268261
|
- |
|
gnome
|
eog
|
Untrusted search path vulnerability in the Python interface in Eye of GNOME (eog) 2.22.3, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in t…
|
NVD-CWE-Other
|
CVE-2008-5987
|
2009-04-16 14:35 |
2009-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268262
|
- |
|
graphicsmagick
|
graphicsmagick
|
Unspecified vulnerability in GraphicsMagick before 1.2.3 allows remote attackers to cause a denial of service (crash) via unspecified vectors in DPX images. NOTE: some of these details are obtained …
|
NVD-CWE-noinfo
|
CVE-2008-6621
|
2009-04-14 14:41 |
2009-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268263
|
- |
|
alstrasoft
|
askme_pro
|
Multiple SQL injection vulnerabilities in AlstraSoft AskMe Pro allow remote attackers to execute arbitrary SQL commands via the (1) que_id parameter to forum_answer.php or (2) the cat_id parameter to…
|
NVD-CWE-Other
|
CVE-2007-4085
|
2009-04-14 14:18 |
2007-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268264
|
- |
|
ibm
|
lotus_domino
|
The IMAP task in the server in IBM Lotus Domino 8.0.2 before FP1 IF1 and 8.5 before IF3 allows remote attackers to cause a denial of service (daemon crash) via a MIME e-mail message with RFC822 attac…
|
NVD-CWE-Other
|
CVE-2009-1286
|
2009-04-14 13:00 |
2009-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268265
|
- |
|
virtual_programming
|
vp-asp
|
SQL injection vulnerability in shopadmin.asp in VP-ASP 4.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username or (2) password fields.
|
NVD-CWE-Other
|
CVE-2002-1919
|
2009-04-11 13:14 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268266
|
- |
|
glfusion
|
glfusion
|
Cross-site scripting (XSS) vulnerability in glFusion before 1.1.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2009-1281
|
2009-04-10 13:00 |
2009-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268267
|
- |
|
stanislas_rolland
|
sr_feuser_register
|
Frontend User Registration (sr_feuser_register) extension 2.5.20 and earlier for TYPO3 does not properly verify access rights, which allows remote authenticated users to obtain sensitive information …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-1264
|
2009-04-8 13:00 |
2009-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268268
|
- |
|
drupal
|
feedapi_mapper
|
Cross-site scripting (XSS) vulnerability in Feed element mapper 5.x before 5.x-1.1, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via the content title in admin/…
|
CWE-79
Cross-site Scripting
|
CVE-2009-1249
|
2009-04-7 13:00 |
2009-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268269
|
- |
|
phpcredo
|
phcdownload
|
SQL injection vulnerability in admin/index.php in PHCDownload 1.1 allows remote attackers to execute arbitrary SQL commands via the hash parameter. NOTE: the provenance of this information is unknow…
|
CWE-89
SQL Injection
|
CVE-2008-6596
|
2009-04-6 13:00 |
2009-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268270
|
- |
|
phpcredo
|
phcdownload
|
Cross-site scripting (XSS) vulnerability in upload/install/index.php in PHCDownload 1.1 allows remote attackers to inject arbitrary web script or HTML via the step parameter. NOTE: the provenance of…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6597
|
2009-04-6 13:00 |
2009-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|