|
257111
|
- |
|
flexcms
|
flexcms
|
SQL injection vulnerability in FlexCMS allows remote attackers to execute arbitrary SQL commands via the catId parameter.
|
CWE-89
SQL Injection
|
CVE-2009-0534
|
2017-09-29 10:33 |
2009-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257112
|
- |
|
extrosoft
|
thyme
|
Directory traversal vulnerability in export.php in Thyme 1.3 and earlier, when register_globals is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the export_to parame…
|
CWE-22
Path Traversal
|
CVE-2009-0535
|
2017-09-29 10:33 |
2009-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257113
|
- |
|
ibm
|
aix
|
at in bos.rte.cron on IBM AIX 5.2.0, 5.3.0 through 5.3.9, and 6.1.0 through 6.1.2 allows local users to read arbitrary files via unspecified vectors, related to failure to drop root privileges.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-0536
|
2017-09-29 10:33 |
2009-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257114
|
- |
|
evolution
|
evolution
|
Evolution 2.22.3.1 checks S/MIME signatures against a copy of the e-mail text within a signed-data blob, not the copy of the e-mail text displayed to the user, which allows remote attackers to spoof …
|
CWE-310
Cryptographic Issues
|
CVE-2009-0547
|
2017-09-29 10:33 |
2009-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257115
|
- |
|
ninjadesigns
|
mailist
|
Directory traversal vulnerability in send.php in Ninja Designs Mailist 3.0, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary…
|
CWE-22
Path Traversal
|
CVE-2009-0570
|
2017-09-29 10:33 |
2009-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257116
|
- |
|
ninjadesigns
|
mailist
|
admin.php in Ninja Designs Mailist 3.0 stores backup copies of maillist.php under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a di…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-0571
|
2017-09-29 10:33 |
2009-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257117
|
- |
|
cafeengine
|
easycafeengine
|
SQL injection vulnerability in index.php in Easy CafeEngine allows remote attackers to execute arbitrary SQL commands via the catid parameter, a different vector than CVE-2008-4604.
|
CWE-89
SQL Injection
|
CVE-2009-0574
|
2017-09-29 10:33 |
2009-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257118
|
- |
|
ubuntu
|
ubuntu_linux
|
GNOME NetworkManager before 0.7.0.99 does not properly verify privileges for dbus (1) modify and (2) delete requests, which allows local users to change or remove the network connections of arbitrary…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-0578
|
2017-09-29 10:33 |
2009-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257119
|
- |
|
gnome
|
evolution-data-server
|
The ntlm_challenge function in the NTLM SASL authentication mechanism in camel/camel-sasl-ntlm.c in Camel in Evolution Data Server (aka evolution-data-server) 2.24.5 and earlier, and 2.25.92 and earl…
|
CWE-20
Improper Input Validation
|
CVE-2009-0582
|
2017-09-29 10:33 |
2009-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257120
|
- |
|
pnphpbb
|
pnphpbb2
|
Multiple directory traversal vulnerabilities in PNphpBB2 1.2i and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the ModName parameter to (1) admin_…
|
CWE-22
Path Traversal
|
CVE-2009-0592
|
2017-09-29 10:33 |
2009-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
