|
256671
|
- |
|
w3
|
amaya
|
Stack-based buffer overflow in W3C Amaya Web Browser 11.1 allows remote attackers to execute arbitrary code via a script tag with a long defer attribute.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-1209
|
2017-09-29 10:34 |
2009-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256672
|
- |
|
scivox
|
vsp_stats_processor
|
SQL injection vulnerability in vsp-core/pub/themes/bismarck/gamestat.php in vsp stats processor 0.45 allows remote attackers to execute arbitrary SQL commands via the gameID parameter.
|
CWE-89
SQL Injection
|
CVE-2009-1224
|
2017-09-29 10:34 |
2009-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256673
|
- |
|
podcast_generator
|
podcast_generator
|
core/admin/delete.php in Podcast Generator 1.1 and earlier does not properly restrict access to administrative functions, which allows remote attackers to delete arbitrary files via the file paramete…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-1226
|
2017-09-29 10:34 |
2009-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256674
|
- |
|
arcadwy
|
arcadwy_arcade_script_cms
|
Cross-site scripting (XSS) vulnerability in register.php in Arcadwy Arcade Script CMS allows remote attackers to inject arbitrary web script or HTML via the username field (user_name parameter).
|
CWE-79
Cross-site Scripting
|
CVE-2009-1228
|
2017-09-29 10:34 |
2009-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256675
|
- |
|
arcadwy
|
arcadwy_arcade_script
|
SQL injection vulnerability in Arcadwy Arcade Script allows remote attackers to execute arbitrary SQL commands via the user cookie parameter.
|
CWE-89
SQL Injection
|
CVE-2009-1229
|
2017-09-29 10:34 |
2009-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256676
|
- |
|
podcast_generator
|
podcast_generator
|
Static code injection vulnerability in index.php in Podcast Generator 1.1 and earlier allows remote authenticated administrators to inject arbitrary PHP code into config.php via the recent parameter …
|
CWE-94
Code Injection
|
CVE-2009-1230
|
2017-09-29 10:34 |
2009-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256677
|
- |
|
mozilla
|
firefox
|
Mozilla Firefox 3.0.8 and earlier 3.0.x versions allows remote attackers to cause a denial of service (memory corruption) via an XML document composed of a long series of start-tags with no correspon…
|
CWE-20
Improper Input Validation
|
CVE-2009-1232
|
2017-09-29 10:34 |
2009-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256678
|
- |
|
apple
|
safari
|
Apple Safari 3.2.2 and 4 Beta on Windows allows remote attackers to cause a denial of service (application crash) via an XML document containing many nested A elements.
|
CWE-20
Improper Input Validation
|
CVE-2009-1233
|
2017-09-29 10:34 |
2009-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256679
|
- |
|
opera
|
opera_browser
|
Opera 9.64 allows remote attackers to cause a denial of service (application crash) via an XML document containing a long series of start-tags with no corresponding end-tags. NOTE: it was later repo…
|
CWE-20
Improper Input Validation
|
CVE-2009-1234
|
2017-09-29 10:34 |
2009-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256680
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
XNU 1228.9.59 and earlier on Apple Mac OS X 10.5.6 and earlier does not properly restrict interaction between user space and the HFS IOCTL handler, which allows local users to overwrite kernel memory…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-1235
|
2017-09-29 10:34 |
2009-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
