|
284931
|
- |
|
tincan
|
phplist
|
Register Globals are disabled by default, so this will not increase access complexity.
|
CWE-94
Code Injection
|
CVE-2009-0422
|
2018-10-12 06:01 |
2009-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284932
|
- |
|
activewebsoftwares
|
active_bids
|
Multiple SQL injection vulnerabilities in Active Bids allow remote attackers to execute arbitrary SQL commands via the (1) search parameter to search.asp, (2) SortDir parameter to auctionsended.asp, …
|
CWE-89
SQL Injection
|
CVE-2009-0429
|
2018-10-12 06:01 |
2009-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284933
|
- |
|
activewebsoftwares
|
active_bids
|
Multiple cross-site scripting (XSS) vulnerabilities in Active Bids allow remote attackers to inject arbitrary web script or HTML via the (1) search parameter to search.asp and the (2) URL parameter t…
|
CWE-79
Cross-site Scripting
|
CVE-2009-0430
|
2018-10-12 06:01 |
2009-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284934
|
- |
|
kaspersky_lab
|
kaspersky_anti-virus
|
Buffer overflow in klim5.sys in Kaspersky Anti-Virus for Workstations 6.0 and Anti-Virus 2008 allows local users to gain privileges via an IOCTL 0x80052110 call.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-0449
|
2018-10-12 06:01 |
2009-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284935
|
- |
|
cisco
|
ios
|
Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 12.4(23) allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI under (…
|
CWE-79
Cross-site Scripting
|
CVE-2009-0470
|
2018-10-12 06:01 |
2009-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284936
|
- |
|
cisco
|
ios
|
Cross-site request forgery (CSRF) vulnerability in the HTTP server in Cisco IOS 12.4(23) allows remote attackers to execute arbitrary commands, as demonstrated by executing the hostname command with …
|
CWE-352
Origin Validation Error
|
CVE-2009-0471
|
2018-10-12 06:01 |
2009-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284937
|
- |
|
multimediasoft
|
audio_dj_studio_for_.net
audio_sound_editer_for_.net
audio_sound_recorder_for_.net
audio_sound_studio_for_.net
audio_sound_suite_for_.net
|
Stack-based buffer overflow in MultiMedia Soft AdjMmsEng.dll 7.11.1.0 and 7.11.2.7, as distributed in multiple MultiMedia Soft audio components for .NET, allows remote attackers to execute arbitrary …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-0476
|
2018-10-12 06:01 |
2009-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284938
|
- |
|
squid
|
squid
|
Squid 2.7 to 2.7.STABLE5, 3.0 to 3.0.STABLE12, and 3.1 to 3.1.0.4 allows remote attackers to cause a denial of service via an HTTP request with an invalid version number, which triggers a reachable a…
|
CWE-20
Improper Input Validation
|
CVE-2009-0478
|
2018-10-12 06:01 |
2009-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284939
|
- |
|
igniterealtime
|
openfire
|
Directory traversal vulnerability in log.jsp in Ignite Realtime Openfire 3.6.2 allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the log parameter.
|
CWE-22
Path Traversal
|
CVE-2009-0497
|
2018-10-12 06:01 |
2009-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284940
|
- |
|
ignite_realtime
|
openfire
|
Multiple cross-site scripting (XSS) vulnerabilities in Ignite Realtime Openfire 3.6.2 allow remote attackers to inject arbitrary web script or HTML via the (1) log parameter to (a) logviewer.jsp and …
|
CWE-79
Cross-site Scripting
|
CVE-2009-0496
|
2018-10-12 06:01 |
2009-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
