|
260381
|
- |
|
alex_barth
|
feed_element_mapper
|
Cross-site scripting (XSS) vulnerability in Feed Element Mapper module 5.x before 5.x-1.3, 6.x before 6.x-1.3, and 6.x-2.0-alpha before 6.x-2.0-alpha4 for Drupal allows remote attackers to inject arb…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4119
|
2017-08-17 10:31 |
2009-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260382
|
- |
|
opensolution
|
quick.cart
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Quick.Cart 3.4 allow remote attackers to hijack the authentication of the administrator for requests that (1) delete orders via an orders…
|
CWE-352
Origin Validation Error
|
CVE-2009-4120
|
2017-08-17 10:31 |
2009-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260383
|
- |
|
opensolution
|
quick.cms
quick.cms.lite
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Quick.CMS 2.4 and Quick.CMS.Lite 2.4 allow remote attackers to hijack the authentication of the administrator for requests that (1) delet…
|
CWE-352
Origin Validation Error
|
CVE-2009-4121
|
2017-08-17 10:31 |
2009-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260384
|
- |
|
ruby-lang
|
ruby
|
Heap-based buffer overflow in the rb_str_justify function in string.c in Ruby 1.9.1 before 1.9.1-p376 allows context-dependent attackers to execute arbitrary code via unspecified vectors involving (1…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-4124
|
2017-08-17 10:31 |
2009-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260385
|
- |
|
mozilla
|
firefox
|
Race condition in Mozilla Firefox allows remote attackers to produce a JavaScript message with a spoofed domain association by writing the message in between the document request and document load fo…
|
CWE-362
Race Condition
|
CVE-2009-4129
|
2017-08-17 10:31 |
2009-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260386
|
- |
|
mozilla
|
firefox
|
Visual truncation vulnerability in the MakeScriptDialogTitle function in nsGlobalWindow.cpp in Mozilla Firefox allows remote attackers to spoof the origin domain name of a script via a long name.
|
NVD-CWE-Other
|
CVE-2009-4130
|
2017-08-17 10:31 |
2009-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260387
|
- |
|
bestpractical
|
rt
|
Session fixation vulnerability in html/Elements/SetupSessionCookie in Best Practical Solutions RT 3.0.0 through 3.6.9 and 3.8.x through 3.8.5 allows remote attackers to hijack web sessions by setting…
|
CWE-287
Improper Authentication
|
CVE-2009-4151
|
2017-08-17 10:31 |
2009-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260388
|
- |
|
apple
|
safari
|
Stack consumption vulnerability in Apple Safari 4.0.3 on Windows allows remote attackers to cause a denial of service (application crash) via a long URI value (aka url) in the Cascading Style Sheets …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-4186
|
2017-08-17 10:31 |
2009-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260389
|
- |
|
merkaartor
|
merkaartor
|
Merkaartor 0.14 allows local users to append data to arbitrary files via a symlink attack on the /tmp/merkaartor.log temporary file.
|
CWE-59
Link Following
|
CVE-2009-4193
|
2017-08-17 10:31 |
2009-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260390
|
- |
|
huawei
|
mt882_v100t002b020_arg-t
|
Multiple cross-site scripting (XSS) vulnerabilities in multiple scripts in Forms/ in Huawei MT882 V100R002B020 ARG-T running firmware 3.7.9.98 allow remote attackers to inject arbitrary web script or…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4196
|
2017-08-17 10:31 |
2009-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
