|
262751
|
- |
|
didier_ernotte
|
inforss
|
infoRSS 1.1.4.2 and earlier extension for Firefox performs certain operations with chrome privileges, which allows remote attackers to execute arbitrary commands and perform cross-domain scripting at…
|
CWE-20
Improper Input Validation
|
CVE-2009-4101
|
2017-08-17 10:31 |
2009-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262752
|
- |
|
didier_ernotte
|
inforss
|
Per information from the following advisory:
http://www.net-security.org/secworld.php?id=8527
raised the score to CIA:complete since this vulnerability gives attacker the full access to the compute…
|
CWE-20
Improper Input Validation
|
CVE-2009-4101
|
2017-08-17 10:31 |
2009-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262753
|
- |
|
sage.mozdev
mozilla
|
sage
firefox
|
Sage 1.4.3 and earlier extension for Firefox performs certain operations with chrome privileges, which allows remote attackers to execute arbitrary commands and perform cross-domain scripting attacks…
|
CWE-20
Improper Input Validation
|
CVE-2009-4102
|
2017-08-17 10:31 |
2009-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262754
|
- |
|
sage.mozdev
mozilla
|
sage
firefox
|
Per info from the following advisory:
http://www.net-security.org/secworld.php?id=8527
Scored this CVE CIA:complete
|
CWE-20
Improper Input Validation
|
CVE-2009-4102
|
2017-08-17 10:31 |
2009-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262755
|
- |
|
dotnetnuke
|
dotnetnuke
|
Cross-site scripting (XSS) vulnerability in the search functionality in DotNetNuke 4.8 through 5.1.4 allows remote attackers to inject arbitrary web script or HTML via search terms that are not prope…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4110
|
2017-08-17 10:31 |
2009-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262756
|
- |
|
alex_barth
|
feed_element_mapper
|
Cross-site scripting (XSS) vulnerability in Feed Element Mapper module 5.x before 5.x-1.3, 6.x before 6.x-1.3, and 6.x-2.0-alpha before 6.x-2.0-alpha4 for Drupal allows remote attackers to inject arb…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4119
|
2017-08-17 10:31 |
2009-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262757
|
- |
|
opensolution
|
quick.cart
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Quick.Cart 3.4 allow remote attackers to hijack the authentication of the administrator for requests that (1) delete orders via an orders…
|
CWE-352
Origin Validation Error
|
CVE-2009-4120
|
2017-08-17 10:31 |
2009-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262758
|
- |
|
opensolution
|
quick.cms
quick.cms.lite
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Quick.CMS 2.4 and Quick.CMS.Lite 2.4 allow remote attackers to hijack the authentication of the administrator for requests that (1) delet…
|
CWE-352
Origin Validation Error
|
CVE-2009-4121
|
2017-08-17 10:31 |
2009-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262759
|
- |
|
ruby-lang
|
ruby
|
Heap-based buffer overflow in the rb_str_justify function in string.c in Ruby 1.9.1 before 1.9.1-p376 allows context-dependent attackers to execute arbitrary code via unspecified vectors involving (1…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-4124
|
2017-08-17 10:31 |
2009-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262760
|
- |
|
mozilla
|
firefox
|
Race condition in Mozilla Firefox allows remote attackers to produce a JavaScript message with a spoofed domain association by writing the message in between the document request and document load fo…
|
CWE-362
Race Condition
|
CVE-2009-4129
|
2017-08-17 10:31 |
2009-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
