|
287961
|
- |
|
opencart
|
opencart
|
Directory traversal vulnerability in index.php in OpenCart 1.1.8 allows remote attackers to read arbitrary files via a .. (dot dot) in the route parameter.
|
CWE-22
Path Traversal
|
CVE-2009-1621
|
2018-10-11 04:37 |
2009-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287962
|
- |
|
antony_lesuisse
|
ajaxterm
|
ajaxterm.js in AjaxTerm 0.10 and earlier generates session IDs with predictable random numbers based on certain JavaScript functions, which makes it easier for remote attackers to (1) hijack a sessio…
|
CWE-287
Improper Authentication
|
CVE-2009-1629
|
2018-10-11 04:37 |
2009-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287963
|
- |
|
novell
|
groupwise
|
Multiple cross-site scripting (XSS) vulnerabilities in the WebAccess component in Novell GroupWise 7.x before 7.03 HP3 and 8.x before 8.0 HP2 allow remote attackers to inject arbitrary web script or …
|
CWE-79
Cross-site Scripting
|
CVE-2009-1635
|
2018-10-11 04:37 |
2009-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287964
|
- |
|
novell
|
groupwise
|
Multiple buffer overflows in the Internet Agent (aka GWIA) component in Novell GroupWise 7.x before 7.03 HP3 and 8.x before 8.0 HP2 allow remote attackers to execute arbitrary code via (1) a crafted …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-1636
|
2018-10-11 04:37 |
2009-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287965
|
- |
|
anoldman
|
utopic
|
SQL injection vulnerability in admin/utopic.php in uTopic 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the rating parameter to index.php.
|
CWE-89
SQL Injection
|
CVE-2009-1661
|
2018-10-11 04:37 |
2009-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287966
|
- |
|
mcafee
|
active_virus_defense
active_virusscan
email_gateway
internet_security_suite
securityshield_for_email_servers
securityshield_for_microsoft_isa_server
securityshield_for_microsoft_sha…
|
The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, Internet Security, SecurityShield for Microsoft ISA Server, Security for Microsoft Sharepoint, Security for Email Servers, Email G…
|
CWE-20
Improper Input Validation
|
CVE-2009-1348
|
2018-10-11 04:36 |
2009-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287967
|
- |
|
redhat
|
stronghold
|
Cross-site scripting (XSS) vulnerability in C2Net Stronghold 2.3 allows remote attackers to inject arbitrary web script or HTML via the URI.
|
CWE-79
Cross-site Scripting
|
CVE-2009-1349
|
2018-10-11 04:36 |
2009-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287968
|
- |
|
novell
|
netidentity_client1.2.3
|
Unspecified vulnerability in xtagent.exe in Novell NetIdentity Client before 1.2.4 allows remote attackers to execute arbitrary code by establishing an IPC$ connection to the XTIERRPCPIPE named pipe,…
|
CWE-20
Improper Input Validation
|
CVE-2009-1350
|
2018-10-11 04:36 |
2009-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287969
|
- |
|
sebastian_fernandez
|
zervit
|
Buffer overflow in the http_parse_hex function in libz/misc.c in Zervit Webserver 0.02 allows remote attackers to cause a denial of service (daemon crash) via a long URI, related to http.c.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-1353
|
2018-10-11 04:36 |
2009-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287970
|
- |
|
sergey_lyubka
|
mongoose
|
Directory traversal vulnerability in Mongoose 2.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI.
|
CWE-22
Path Traversal
|
CVE-2009-1354
|
2018-10-11 04:36 |
2009-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
