-0431
|
2009-02-5 14:00 |
2009-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268066
|
- |
|
preprojects
|
pre_classified_listings
|
PreProjects Pre Classified Listings stores pclasp.mdb under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6055
|
2009-02-5 00:30 |
2009-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268067
|
- |
|
google
|
chrome
|
Cross-domain vulnerability in the V8 JavaScript engine in Google Chrome before 1.0.154.46 allows remote attackers to bypass the Same Origin Policy via a crafted script that accesses another frame and…
|
NVD-CWE-Other
|
CVE-2009-0276
|
2009-02-4 14:00 |
2009-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268068
|
- |
|
monkey
|
trickle
|
Untrusted search path vulnerability in trickle 1.07 allows local users to execute arbitrary code via a Trojan horse trickle-overload.so in the current working directory, which is referenced in the LD…
|
NVD-CWE-Other
|
CVE-2009-0415
|
2009-02-4 14:00 |
2009-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268069
|
- |
|
novell
|
groupwise
|
Unspecified vulnerability in WebAccess in Novell GroupWise 6.5, 7.0, 7.01, 7.02x, 7.03, 7.03HP1a, and 8.0 might allow remote attackers to obtain sensitive information via a crafted URL, related to co…
|
CWE-200
Information Exposure
|
CVE-2009-0274
|
2009-02-4 04:30 |
2009-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268070
|
- |
|
dataspade
|
dataspade
|
Multiple cross-site scripting (XSS) vulnerabilities in Index.asp in Dataspade 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) ViewName, (2) TableName, (3) OrderBy, and (…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6041
|
2009-02-3 20:30 |
2009-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|