|
347221
|
- |
|
ibm
|
aix
|
bos.rte.libc 5.3.9.4 on IBM AIX 5.3 does not properly support reading a certain address field after a successful getaddrinfo function call, which allows context-dependent attackers to cause a denial …
|
NVD-CWE-Other
|
CVE-2010-1124
|
2010-03-29 13:00 |
2010-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347222
|
- |
|
jbmc-software
|
directadmin
|
JBMC Software DirectAdmin before 1.334 allows local users to create or overwrite any file via a symlink attack on an arbitrary file in a certain temporary directory, related to a request for this tem…
|
CWE-59
Link Following
|
CVE-2009-1526
|
2010-03-29 13:00 |
2009-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347223
|
- |
|
skype
|
skype
|
Unspecified vulnerability in the Extras Manager before 2.0.0.67 in Skype before 4.1.0.179 on Windows has unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2009-4741
|
2010-03-29 13:00 |
2010-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347224
|
- |
|
arwscripts
|
fonts_script
|
Directory traversal vulnerability in viewfile.php in ARWScripts Fonts Script allows remote attackers to read arbitrary local files via directory traversal sequences in a base64-encoded f parameter. …
|
CWE-22
Path Traversal
|
CVE-2010-0613
|
2010-03-26 14:37 |
2010-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347225
|
- |
|
tristan_barczyk
|
klonews
|
Cross-site scripting (XSS) vulnerability in cat.php in KloNews 2.0 allows remote attackers to inject arbitrary web script or HTML via the cat parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2010-1112
|
2010-03-26 13:00 |
2010-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347226
|
- |
|
phptroubleticket
|
php_trouble_ticket
|
SQL injection vulnerability in vedi_faq.php in PHP Trouble Ticket 2.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2010-1089
|
2010-03-25 13:00 |
2010-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347227
|
- |
|
scriptsfeed
|
dating_software
|
Multiple SQL injection vulnerabilities in searchmatch.php in ScriptsFeed Dating Software allow remote attackers to execute arbitrary SQL commands via the (1) txtgender and (2) txtlookgender parameter…
|
CWE-89
SQL Injection
|
CVE-2010-1096
|
2010-03-25 13:00 |
2010-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347228
|
- |
|
springsource
|
application_management_suite
hyperic_hq
tc_server
|
Multiple cross-site scripting (XSS) vulnerabilities in SpringSource tc Server 6.0.20.B and earlier, Application Management Suite (AMS) before 2.0.0.SR4, Hyperic HQ Open Source before 4.2.x, Hyperic H…
|
CWE-79
Cross-site Scripting
|
CVE-2009-2907
|
2010-03-25 13:00 |
2010-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347229
|
- |
|
springsource
|
application_management_suite
hyperic_hq
tc_server
|
Per: http://www.springsource.com/security/cve-2009-2907
'Mitigation:
* Hyperic HQ Open Source users should upgrade to Hyperic HQ 4.2.x
* Hyperic HQ 4.0 Enterprise users should upgra…
|
CWE-79
Cross-site Scripting
|
CVE-2009-2907
|
2010-03-25 13:00 |
2010-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347230
|
- |
|
openinferno
|
oi.blogs
|
Multiple directory traversal vulnerabilities in OI.Blogs 1.0.0, when magic_quotes_gpc is disabled, allow remote attackers to read arbitrary files via directory traversal sequences in the (1) theme pa…
|
CWE-22
Path Traversal
|
CVE-2010-1082
|
2010-03-25 04:52 |
2010-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
