|
260401
|
- |
|
phenotype-cms
|
phenotype_cms
|
Phenotype CMS before 2.9 does not use a random salt value for password encryption, which makes it easier for context-dependent attackers to determine cleartext passwords.
|
CWE-310
Cryptographic Issues
|
CVE-2009-2951
|
2017-08-17 10:30 |
2009-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260402
|
- |
|
ibm
|
websphere_commerce_suite
|
The (1) Net.Commerce and (2) Net.Data components in IBM WebSphere Commerce Suite store sensitive information under the web root with insufficient access control, which allows remote attackers to disc…
|
CWE-200
Information Exposure
|
CVE-2009-2956
|
2017-08-17 10:30 |
2009-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260403
|
- |
|
decomputeur
|
toolbar_uninstaller
|
Unspecified vulnerability in the update feature in Toolbar Uninstaller 1.0.2 allows remote attackers to force the download and execution of arbitrary files via attack vectors related to a "malformed …
|
NVD-CWE-noinfo
|
CVE-2009-2963
|
2017-08-17 10:30 |
2009-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260404
|
- |
|
kaspersky
|
kaspersky_anti-virus
kaspersky_internet_security
|
avp.exe in Kaspersky Internet Security 9.0.0.459 and Anti-Virus 9.0.0.463 allows remote attackers to cause a denial of service (CPU consumption and network connectivity loss) via an HTTP URL request …
|
CWE-399
Resource Management Errors
|
CVE-2009-2966
|
2017-08-17 10:30 |
2009-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260405
|
- |
|
buildbot
|
buildbot
|
Multiple cross-site scripting (XSS) vulnerabilities in Buildbot 0.7.6 through 0.7.11p2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, different vulnerabilities…
|
CWE-79
Cross-site Scripting
|
CVE-2009-2967
|
2017-08-17 10:30 |
2009-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260406
|
- |
|
google
|
chrome
|
Google Chrome before 2.0.172.43 does not prevent SSL connections to a site with an X.509 certificate signed with the (1) MD2 or (2) MD4 algorithm, which makes it easier for man-in-the-middle attacker…
|
CWE-310
Cryptographic Issues
|
CVE-2009-2973
|
2017-08-17 10:30 |
2009-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260407
|
- |
|
mozilla
|
firefox
|
Mozilla Firefox 3.5.2 on Windows XP, in some situations possibly involving an incompletely configured protocol handler, does not properly implement setting the document.location property to a value s…
|
NVD-CWE-Other
|
CVE-2009-2975
|
2017-08-17 10:30 |
2009-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260408
|
- |
|
sugarcrm
|
sugarcrm
|
SQL injection vulnerability in SugarCRM 4.5.1o and earlier, 5.0.0k and earlier, and 5.2.0g and earlier, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2009-2978
|
2017-08-17 10:30 |
2009-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260409
|
- |
|
lunascape
|
lunascape
|
Lunascape 5.1.3 and 5.1.4 allows remote attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary URL on the web site visited by the victim, as demonstrated by a v…
|
NVD-CWE-Other
|
CVE-2009-3005
|
2017-08-17 10:30 |
2009-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260410
|
- |
|
drupal
|
views_bulk_operations
|
Cross-site scripting (XSS) vulnerability in the theme_views_bulk_operations_confirmation function in views_bulk_operations.module in Views Bulk Operations 5.x before 5.x-1.3 and 6.x before 6.x-1.4, a…
|
CWE-79
Cross-site Scripting
|
CVE-2009-0575
|
2017-08-17 10:29 |
2009-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
