|
297871
|
- |
|
roundcube
|
webmail
|
Cross-site scripting (XSS) vulnerability in RoundCube Webmail (roundcubemail) 0.2 stable allows remote attackers to inject arbitrary web script or HTML via the background attribute embedded in an HTM…
|
CWE-79
Cross-site Scripting
|
CVE-2009-0413
|
2017-08-8 10:33 |
2009-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297872
|
- |
|
microsoft
|
xml_core_services
|
Microsoft XML Core Services, as used in Microsoft Expression Web, Office, Internet Explorer 6 and 7, and other products, does not properly restrict access from web pages to Set-Cookie2 HTTP response …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-0419
|
2017-08-8 10:33 |
2009-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297873
|
- |
|
an_guestbook
|
an_guestbook
|
Cross-site scripting (XSS) vulnerability in sign1.php in AN Guestbook (ANG) before 0.7.7 allows remote attackers to inject arbitrary web script or HTML via the country parameter, which is not properl…
|
CWE-79
Cross-site Scripting
|
CVE-2009-0424
|
2017-08-8 10:33 |
2009-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297874
|
- |
|
ibm
|
websphere_application_server
|
The installation process for the File Transfer servlet in the System Management/Repository component in IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.19 does not enable the secure version…
|
CWE-16
Configuration
|
CVE-2009-0432
|
2017-08-8 10:33 |
2009-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297875
|
- |
|
ibm
|
websphere_application_server
|
Unspecified vulnerability in IBM WebSphere Application Server (WAS) 5.1.x before 5.1.1.19, 6.0.x before 6.0.2.29, and 6.1.x before 6.1.0.19, when Web Server plug-in content buffering is enabled, allo…
|
NVD-CWE-noinfo
|
CVE-2009-0433
|
2017-08-8 10:33 |
2009-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297876
|
- |
|
ibm
|
websphere_application_server
|
PerfServlet in the PMI/Performance Tools component in IBM WebSphere Application Server (WAS) 6.0.x before 6.0.2.31, 6.1.x before 6.1.0.21, and 7.0.x before 7.0.0.1, when Performance Monitoring Infras…
|
CWE-200
Information Exposure
|
CVE-2009-0434
|
2017-08-8 10:33 |
2009-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297877
|
- |
|
ibm
|
websphere_application_server
|
Unspecified vulnerability in the IBM Asynchronous I/O (aka AIO or libibmaio) library in the Java Message Service (JMS) component in IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.17 on AIX…
|
NVD-CWE-noinfo
|
CVE-2009-0435
|
2017-08-8 10:33 |
2009-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297878
|
- |
|
ibm
|
websphere_application_server
|
The (1) mod_ibm_ssl and (2) mod_cgid modules in IBM HTTP Server 6.0.x before 6.0.2.31 and 6.1.x before 6.1.0.19, as used in WebSphere Application Server (WAS), set incorrect permissions for AF_UNIX s…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-0436
|
2017-08-8 10:33 |
2009-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297879
|
- |
|
ibm
|
websphere_application_server
|
The Installation Factory installation process for IBM WebSphere Application Server (WAS) 6.0.2 on Windows, when WAS is registered as a Windows service, allows local users to obtain sensitive informat…
|
CWE-200
Information Exposure
|
CVE-2009-0437
|
2017-08-8 10:33 |
2009-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297880
|
- |
|
ibm
|
websphere_application_server
|
IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 on Windows allows remote attackers to bypass "Authorization checking" and obtain sensitive information from JSP pages via a crafted request. N…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-0438
|
2017-08-8 10:33 |
2009-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
