|
258821
|
- |
|
tgs-cms
|
tgs_content_management
|
Cross-site scripting (XSS) vulnerability in login.php in TGS Content Management 0.x allows remote attackers to inject arbitrary web script or HTML via the previous_page parameter, a different vector …
|
CWE-79
Cross-site Scripting
|
CVE-2009-2928
|
2017-09-19 10:29 |
2009-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258822
|
- |
|
tgs-cms
|
tgs_content_management
|
Multiple SQL injection vulnerabilities in TGS Content Management 0.x allow remote attackers to execute arbitrary SQL commands via the (1) tgs_language_id, (2) tpl_dir, (3) referer, (4) user-agent, (5…
|
CWE-89
SQL Injection
|
CVE-2009-2929
|
2017-09-19 10:29 |
2009-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258823
|
- |
|
programmedintegration
|
pipl
|
Multiple stack-based buffer overflows in xaudio.dll in Programmed Integration PIPL 2.5.0 and 2.5.0D allow remote attackers to execute arbitrary code via a long string in a (1) .pls or (2) .pl playlis…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-2934
|
2017-09-19 10:29 |
2009-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258824
|
- |
|
sun
|
opensolaris
solaris
|
Unspecified vulnerability in the pollwakeup function in Sun Solaris 10, and OpenSolaris before snv_51, allows local users to cause a denial of service (panic) via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2009-2952
|
2017-09-19 10:29 |
2009-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258825
|
- |
|
thekelleys
|
dnsmasq
|
Heap-based buffer overflow in the tftp_request function in tftp.c in dnsmasq before 2.50, when --enable-tftp is used, might allow remote attackers to execute arbitrary code via a long filename in a T…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-2957
|
2017-09-19 10:29 |
2009-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258826
|
- |
|
thekelleys
|
dnsmasq
|
The tftp_request function in tftp.c in dnsmasq before 2.50, when --enable-tftp is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a TFTP rea…
|
CWE-399
Resource Management Errors
|
CVE-2009-2958
|
2017-09-19 10:29 |
2009-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258827
|
- |
|
kolmck
|
kol_player
|
Stack-based buffer overflow in Thaddy de Konng KOL Player 1.0 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long URL in a .MP3 playlist file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-2961
|
2017-09-19 10:29 |
2009-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258828
|
- |
|
squirrelmail
|
squirrelmail
|
Multiple cross-site request forgery (CSRF) vulnerabilities in SquirrelMail 1.4.19 and earlier, and NaSMail before 1.7, allow remote attackers to hijack the authentication of unspecified victims via f…
|
CWE-352
Origin Validation Error
|
CVE-2009-2964
|
2017-09-19 10:29 |
2009-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258829
|
- |
|
sun
|
solaris
|
in.lpd in the print service in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors that trigger a "fork()/exec() bomb."
|
CWE-399
Resource Management Errors
|
CVE-2009-2972
|
2017-09-19 10:29 |
2009-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258830
|
- |
|
microsoft
|
internet_explorer
|
Microsoft Internet Explorer 6 through 8 allows remote attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary URL on the web site visited by the victim, as demon…
|
NVD-CWE-Other
|
CVE-2009-3003
|
2017-09-19 10:29 |
2009-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
