268251
|
- |
|
horde
|
application_framework
|
Cross-site scripting (XSS) vulnerability in the XSS filter (framework/Text_Filter/Filter/xss.php) in Horde Application Framework 3.2.2 and 3.3, when Internet Explorer is being used, allows remote att…
|
CWE-79
Cross-site Scripting
|
CVE-2008-5917
|
2009-04-18 14:44 |
2009-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268252
|
- |
|
apache
|
struts
|
Cross-site scripting (XSS) vulnerability in Apache Struts before 1.2.9-162.31.1 on SUSE Linux Enterprise (SLE) 11, before 1.2.9-108.2 on SUSE openSUSE 10.3, before 1.2.9-198.2 on SUSE openSUSE 11.0, …
|
CWE-79
Cross-site Scripting
|
CVE-2008-2025
|
2009-04-18 14:35 |
2009-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268253
|
- |
|
zazzle
|
store_builder
|
Multiple cross-site scripting (XSS) vulnerabilities in include/zstore.php in Zazzle Store Builder 1.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) gridPage and (2) grid…
|
CWE-79
Cross-site Scripting
|
CVE-2009-1320
|
2009-04-17 23:08 |
2009-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268254
|
- |
|
debian
|
horde_imp
|
Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP before 4.2.2 and 4.3.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to (1) smime.php, (2) pgp…
|
CWE-79
Cross-site Scripting
|
CVE-2009-0930
|
2009-04-16 14:38 |
2009-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268255
|
- |
|
phpmyadmin
|
phpmyadmin
|
Directory traversal vulnerability in bs_disp_as_mime_type.php in the BLOB streaming feature in phpMyAdmin before 3.1.3.1 allows remote attackers to read arbitrary files via directory traversal sequen…
|
CWE-22
Path Traversal
|
CVE-2009-1148
|
2009-04-16 14:38 |
2009-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268256
|
- |
|
phpmyadmin
|
phpmyadmin
|
CRLF injection vulnerability in bs_disp_as_mime_type.php in the BLOB streaming feature in phpMyAdmin before 3.1.3.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response …
|
CWE-20
Improper Input Validation
|
CVE-2009-1149
|
2009-04-16 14:38 |
2009-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268257
|
- |
|
ibm
|
db2_content_manager
|
Unspecified vulnerability in the eClient in IBM DB2 Content Manager 8.4.1 before 8.4.1.1 has unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2009-1231
|
2009-04-16 14:38 |
2009-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268258
|
- |
|
james_stone
|
tunapie
|
James Stone Tunapie 2.1 allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file.
|
CWE-59
Link Following
|
CVE-2009-1253
|
2009-04-16 14:38 |
2009-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268259
|
- |
|
james_stone
|
tunapie
|
James Stone Tunapie 2.1 allows remote attackers to execute arbitrary commands via shell metacharacters in a stream URL.
|
CWE-20
Improper Input Validation
|
CVE-2009-1254
|
2009-04-16 14:38 |
2009-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268260
|
- |
|
gnome
|
gnumeric
|
Untrusted search path vulnerability in the GObject Python interpreter wrapper in Gnumeric allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory,…
|
NVD-CWE-Other
|
CVE-2009-0318
|
2009-04-16 14:37 |
2009-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|