|
258681
|
- |
|
sun
|
cluster
|
Unspecified vulnerability in clsetup in the configuration utility in Sun Solaris Cluster 3.2 allows local users to gain privileges via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2009-3433
|
2017-08-17 10:31 |
2009-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258682
|
- |
|
onestopjoomla
|
com_tupinambis
|
SQL injection vulnerability in the Tupinambis (com_tupinambis) component 1.0 for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the proyecto parameter in a verproyect…
|
CWE-89
SQL Injection
|
CVE-2009-3434
|
2017-08-17 10:31 |
2009-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258683
|
- |
|
moshe_weitzman
|
devel
|
Cross-site scripting (XSS) vulnerability in the variable editor in the Devel module 5.x before 5.x-1.2 and 6.x before 6.x-1.18, a module for Drupal, allows remote attackers to inject arbitrary web sc…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3435
|
2017-08-17 10:31 |
2009-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258684
|
- |
|
maxwebportal
|
maxwebportal
|
Multiple SQL injection vulnerabilities in forum.asp in MaxWebPortal allow remote attackers to execute arbitrary SQL commands via the (1) FORUM_ID or (2) CAT_ID parameter. NOTE: this might overlap CV…
|
CWE-89
SQL Injection
|
CVE-2009-3436
|
2017-08-17 10:31 |
2009-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258685
|
- |
|
witchakorn_kamolpornwijit
|
com_facebook
|
SQL injection vulnerability in the JoomlaFacebook (com_facebook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a student action to index.php.
|
CWE-89
SQL Injection
|
CVE-2009-3438
|
2017-08-17 10:31 |
2009-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258686
|
- |
|
ariel_barreiro
|
meta_tags
|
The Meta tags (aka Nodewords) module before 6.x-1.1 for Drupal does not properly follow permissions during assignment of node meta tags, which allows remote attackers to obtain sensitive information …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-3442
|
2017-08-17 10:31 |
2009-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258687
|
- |
|
ibm
|
lotus_quickr
|
Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Quickr 8.1.0 services for WebSphere Portal allow remote attackers to inject arbitrary web script or HTML via the filename of a .odt fi…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3453
|
2017-08-17 10:31 |
2009-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258688
|
- |
|
sun
|
solaris
|
Multiple unspecified vulnerabilities in Common Desktop Environment (CDE) in Sun Solaris 10, when Trusted Extensions is enabled, allow local users to execute arbitrary commands or bypass the Mandatory…
|
NVD-CWE-noinfo
|
CVE-2009-3468
|
2017-08-17 10:31 |
2009-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258689
|
- |
|
ibm
|
lotus_connections
|
Cross-site scripting (XSS) vulnerability in profiles/html/simpleSearch.do in IBM Lotus Connections 2.0.1 allows remote attackers to inject arbitrary web script or HTML via the name parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-3469
|
2017-08-17 10:31 |
2009-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258690
|
- |
|
internet2
|
opensaml
xmltooling
shibboleth-sp
|
OpenSAML 2.x before 2.2.1 and XMLTooling 1.x before 1.2.1, as used by Internet2 Shibboleth Service Provider 2.x before 2.2.1, do not follow the KeyDescriptor element's Use attribute, which allows rem…
|
CWE-310
Cryptographic Issues
|
CVE-2009-3474
|
2017-08-17 10:31 |
2009-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
