|
262991
|
- |
|
wireshark
|
wireshark
|
packet-paltalk.c in the Paltalk dissector in Wireshark 1.2.0 through 1.2.2, on SPARC and certain other platforms, allows remote attackers to cause a denial of service (application crash) via a file t…
|
CWE-20
Improper Input Validation
|
CVE-2009-3549
|
2017-09-19 10:29 |
2009-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262992
|
- |
|
xerver
|
xerver
|
Directory traversal vulnerability in Xerver HTTP Server 4.32 allows remote attackers to read arbitrary files via a full pathname with a drive letter in the currentPath parameter in a chooseDirectory …
|
CWE-22
Path Traversal
|
CVE-2009-3561
|
2017-09-19 10:29 |
2009-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262993
|
- |
|
xerver
|
xerver
|
Cross-site scripting (XSS) vulnerability in Xerver HTTP Server 4.32 allows remote attackers to inject arbitrary web script or HTML via the currentPath parameter in a chooseDirectory action.
|
CWE-79
Cross-site Scripting
|
CVE-2009-3562
|
2017-09-19 10:29 |
2009-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262994
|
- |
|
tony_million
|
tuniac
|
Tuniac 090517c allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long File1 argument in a .pls playlist file, possibly a buffer overflow.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-3574
|
2017-09-19 10:29 |
2009-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262995
|
- |
|
vspanel
|
vs_panel
|
SQL injection vulnerability in showcat.php in VS PANEL 7.3.6 allows remote attackers to execute arbitrary SQL commands via the Cat_ID parameter.
|
CWE-89
SQL Injection
|
CVE-2009-3590
|
2017-09-19 10:29 |
2009-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262996
|
- |
|
vspanel
|
vs_panel
|
SQL injection vulnerability in results.php in VS PANEL 7.5.5 allows remote attackers to execute arbitrary SQL commands via the Cat_ID parameter, a different vector than CVE-2009-3590.
|
CWE-89
SQL Injection
|
CVE-2009-3595
|
2017-09-19 10:29 |
2009-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262997
|
- |
|
joxtechnology
|
ajox_poll
|
JoxTechnology Ajox Poll does not properly restrict access to admin/managepoll.php, which allows remote attackers to bypass authentication and gain administrative access via a direct request.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-3596
|
2017-09-19 10:29 |
2009-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262998
|
- |
|
adium
pidgin
|
adium
pidgin
|
The OSCAR protocol plugin in libpurple in Pidgin before 2.6.3 and Adium before 1.3.7 allows remote attackers to cause a denial of service (application crash) via crafted contact-list data for (1) ICQ…
|
CWE-399
Resource Management Errors
|
CVE-2009-3615
|
2017-09-19 10:29 |
2009-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262999
|
- |
|
intervations
|
navicopa_web_server
|
InterVations NaviCOPA Web Server 3.01 allows remote attackers to obtain the source code for a web page via an HTTP request with the addition of ::$DATA after the HTML file name.
|
CWE-200
Information Exposure
|
CVE-2009-3646
|
2017-09-19 10:29 |
2009-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263000
|
- |
|
stanback
|
bs_counter
|
SQL injection vulnerability in file/stats.php in BS Counter 2.5.3 allows remote attackers to execute arbitrary SQL commands via the page parameter.
|
CWE-89
SQL Injection
|
CVE-2009-3659
|
2017-09-19 10:29 |
2009-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
