|
258181
|
- |
|
mozilla
|
bugzilla
|
Template.pm in Bugzilla 3.3.2 through 3.4.3 and 3.5 through 3.5.1 allows remote attackers to discover the alias of a private bug by reading the (1) Depends On or (2) Blocks field of a related bug.
|
CWE-200
Information Exposure
|
CVE-2009-3386
|
2017-08-17 10:31 |
2009-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258182
|
- |
|
sun
|
opensolaris
solaris
|
Unspecified vulnerability in xscreensaver in Sun Solaris 10, and OpenSolaris before snv_112, when Xorg or Xnewt is used and RandR is enabled, allows physically proximate attackers to read a locked sc…
|
NVD-CWE-noinfo
|
CVE-2009-3432
|
2017-08-17 10:31 |
2009-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258183
|
- |
|
sun
|
cluster
|
Unspecified vulnerability in clsetup in the configuration utility in Sun Solaris Cluster 3.2 allows local users to gain privileges via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2009-3433
|
2017-08-17 10:31 |
2009-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258184
|
- |
|
onestopjoomla
|
com_tupinambis
|
SQL injection vulnerability in the Tupinambis (com_tupinambis) component 1.0 for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the proyecto parameter in a verproyect…
|
CWE-89
SQL Injection
|
CVE-2009-3434
|
2017-08-17 10:31 |
2009-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258185
|
- |
|
moshe_weitzman
|
devel
|
Cross-site scripting (XSS) vulnerability in the variable editor in the Devel module 5.x before 5.x-1.2 and 6.x before 6.x-1.18, a module for Drupal, allows remote attackers to inject arbitrary web sc…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3435
|
2017-08-17 10:31 |
2009-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258186
|
- |
|
maxwebportal
|
maxwebportal
|
Multiple SQL injection vulnerabilities in forum.asp in MaxWebPortal allow remote attackers to execute arbitrary SQL commands via the (1) FORUM_ID or (2) CAT_ID parameter. NOTE: this might overlap CV…
|
CWE-89
SQL Injection
|
CVE-2009-3436
|
2017-08-17 10:31 |
2009-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258187
|
- |
|
witchakorn_kamolpornwijit
|
com_facebook
|
SQL injection vulnerability in the JoomlaFacebook (com_facebook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a student action to index.php.
|
CWE-89
SQL Injection
|
CVE-2009-3438
|
2017-08-17 10:31 |
2009-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258188
|
- |
|
ariel_barreiro
|
meta_tags
|
The Meta tags (aka Nodewords) module before 6.x-1.1 for Drupal does not properly follow permissions during assignment of node meta tags, which allows remote attackers to obtain sensitive information …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-3442
|
2017-08-17 10:31 |
2009-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258189
|
- |
|
ibm
|
lotus_quickr
|
Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Quickr 8.1.0 services for WebSphere Portal allow remote attackers to inject arbitrary web script or HTML via the filename of a .odt fi…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3453
|
2017-08-17 10:31 |
2009-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258190
|
- |
|
sun
|
solaris
|
Multiple unspecified vulnerabilities in Common Desktop Environment (CDE) in Sun Solaris 10, when Trusted Extensions is enabled, allow local users to execute arbitrary commands or bypass the Mandatory…
|
NVD-CWE-noinfo
|
CVE-2009-3468
|
2017-08-17 10:31 |
2009-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
