|
260891
|
- |
|
ibm
|
websphere_service_registry_and_repository
|
IBM WebSphere Service Registry and Repository (WSRR) 6.3.0 before FP2 does not have the intended configuration properties, which allows remote authenticated users to obtain unspecified data access vi…
|
CWE-16
Configuration
|
CVE-2009-2750
|
2017-08-17 10:30 |
2010-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260892
|
- |
|
ibm
|
websphere_commerce
|
IBM WebSphere Commerce 7.0 uses the same cryptographic key for session attributes and merchant data encryption, which has unspecified impact and remote attack vectors.
|
CWE-310
Cryptographic Issues
|
CVE-2009-2751
|
2017-08-17 10:30 |
2010-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260893
|
- |
|
ibm
|
websphere_commerce
|
IBM WebSphere Commerce 7.0 does not properly encrypt data in a database, which makes it easier for local users to obtain sensitive information by defeating cryptographic protection mechanisms.
|
CWE-310
Cryptographic Issues
|
CVE-2009-2752
|
2017-08-17 10:30 |
2010-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260894
|
- |
|
avira
|
antivir
antivir_security_suite
|
Unquoted Windows search path vulnerability in the scheduler (sched.exe) in Avira AntiVir, AntiVir Premium, Premium Security Suite, and AntiVir Professional might allow local users to gain privileges …
|
NVD-CWE-Other
|
CVE-2009-2761
|
2017-08-17 10:30 |
2009-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260895
|
- |
|
realtysoft
|
pg_roomate_finder_solution
|
Multiple cross-site scripting (XSS) vulnerabilities in PG Roommate Finder Solution allow remote attackers to inject arbitrary web script or HTML via the part parameter to (1) quick_search.php and (2)…
|
CWE-79
Cross-site Scripting
|
CVE-2009-2772
|
2017-08-17 10:30 |
2009-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260896
|
- |
|
68_classifieds
|
68_classifieds
|
Multiple cross-site scripting (XSS) vulnerabilities in 68 Classifieds 4.1 allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter to category.php, view parameter to (2…
|
CWE-79
Cross-site Scripting
|
CVE-2009-2780
|
2017-08-17 10:30 |
2009-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260897
|
- |
|
classifiedphpscript
|
php_open_classifieds_script
|
Multiple cross-site scripting (XSS) vulnerabilities in PHP Open Classifieds Script allow remote attackers to inject arbitrary web script or HTML via the (1) page parameter to buy.php and the id param…
|
CWE-79
Cross-site Scripting
|
CVE-2009-2785
|
2017-08-17 10:30 |
2009-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260898
|
- |
|
permis
|
com_groups
|
SQL injection vulnerability in the Permis (com_groups) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a list action to index.php. NOTE: t…
|
CWE-89
SQL Injection
|
CVE-2009-2789
|
2017-08-17 10:30 |
2009-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260899
|
- |
|
softbiz
|
dating_script
|
SQL injection vulnerability in cat_products.php in SoftBiz Dating Script allows remote attackers to execute arbitrary SQL commands via the cid parameter. NOTE: this might overlap CVE-2006-3271.4.
|
CWE-89
SQL Injection
|
CVE-2009-2790
|
2017-08-17 10:30 |
2009-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260900
|
- |
|
apple
|
iphone_os
|
The Exchange Support component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, does not properly implement the "Maximum inactivity time lock" functionality, which allows loc…
|
CWE-362
Race Condition
|
CVE-2009-2794
|
2017-08-17 10:30 |
2009-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
