267731
|
- |
|
runcms
|
runcms
|
Multiple SQL injection vulnerabilities in RunCMS 2M1 allow remote authenticated users to execute arbitrary SQL commands via the (1) forum parameter to modules/forum/post.php and possibly (2) forum_id…
|
CWE-89
SQL Injection
|
CVE-2009-3813
|
2009-10-28 13:00 |
2009-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267732
|
- |
|
runcms
|
runcms
|
Static code injection vulnerability in RunCMS 2M1 allows remote authenticated administrators to execute arbitrary PHP code via the "Filter/Banning" feature, as demonstrated by modifying modules/syste…
|
CWE-94
Code Injection
|
CVE-2009-3814
|
2009-10-28 13:00 |
2009-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267733
|
- |
|
runcms
|
runcms
|
RunCMS 2M1, when running with certain error_reporting levels, allows remote attackers to obtain sensitive information via (1) the op[] parameter to modules/contact/index.php or (2) uid[] parameter to…
|
CWE-200
Information Exposure
|
CVE-2009-3815
|
2009-10-28 13:00 |
2009-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267734
|
- |
|
ibm
|
rational_requisitepro
|
Multiple cross-site scripting (XSS) vulnerabilities in the ReqWeb Help feature (aka the Web Client Help system) in IBM Rational RequisitePro 7.1.0 allow remote attackers to inject arbitrary web scrip…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3730
|
2009-10-27 14:28 |
2009-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267735
|
- |
|
mysql-ocaml
|
mysql-ocaml
|
The mysql-ocaml bindings 1.0.4 for MySQL do not properly support the mysql_real_escape_string function, which might allow remote attackers to leverage escaping issues involving multibyte character en…
|
NVD-CWE-noinfo
|
CVE-2009-2942
|
2009-10-27 14:27 |
2009-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267736
|
- |
|
sjoerd_arendsen
|
simplenews_statistics
|
Open redirect vulnerability in Simplenews Statistics 6.x before 6.x-2.0, a module for Drupal, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspeci…
|
CWE-352
Origin Validation Error
|
CVE-2009-3784
|
2009-10-27 13:00 |
2009-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267737
|
- |
|
ocaml
|
postgresql-ocaml
|
The postgresql-ocaml bindings 1.5.4, 1.7.0, and 1.12.1 for PostgreSQL libpq do not properly support the PQescapeStringConn function, which might allow remote attackers to leverage escaping issues inv…
|
NVD-CWE-noinfo
|
CVE-2009-2943
|
2009-10-23 13:00 |
2009-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267738
|
- |
|
gallium.inria
|
camimages
|
Multiple integer overflows in tiffread.c in CamlImages 2.2 might allow remote attackers to execute arbitrary code via TIFF images containing large width and height values that trigger heap-based buff…
|
CWE-189
Numeric Errors
|
CVE-2009-3296
|
2009-10-21 13:00 |
2009-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267739
|
- |
|
vmware
|
fusion
|
Integer overflow in the vmx86 kernel extension in VMware Fusion before 2.0.6 build 196839 allows host OS users to cause a denial of service to the host OS via unspecified vectors.
|
CWE-189
Numeric Errors
|
CVE-2009-3282
|
2009-10-20 13:00 |
2009-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267740
|
- |
|
vmware
|
fusion
|
Per: http://lists.vmware.com/pipermail/security-announce/2009/000066.html
Solution
Please review the patch/release notes for your product and version
and verify the md5sum and/or the sh…
|
CWE-189
Numeric Errors
|
CVE-2009-3282
|
2009-10-20 13:00 |
2009-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|