|
294001
|
- |
|
webdynamite
|
projectbutler
|
PHP remote file inclusion vulnerability in pda_projects.php in WebDynamite ProjectButler 1.5.0 allows remote attackers to execute arbitrary PHP code via a URL in the offset parameter.
|
CWE-94
Code Injection
|
CVE-2009-2791
|
2017-09-19 10:29 |
2009-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294002
|
- |
|
joshua_oliver
|
really_simple_cms
|
Directory traversal vulnerability in plugings/pagecontent.php in Really Simple CMS (RSCMS) 0.3a allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the PT param…
|
CWE-22
Path Traversal
|
CVE-2009-2792
|
2017-09-19 10:29 |
2009-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294003
|
- |
|
apple
|
itunes
|
Buffer overflow in Apple iTunes before 9.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted .pls file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-2817
|
2017-09-19 10:29 |
2009-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294004
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
The web interface in CUPS before 1.4.2, as used on Apple Mac OS X before 10.6.2 and other platforms, does not properly handle (1) HTTP headers and (2) HTML templates, which allows remote attackers to…
|
CWE-79
Cross-site Scripting
|
CVE-2009-2820
|
2017-09-19 10:29 |
2009-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294005
|
- |
|
apple
|
mac_os_x
|
Heap-based buffer overflow in QuickDraw Manager in Apple Mac OS X before 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT i…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-2837
|
2017-09-19 10:29 |
2009-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294006
|
- |
|
apple
|
safari
|
Apple Safari before 4.0.4 does not properly implement certain (1) Open Image and (2) Open Link menu options, which allows remote attackers to read local HTML files via a crafted web site.
|
NVD-CWE-Other
|
CVE-2009-2842
|
2017-09-19 10:29 |
2009-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294007
|
- |
|
ryan.mcgeary
|
wp-syntax
|
WP-Syntax plugin 0.9.1 and earlier for Wordpress, with register_globals enabled, allows remote attackers to execute arbitrary PHP code via the test_filter[wp_head] array parameter to test/index.php, …
|
CWE-20
Improper Input Validation
|
CVE-2009-2852
|
2017-09-19 10:29 |
2009-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294008
|
- |
|
cisco
|
ios
|
Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4T, 12.4XZ, and 12.4YA, when Zone-Based Policy Firewall SIP Inspection is enabled, allows remote attackers to cause a den…
|
NVD-CWE-noinfo
|
CVE-2009-2867
|
2017-09-19 10:29 |
2009-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294009
|
- |
|
cisco
|
ios
|
Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to cause a denial of service (device reload) via a crafted NTPv4 p…
|
NVD-CWE-noinfo
|
CVE-2009-2869
|
2017-09-19 10:29 |
2009-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294010
|
- |
|
artis.imag
|
basilic
|
Multiple SQL injection vulnerabilities in Basilic 1.5.13 allow remote attackers to execute arbitrary SQL commands via the idAuthor parameter to (1) index.php and possibly (2) allpubs.php in publicati…
|
CWE-89
SQL Injection
|
CVE-2009-2881
|
2017-09-19 10:29 |
2009-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
