|
260391
|
- |
|
aaronoutpost
|
asp_inline_corporate_calendar
|
SQL injection vulnerability in active_appointments.asp in ASP Inline Corporate Calendar allows remote attackers to execute arbitrary SQL commands via the sortby parameter. NOTE: the provenance of th…
|
CWE-89
SQL Injection
|
CVE-2009-2243
|
2017-08-17 10:30 |
2009-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260392
|
- |
|
appleple
|
a-news
|
Cross-site scripting (XSS) vulnerability in Appleple a-News 2.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2009-2292
|
2017-08-17 10:30 |
2009-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260393
|
- |
|
sun
|
opensolaris
solaris
|
The NFSv4 server kernel module in Sun Solaris 10, and OpenSolaris before snv_119, does not properly implement the nfs_portmon setting, which allows remote attackers to access shares, and read, create…
|
NVD-CWE-Other
|
CVE-2009-2296
|
2017-08-17 10:30 |
2009-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260394
|
- |
|
mcafee
|
smartfilter
|
SmartFilter Web Gateway Security 4.2.1.00 stores user credentials in cleartext in config.txt and uses insecure permissions for this file, which allows local users to gain privileges.
|
CWE-310
Cryptographic Issues
|
CVE-2009-2312
|
2017-08-17 10:30 |
2009-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260395
|
- |
|
horde
|
passwd
|
Cross-site scripting (XSS) vulnerability in passwd/main.php in the Passwd module before 3.1.1 for Horde allows remote attackers to inject arbitrary web script or HTML via the backend parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-2360
|
2017-08-17 10:30 |
2009-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260396
|
- |
|
datachecknh
|
gallerypal_fe
|
SQL injection vulnerability in login.asp in DataCheck Solutions GalleryPal FE 1.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this info…
|
CWE-89
SQL Injection
|
CVE-2009-2365
|
2017-08-17 10:30 |
2009-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260397
|
- |
|
wxwidgets
|
wxwidgets
|
Integer overflow in the wxImage::Create function in src/common/image.cpp in wxWidgets 2.8.10 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted JP…
|
CWE-189
Numeric Errors
|
CVE-2009-2369
|
2017-08-17 10:30 |
2009-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260398
|
- |
|
tangocms
|
tangocms
|
Cross-site scripting (XSS) vulnerability in the Html::textarea function in application/libraries/Html.php in TangoCMS 2.x before 2.3.0 allows remote attackers to inject arbitrary web script or HTML v…
|
CWE-79
Cross-site Scripting
|
CVE-2009-2376
|
2017-08-17 10:30 |
2009-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260399
|
- |
|
4homepages
|
4images
|
Cross-site scripting (XSS) vulnerability in includes/functions.php in 4images 1.7 through 1.7.7 allows remote attackers to inject arbitrary web script or HTML via vectors related to the url variable.
|
CWE-79
Cross-site Scripting
|
CVE-2009-2380
|
2017-08-17 10:30 |
2009-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260400
|
- |
|
fedorahosted
|
sssd
|
The local_handler_callback function in server/responder/pam/pam_LOCAL_domain.c in sssd 0.4.1 does not properly handle blank-password accounts in the SSSD BE database, which allows context-dependent a…
|
CWE-287
Improper Authentication
|
CVE-2009-2410
|
2017-08-17 10:30 |
2009-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
