|
276721
|
- |
|
cisco
|
ciscoworks_common_services
ciscoworks_health_and_utilization_monitor
ciscoworks_lan_management_solution
ciscoworks_qos_policy_manager
ciscoworks_voice_manager
security_manager
telep…
|
Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresen…
|
CWE-22
Path Traversal
|
CVE-2009-1161
|
2009-06-9 14:33 |
2009-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276722
|
- |
|
proftpd
|
proftpd
|
ProFTPD Server 1.3.1, with NLS support enabled, allows remote attackers to bypass SQL injection protection mechanisms via invalid, encoded multibyte characters, which are not properly handled in (1) …
|
CWE-89
SQL Injection
|
CVE-2009-0543
|
2009-06-9 14:32 |
2009-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276723
|
- |
|
redhat
|
certificate_system
dogtag_certificate_system
|
agent/request/op.cgi in the Registration Authority (RA) component in Red Hat Certificate System (RHCS) 7.3 and Dogtag Certificate System allows remote authenticated users to approve certificate reque…
|
NVD-CWE-noinfo
|
CVE-2009-0588
|
2009-06-9 14:32 |
2009-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276724
|
- |
|
znc
|
znc
|
Multiple CRLF injection vulnerabilities in webadmin in ZNC before 0.066 allow remote authenticated users to modify the znc.conf configuration file and gain privileges via CRLF sequences in the quit m…
|
CWE-94
Code Injection
|
CVE-2009-0759
|
2009-06-9 14:32 |
2009-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276725
|
- |
|
dokeos
|
dokeos
|
Cross-site request forgery (CSRF) vulnerability in Dokeos 1.8.5, and possibly earlier, allows remote attackers to hijack the authentication of unspecified victims and add new personal agenda items vi…
|
CWE-352
Origin Validation Error
|
CVE-2009-2005
|
2009-06-9 13:00 |
2009-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276726
|
- |
|
drupal
|
drupal
|
Multiple cross-site scripting (XSS) vulnerabilities in Drupal 5.x before 5.18 and 6.x before 6.12 allow (1) remote authenticated users to inject arbitrary web script or HTML via crafted UTF-8 byte se…
|
CWE-79
Cross-site Scripting
|
CVE-2009-1844
|
2009-06-8 14:27 |
2009-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276727
|
- |
|
drupal
|
quiz
|
Cross-site scripting (XSS) vulnerability in the Quiz module 5.x, 6.x-2.x before 6.x-2.2, and 6.x-3.x before 6.x-3.0, a module for Drupal, allows remote authenticated users, with create quizzes or qui…
|
CWE-79
Cross-site Scripting
|
CVE-2009-1942
|
2009-06-8 13:00 |
2009-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276728
|
- |
|
ibm
|
websphere_application_server
|
Multiple cross-site scripting (XSS) vulnerabilities in sample applications in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.35, and 6.1 before 6.1.0.23 on z/OS, allow remote attackers to …
|
CWE-79
Cross-site Scripting
|
CVE-2009-0856
|
2009-06-5 13:00 |
2009-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276729
|
- |
|
openskip
|
skip
|
Cross-site scripting (XSS) vulnerability in Skip 1.0.2 and earlier, and 1.1RC2 and earlier 1.1RC versions, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2009-1908
|
2009-06-5 13:00 |
2009-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276730
|
- |
|
openskip
|
skip
|
SQL injection vulnerability in Skip 1.0.2 and earlier, and 1.1RC2 and earlier 1.1RC versions, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2009-1909
|
2009-06-5 13:00 |
2009-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
