|
268201
|
- |
|
scriptlerim
|
radio_isetek_scripti
|
RADIO istek scripti 2.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain user credentials via a direct request for estafresgaf…
|
CWE-255
Credentials Management
|
CVE-2009-4096
|
2009-12-2 14:00 |
2009-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268202
|
- |
|
robo-ftp
|
robo-ftp
|
Buffer overflow in Robo-FTP 3.6.17, and possibly other versions, allows remote FTP servers to cause a denial of service and possibly execute arbitrary code via unspecified FTP server responses. NOTE…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-4103
|
2009-11-30 14:00 |
2009-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268203
|
- |
|
dotnetnuke
|
dotnetnuke
|
The install wizard in DotNetNuke 4.0 through 5.1.4 does not prevent anonymous users from accessing functionality related to determination of the need for an upgrade, which allows remote attackers to …
|
CWE-200
Information Exposure
|
CVE-2009-4109
|
2009-11-30 14:00 |
2009-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268204
|
- |
|
gforge
|
gforge
|
Cross-site scripting (XSS) vulnerability in www/help/tracker.php in GForge 4.5.14, 4.7 rc2, and 4.8.1 allows remote attackers to inject arbitrary web script or HTML via the helpname parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-3303
|
2009-11-25 02:30 |
2009-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268205
|
- |
|
gforge
|
gforge
|
Multiple cross-site scripting (XSS) vulnerabilities in GForge 4.5.14, 4.7.3, and possibly other versions allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4069
|
2009-11-25 02:30 |
2009-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268206
|
- |
|
gforge
|
gforge
|
SQL injection vulnerability in GForge 4.5.14, 4.7.3, and possibly other versions allows remote attackers to execute arbitrary SQL commands via unknown vectors.
|
CWE-89
SQL Injection
|
CVE-2009-4070
|
2009-11-25 02:30 |
2009-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268207
|
- |
|
hp
|
openview_network_node_manager
|
The embedded database engine service (aka ovdbrun.exe) in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to cause a denial of service (daemon crash) via an invalid Er…
|
NVD-CWE-Other
|
CVE-2009-3840
|
2009-11-24 16:04 |
2009-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268208
|
- |
|
hp
|
discovery\&dependency_mapping_inventory
|
Unspecified vulnerability in HP Discovery & Dependency Mapping Inventory (DDMI) 2.5x, 7.5x, and 7.60 on Windows allows remote authenticated users to execute arbitrary code via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2009-3841
|
2009-11-24 16:04 |
2009-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268209
|
- |
|
christos_zoulas
|
file
|
Multiple integer overflows in Christos Zoulas file before 5.02 allow user-assisted remote attackers to have an unspecified impact via a malformed compound document (aka cdf) file that triggers a buff…
|
CWE-189
Numeric Errors
|
CVE-2009-3930
|
2009-11-24 16:04 |
2009-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268210
|
- |
|
jos_de_ruijter
|
superseriousstats
|
SQL injection vulnerability in user.php in Super Serious Stats (aka superseriousstats) before 1.1.2p1 allows remote attackers to execute arbitrary SQL commands via the uid parameter, related to an "i…
|
CWE-89
SQL Injection
|
CVE-2009-3961
|
2009-11-24 16:04 |
2009-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
