|
256991
|
- |
|
mozilla
|
firefox
seamonkey
thunderbird
|
Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 decode invisible characters when they are displayed in the location bar, which causes an incorrect address to be…
|
CWE-20
Improper Input Validation
|
CVE-2009-0777
|
2017-09-29 10:34 |
2009-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256992
|
- |
|
tim_hockin
|
acpid
|
ACPI Event Daemon (acpid) before 1.0.10 allows remote attackers to cause a denial of service (CPU consumption and connectivity loss) by opening a large number of UNIX sockets without closing them, wh…
|
CWE-399
Resource Management Errors
|
CVE-2009-0798
|
2017-09-29 10:34 |
2009-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256993
|
- |
|
zfeeder
|
zfeeder
|
zFeeder 1.6 allows remote attackers to gain administrative access via a direct request to admin.php.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-0807
|
2017-09-29 10:34 |
2009-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256994
|
- |
|
xatrix
|
xguestbook
|
SQL injection vulnerability in login.php in xGuestbook 2.0 allows remote attackers to execute arbitrary SQL commands via the user parameter.
|
CWE-89
SQL Injection
|
CVE-2009-0810
|
2017-09-29 10:34 |
2009-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256995
|
- |
|
imera
|
teamlinks
|
Insecure method vulnerability in the ImeraIEPlugin ActiveX control (ImeraIEPlugin.dll 1.0.2.54) in Imera TeamLinks Client allows remote attackers to force the download and execution of arbitrary URLs…
|
CWE-20
Improper Input Validation
|
CVE-2009-0813
|
2017-09-29 10:34 |
2009-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256996
|
- |
|
freedville
|
bloghelper
|
BlogHelper stores common_db.inc under the web root with insufficient access control, which allows remote attackers to download the database file containing user credentials via a direct request.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-0826
|
2017-09-29 10:34 |
2009-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256997
|
- |
|
freedville
|
pollhelper
|
PollHelper stores poll.inc under the web root with insufficient access control, which allows remote attackers to download the database file containing user credentials via a direct request.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-0827
|
2017-09-29 10:34 |
2009-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256998
|
- |
|
freedville
|
quotebook
|
QuoteBook stores quotes.inc under the web root with insufficient access control, which allows remote attackers to obtain sensitive database information, including user credentials, via a direct reque…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-0828
|
2017-09-29 10:34 |
2009-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256999
|
- |
|
php-fusion
|
members_cv_module
|
SQL injection vulnerability in members.php in the Members CV (job) module 1.0 for PHP-Fusion, when magic_quotes_gpc is disabled, allows remote authenticated users to execute arbitrary SQL commands vi…
|
CWE-89
SQL Injection
|
CVE-2009-0831
|
2017-09-29 10:34 |
2009-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257000
|
- |
|
myplugins
|
gen_msn
|
Heap-based buffer overflow in gen_msn.dll in the gen_msn plugin 0.31 for Winamp 5.541 allows remote attackers to execute arbitrary code via a playlist (.pls) file with a long URL in the File1 field. …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-0833
|
2017-09-29 10:34 |
2009-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
