268301
|
- |
|
mozilla
|
bugzilla
|
Cross-site request forgery (CSRF) vulnerability in Bugzilla 3.0 before 3.0.7, 3.2 before 3.2.1, and 3.3 before 3.3.2 allows remote attackers to delete shared or saved searches via a link or IMG tag t…
|
CWE-352
Origin Validation Error
|
CVE-2009-0484
|
2009-03-25 14:50 |
2009-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268302
|
- |
|
mozilla
|
bugzilla
|
Cross-site request forgery (CSRF) vulnerability in Bugzilla 2.17 to 2.22.7, 3.0 before 3.0.7, 3.2 before 3.2.1, and 3.3 before 3.3.2 allows remote attackers to delete unused flag types via a link or …
|
CWE-352
Origin Validation Error
|
CVE-2009-0485
|
2009-03-25 14:50 |
2009-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268303
|
- |
|
mozilla
|
bugzilla
|
Bugzilla 3.2.1, 3.0.7, and 3.3.2, when running under mod_perl, calls the srand function at startup time, which causes Apache children to have the same seed and produce insufficiently random numbers f…
|
CWE-352
Origin Validation Error
|
CVE-2009-0486
|
2009-03-25 14:50 |
2009-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268304
|
- |
|
zipgenius
|
zipgenius
|
Multiple stack-based buffer overflows in ZipGenius 5.5.1.468 and 6.0.2.1041, and other versions before 6.0.2.1050, allow remote attackers to execute arbitrary code via (1) a ZIP archive that contains…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2005-3317
|
2009-03-25 13:00 |
2005-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268305
|
- |
|
phpbb
|
phpbb
|
Unspecified vulnerability in phpBB before 3.0.4 allows attackers to obtain sensitive information via unknown vectors related to the lack of password prompts for a private message that quotes a post i…
|
NVD-CWE-noinfo
|
CVE-2008-6507
|
2009-03-24 13:00 |
2009-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268306
|
- |
|
andrew_freed
|
quotebook
|
Multiple SQL injection vulnerabilities in QuoteBook allow remote attackers to execute arbitrary SQL commands via the (1) MyBox and (2) selectFavorites parameters to (a) quotes.php and the (3) QuoteNa…
|
CWE-89
SQL Injection
|
CVE-2009-0829
|
2009-03-21 14:55 |
2009-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268307
|
- |
|
andrew_freed
|
quotebook
|
Cross-site scripting (XSS) vulnerability in QuoteBook allows remote attackers to inject arbitrary web script or HTML via the (1) QuoteName and (2) QuoteText parameters to quotesadd.php. NOTE: the pr…
|
CWE-79
Cross-site Scripting
|
CVE-2009-0830
|
2009-03-21 14:55 |
2009-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268308
|
- |
|
tangocms
|
tangocms
|
Cross-site scripting (XSS) vulnerability in the hook_cntrlr_error_output function in modules/page/hooks/listeners.php in the admincp component in TangoCMS 2.2.x (aka Eagle) before 2.2.4 allows remote…
|
CWE-79
Cross-site Scripting
|
CVE-2009-0862
|
2009-03-21 14:55 |
2009-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268309
|
- |
|
wesnoth
|
wesnoth
|
The uncompress_buffer function in src/server/simple_wml.cpp in Wesnoth before r33069 allows remote attackers to cause a denial of service via a large compressed WML document.
|
CWE-399
Resource Management Errors
|
CVE-2009-0366
|
2009-03-21 14:54 |
2009-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268310
|
- |
|
hp
|
wmi_mapper
|
Unspecified vulnerability in WMI Mapper for HP Systems Insight Manager before 2.5.2.0 allows local users to gain privileges via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2009-0712
|
2009-03-21 14:54 |
2009-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|