|
258551
|
- |
|
merethis
|
centreon
|
Multiple unspecified vulnerabilities in Centreon before 2.1.4 have unknown impact and attack vectors in the (1) ping tool, (2) traceroute tool, and (3) ldap import, possibly related to improper authe…
|
NVD-CWE-noinfo
|
CVE-2009-4368
|
2017-08-17 10:31 |
2009-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258552
|
- |
|
drupal
|
drupal
|
Cross-site scripting (XSS) vulnerability in the Contact module (modules/contact/contact.admin.inc or modules/contact/contact.module) in Drupal Core 5.x before 5.21 and 6.x before 6.15 allows remote a…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4369
|
2017-08-17 10:31 |
2009-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258553
|
- |
|
drupal
|
drupal
|
Cross-site scripting (XSS) vulnerability in the Menu module (modules/menu/menu.admin.inc) in Drupal Core 6.x before 6.15 allows remote authenticated users with permissions to create new menus to inje…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4370
|
2017-08-17 10:31 |
2009-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258554
|
- |
|
drupal
|
drupal
|
Cross-site scripting (XSS) vulnerability in the Locale module (modules/locale/locale.module) in Drupal Core 6.14, and possibly other versions including 6.15, allows remote authenticated users with "a…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4371
|
2017-08-17 10:31 |
2009-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258555
|
- |
|
alienvault
|
open_source_security_information_management
|
AlienVault Open Source Security Information Management (OSSIM) 2.1.5, and possibly other versions before 2.1.5-4, allows remote attackers to execute arbitrary commands via shell metacharacters in the…
|
CWE-20
Improper Input Validation
|
CVE-2009-4372
|
2017-08-17 10:31 |
2009-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258556
|
- |
|
texmedia
|
million_pixel_script
|
Cross-site scripting (XSS) vulnerability in index.php in texmedia Million Pixel Script 3 allows remote attackers to inject arbitrary web script or HTML via the pa parameter. NOTE: some of these deta…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4381
|
2017-08-17 10:31 |
2009-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258557
|
- |
|
jochen_striepe
|
t-prot
|
Unspecified vulnerability in t-prot (TOFU Protection) before 2.8 allows remote attackers to cause a denial of service via unspecified vectors related to the "--maxlines" option and a crafted email me…
|
NVD-CWE-noinfo
|
CVE-2009-4404
|
2017-08-17 10:31 |
2009-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258558
|
- |
|
edgewall
|
trac
|
Multiple unspecified vulnerabilities in Trac before 0.11.6 have unknown impact and attack vectors, possibly related to (1) "policy checks in report results when using alternate formats" or (2) a "che…
|
NVD-CWE-noinfo
|
CVE-2009-4405
|
2017-08-17 10:31 |
2009-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258559
|
- |
|
xfs
|
acl
|
The (1) setfacl and (2) getfacl commands in XFS acl 2.2.47, when running in recursive (-R) mode, follow symbolic links even when the --physical (aka -P) or -L option is specified, which might allow l…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-4411
|
2017-08-17 10:31 |
2009-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258560
|
- |
|
s9y
|
serendipity
|
Unrestricted file upload vulnerability in Serendipity before 1.5 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension followed by a safe extens…
|
NVD-CWE-Other
|
CVE-2009-4412
|
2017-08-17 10:31 |
2009-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
