|
256381
|
- |
|
xen
|
xen
|
The hypervisor_callback function in Xen, possibly before 3.4.0, as applied to the Linux kernel 2.6.30-rc4, 2.6.18, and probably other versions allows guest user applications to cause a denial of serv…
|
CWE-399
Resource Management Errors
|
CVE-2009-1758
|
2017-09-29 10:34 |
2009-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256382
|
- |
|
rahul
|
dtorrent
ctorrent
|
Stack-based buffer overflow in the btFiles::BuildFromMI function (trunk/btfiles.cpp) in Enhanced CTorrent (aka dTorrent) 3.3.2 and probably earlier, and CTorrent 1.3.4, allows remote attackers to cau…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-1759
|
2017-09-29 10:34 |
2009-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256383
|
- |
|
bokecc
|
maxcms
|
SQL injection vulnerability in inc/ajax.asp in MaxCMS 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a digg action.
|
CWE-89
SQL Injection
|
CVE-2009-1764
|
2017-09-29 10:34 |
2009-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256384
|
- |
|
pluck-cms
|
pluck
|
Multiple directory traversal vulnerabilities in pluck 4.6.2, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the langpref p…
|
CWE-22
Path Traversal
|
CVE-2009-1765
|
2017-09-29 10:34 |
2009-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256385
|
- |
|
2daybiz
|
template_monster_clone
|
admin/edituser.php in 2daybiz Template Monster Clone does not require administrative authentication, which allows remote attackers to modify arbitrary accounts via the (1) loginname, (2) password, (3…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-1767
|
2017-09-29 10:34 |
2009-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256386
|
- |
|
ramazeiten
|
ramazaitencms0.9.7.5
ramazaitencms0.9.7.6
ramazaitencms0.9.7.8
ramazaitencms0.9.8
|
Directory traversal vulnerability in download.php in Rama Zaiten CMS 0.9.8 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
|
CWE-22
Path Traversal
|
CVE-2009-1768
|
2017-09-29 10:34 |
2009-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256387
|
- |
|
flyspeck
|
flyspeck_cms
|
Directory traversal vulnerability in includes/database/examples/addressbook.php in Flyspeck CMS 6.8 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang…
|
CWE-22
Path Traversal
|
CVE-2009-1770
|
2017-09-29 10:34 |
2009-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256388
|
- |
|
flyspeck
|
flyspeck_cms
|
index.php in Flyspeck CMS 6.8 does not require administrative authentication for the updateExistingContent action, which allows remote attackers to create or modify admin accounts via the (1) users[f…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-1771
|
2017-09-29 10:34 |
2009-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256389
|
- |
|
strawberry
|
strawberry
|
Directory traversal vulnerability in plugins/ddb/foot.php in Strawberry 1.1.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the file parameter to example/…
|
CWE-22
Path Traversal
|
CVE-2009-1774
|
2017-09-29 10:34 |
2009-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256390
|
- |
|
ibm
|
aix
|
The malloc subsystem in libc in IBM AIX 5.3 and 6.1 allows local users to create or overwrite arbitrary files via a symlink attack on the log file associated with the MALLOCDEBUG environment variable.
|
CWE-362
Race Condition
|
CVE-2009-1786
|
2017-09-29 10:34 |
2009-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
