|
267761
|
- |
|
samhain_labs
|
samhain
|
The Secure Remote Password (SRP) implementation in Samhain before 2.5.4 does not check for a certain zero value where required by the protocol, which allows remote attackers to bypass authentication …
|
CWE-20
Improper Input Validation
|
CVE-2009-4810
|
2010-04-27 01:17 |
2010-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267762
|
- |
|
palosanto
|
elastix
|
Directory traversal vulnerability in help/frameRight.php in Elastix 1.6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the id_nodo parameter. NOTE: the provenance of this in…
|
CWE-22
Path Traversal
|
CVE-2010-1492
|
2010-04-26 13:00 |
2010-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267763
|
- |
|
joachim_ruhs
|
flat_manager
|
SQL injection vulnerability in the Flat Manager (flatmgr) extension before 1.9.16 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2009-4802
|
2010-04-26 13:00 |
2010-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267764
|
- |
|
phpmyfaq
|
phpmyfaq
|
Multiple cross-site scripting (XSS) vulnerabilities in index.php in phpMyFAQ before 2.5.5 allow remote attackers to inject arbitrary web script or HTML via (1) the lang parameter in a sitemap action,…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4780
|
2010-04-24 13:00 |
2010-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267765
|
- |
|
ijoomla
|
com_news_portal
|
Directory traversal vulnerability in the iJoomla News Portal (com_news_portal) component 1.5.x for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller paramet…
|
CWE-22
Path Traversal
|
CVE-2010-1312
|
2010-04-22 14:42 |
2010-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267766
|
- |
|
vmware
|
movie_decoder
workstation
player
server
|
Heap-based buffer overflow in vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 Build 246459 on Windows, and the movie decoder in VMware Workstation 6.5.x before 6.5.4 build 24645…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-1564
|
2010-04-22 14:33 |
2010-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267767
|
- |
|
vmware
|
movie_decoder
workstation
player
server
|
vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 Build 246459 on Windows, and the movie decoder in VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-1565
|
2010-04-22 14:33 |
2010-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267768
|
- |
|
rim
|
blackberry_enterprise_server
blackberry_professional_software
|
Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 4.1.7 and 5.0.0, an…
|
NVD-CWE-noinfo
|
CVE-2009-4778
|
2010-04-22 13:00 |
2010-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267769
|
- |
|
rim
|
blackberry_enterprise_server
blackberry_professional_software
|
Per: http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB19860
'These vulnerabilities could enable a malicious individual to send an email message containing a specially…
|
NVD-CWE-noinfo
|
CVE-2009-4778
|
2010-04-22 13:00 |
2010-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267770
|
- |
|
pligg
|
pligg_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in Pligg before 1.0.3 allow remote attackers to inject arbitrary web script or HTML via the HTTP Referer header to (1) admin/admin_config.php, (2) …
|
CWE-79
Cross-site Scripting
|
CVE-2009-4786
|
2010-04-22 13:00 |
2010-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
