260681
|
- |
|
razorcms
|
razorcms
|
Cross-site scripting (XSS) vulnerability in the Create New Page form in razorCMS 0.3 RC2 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the Page Title field.
|
CWE-79
Cross-site Scripting
|
CVE-2009-1461
|
2017-08-17 10:30 |
2009-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260682
|
- |
|
razorcms
|
razorcms
|
The Security Manager in razorCMS before 0.4 does not verify the permissions of every file owned by the apache user account, which is inconsistent with the documentation and allows local users to have…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-1462
|
2017-08-17 10:30 |
2009-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260683
|
- |
|
razorcms
|
razorcms
|
Static code injection vulnerability in razorCMS before 0.4 allows remote attackers to inject arbitrary PHP code into any page by saving content as a .php file.
|
CWE-94
Code Injection
|
CVE-2009-1463
|
2017-08-17 10:30 |
2009-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260684
|
- |
|
darren_reed
|
ipfilter
|
Buffer overflow in lib/load_http.c in ippool in Darren Reed IPFilter (aka IP Filter) 4.1.31 allows local users to gain privileges via vectors involving a long hostname in a URL.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-1476
|
2017-08-17 10:30 |
2009-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260685
|
- |
|
sun
|
opensolaris solaris
|
Multiple unspecified vulnerabilities in the DTrace ioctl handlers in Sun Solaris 10, and OpenSolaris before snv_114, allow local users to cause a denial of service (panic) via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2009-1478
|
2017-08-17 10:30 |
2009-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260686
|
- |
|
pjhome
|
puterjams_blog
|
SQL injection vulnerability in action.asp in PuterJam's Blog (PJBlog3) 3.0.6.170 allows remote attackers to execute arbitrary SQL commands via the cname parameter in a checkAlias action, as exploited…
|
CWE-89
SQL Injection
|
CVE-2009-1481
|
2017-08-17 10:30 |
2009-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260687
|
- |
|
moinmo moinmoin
|
moinmoin
|
Multiple cross-site scripting (XSS) vulnerabilities in action/AttachFile.py in MoinMoin 1.8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) an AttachFile sub-actio…
|
CWE-79
Cross-site Scripting
|
CVE-2009-1482
|
2017-08-17 10:30 |
2009-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260688
|
- |
|
aemuleplus emuleplus
|
emule_plus
|
The logging feature in eMule Plus before 1.2e allows remote attackers to cause a denial of service (infinite loop) via unspecified attack vectors.
|
NVD-CWE-noinfo
|
CVE-2009-1485
|
2017-08-17 10:30 |
2009-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260689
|
- |
|
sendmail
|
sendmail
|
Heap-based buffer overflow in Sendmail before 8.13.2 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long X- header, as demonstrated by a…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-1490
|
2017-08-17 10:30 |
2009-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260690
|
- |
|
mcafee
|
groupshield
|
McAfee GroupShield for Microsoft Exchange on Exchange Server 2000, and possibly other anti-virus or anti-spam products from McAfee or other vendors, does not scan X- headers for malicious content, wh…
|
CWE-20
Improper Input Validation
|
CVE-2009-1491
|
2017-08-17 10:30 |
2009-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|