|
262451
|
- |
|
ibm
|
websphere_application_server
communications_enabled_applications
|
Feature Pack for Communications Enabled Applications (CEA) before 1.0.0.1 for IBM WebSphere Application Server 7.0.0.7 uses predictable session values, which allows man-in-the-middle attackers to spo…
|
CWE-310
Cryptographic Issues
|
CVE-2009-2749
|
2017-08-17 10:30 |
2009-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262452
|
- |
|
ibm
|
websphere_service_registry_and_repository
|
IBM WebSphere Service Registry and Repository (WSRR) 6.3.0 before FP2 does not have the intended configuration properties, which allows remote authenticated users to obtain unspecified data access vi…
|
CWE-16
Configuration
|
CVE-2009-2750
|
2017-08-17 10:30 |
2010-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262453
|
- |
|
ibm
|
websphere_commerce
|
IBM WebSphere Commerce 7.0 uses the same cryptographic key for session attributes and merchant data encryption, which has unspecified impact and remote attack vectors.
|
CWE-310
Cryptographic Issues
|
CVE-2009-2751
|
2017-08-17 10:30 |
2010-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262454
|
- |
|
ibm
|
websphere_commerce
|
IBM WebSphere Commerce 7.0 does not properly encrypt data in a database, which makes it easier for local users to obtain sensitive information by defeating cryptographic protection mechanisms.
|
CWE-310
Cryptographic Issues
|
CVE-2009-2752
|
2017-08-17 10:30 |
2010-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262455
|
- |
|
avira
|
antivir
antivir_security_suite
|
Unquoted Windows search path vulnerability in the scheduler (sched.exe) in Avira AntiVir, AntiVir Premium, Premium Security Suite, and AntiVir Professional might allow local users to gain privileges …
|
NVD-CWE-Other
|
CVE-2009-2761
|
2017-08-17 10:30 |
2009-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262456
|
- |
|
realtysoft
|
pg_roomate_finder_solution
|
Multiple cross-site scripting (XSS) vulnerabilities in PG Roommate Finder Solution allow remote attackers to inject arbitrary web script or HTML via the part parameter to (1) quick_search.php and (2)…
|
CWE-79
Cross-site Scripting
|
CVE-2009-2772
|
2017-08-17 10:30 |
2009-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262457
|
- |
|
68_classifieds
|
68_classifieds
|
Multiple cross-site scripting (XSS) vulnerabilities in 68 Classifieds 4.1 allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter to category.php, view parameter to (2…
|
CWE-79
Cross-site Scripting
|
CVE-2009-2780
|
2017-08-17 10:30 |
2009-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262458
|
- |
|
classifiedphpscript
|
php_open_classifieds_script
|
Multiple cross-site scripting (XSS) vulnerabilities in PHP Open Classifieds Script allow remote attackers to inject arbitrary web script or HTML via the (1) page parameter to buy.php and the id param…
|
CWE-79
Cross-site Scripting
|
CVE-2009-2785
|
2017-08-17 10:30 |
2009-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262459
|
- |
|
permis
|
com_groups
|
SQL injection vulnerability in the Permis (com_groups) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a list action to index.php. NOTE: t…
|
CWE-89
SQL Injection
|
CVE-2009-2789
|
2017-08-17 10:30 |
2009-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262460
|
- |
|
softbiz
|
dating_script
|
SQL injection vulnerability in cat_products.php in SoftBiz Dating Script allows remote attackers to execute arbitrary SQL commands via the cid parameter. NOTE: this might overlap CVE-2006-3271.4.
|
CWE-89
SQL Injection
|
CVE-2009-2790
|
2017-08-17 10:30 |
2009-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
