|
274941
|
- |
|
andreas_schwarzkopf
|
accessibility_glossary
|
A fix for this vulnerability was included in 0.4.11. The latest release can be downloaded at:
http://typo3.org/extensions/repository/view/a21glossary/current/
|
CWE-89
SQL Injection
|
CVE-2009-4803
|
2010-05-26 13:00 |
2010-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274942
|
- |
|
sun
|
opensolaris
|
The default configuration of Oracle OpenSolaris snv_91 through snv_131 allows attackers to have an unspecified impact via vectors related to using kclient to join a Windows Active Directory domain.
|
CWE-16
Configuration
|
CVE-2010-0559
|
2010-05-25 14:51 |
2010-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274943
|
- |
|
zabbix
|
zabbix
|
The node_process_command function in Zabbix Server before 1.8 allows remote attackers to execute arbitrary commands via a crafted request.
|
CWE-78
OS Command
|
CVE-2009-4498
|
2010-05-25 14:49 |
2010-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274944
|
- |
|
sun
|
java_system_access_manager
|
Cross-site scripting (XSS) vulnerability in the Cross-Domain Controller (CDC) servlet in Sun Java System Access Manager 6 2005Q1, 7 2005Q4, and 7.1 allows remote attackers to inject arbitrary web scr…
|
CWE-79
Cross-site Scripting
|
CVE-2009-2268
|
2010-05-25 14:45 |
2009-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274945
|
- |
|
sun
|
java_system_access_manager
|
Per: http://secunia.com/advisories/35651
"NOTE: This only affects Sun Java System Access Manager if Cross-Domain Single Sign-On (CDSSO) functionality is enabled."
|
CWE-79
Cross-site Scripting
|
CVE-2009-2268
|
2010-05-25 14:45 |
2009-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274946
|
- |
|
info-zip
|
unzip
|
Directory traversal vulnerability in Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via a .. (dot dot) in an extracted filename.
|
NVD-CWE-Other
|
CVE-2001-1268
|
2010-05-25 13:10 |
2001-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274947
|
- |
|
info-zip
|
unzip
|
Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via filenames in the archive that begin with the '/' (slash) character.
|
NVD-CWE-Other
|
CVE-2001-1269
|
2010-05-25 13:10 |
2001-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274948
|
- |
|
xfree86_project
|
xfree86_x_server
|
dexconf in XFree86 Xserver 4.1.0-2 creates the /dev/dri directory with insecure permissions (666), which allows local users to replace or create files in the root file system.
|
NVD-CWE-Other
|
CVE-2001-1409
|
2010-05-25 13:10 |
2003-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274949
|
- |
|
sebrac.webcindario
|
migascms
|
SQL injection vulnerability in function.php in MigasCMS 1.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the categorie parameter in a catalogo act…
|
CWE-89
SQL Injection
|
CVE-2010-2012
|
2010-05-25 02:30 |
2010-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274950
|
- |
|
createch-group
|
lisk_cms
|
Cross-site scripting (XSS) vulnerability in cp/list_content.php in LiSK CMS 4.4 allows remote attackers to inject arbitrary web script or HTML via the cl or possibly id parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2010-2014
|
2010-05-25 02:30 |
2010-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
