|
305741
|
6.1 |
MEDIUM
Network
|
mantisbt
|
mantisbt
|
MantisBT 1.2.x before 1.2.2 insecurely handles attachments and MIME types. Arbitrary inline attachment rendering could lead to cross-domain scripting or other browser attacks.
|
CWE-79
Cross-site Scripting
|
CVE-2009-2802
|
2024-11-21 10:05 |
2019-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305742
|
- |
|
ibm
|
websphere_application_server
|
Cross-site scripting (XSS) vulnerability in the Administration Console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.29 and 7.1 before 7.0.0.7 allows remote attackers to inject arbitrary…
|
CWE-79
Cross-site Scripting
|
CVE-2009-2748
|
2024-11-21 10:05 |
2011-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305743
|
- |
|
ibm
|
websphere_application_server
|
The Java Naming and Directory Interface (JNDI) implementation in IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.39, 6.1 before 6.1.0.29, and 7.0 before 7.0.0.7 does not properly restrict acc…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-2747
|
2024-11-21 10:05 |
2011-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305744
|
- |
|
apache
|
tomcat
|
Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat on Red Hat Enterprise Linux 5, Desktop Workstation 5, and Lin…
|
CWE-79
Cross-site Scripting
|
CVE-2009-2696
|
2024-11-21 10:05 |
2010-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305745
|
4.3 |
MEDIUM
Network
|
apple
|
safari
|
Apple Safari before 9.1 allows remote attackers to spoof the user interface via a web page that places text in a crafted context, leading to unintended use of that text within a Safari dialog.
|
CWE-19
Data Processing Errors
|
CVE-2009-2197
|
2024-11-21 10:04 |
2016-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305746
|
- |
|
apple
|
airport_express_base_station_firmware
airport_extreme_base_station_firmware
airport_express
airport_extreme
time_capsule
|
The ICMPv6 implementation on the Apple Time Capsule, AirPort Extreme Base Station, and AirPort Express Base Station with firmware before 7.5.2 does not limit the rate of (1) Router Advertisement and …
|
CWE-399
Resource Management Errors
|
CVE-2009-2189
|
2024-11-21 10:04 |
2010-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305747
|
8.1 |
HIGH
Network
|
mantisbt
|
mantisbt
|
An issue was discovered in MantisBT before 2.24.5. It associates a unique cookie string with each user. This string is not reset upon logout (i.e., the user session is still considered valid and acti…
|
CWE-613
Insufficient Session Expiration
|
CVE-2009-20001
|
2024-11-21 10:03 |
2021-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305748
|
6.1 |
MEDIUM
Network
|
sandbox_theme_project
|
sandbox_theme
|
A vulnerability was found in Turante Sandbox Theme up to 1.5.2. It has been classified as problematic. This affects the function sandbox_body_class of the file functions.php. The manipulation of the …
|
-
|
CVE-2009-10004
|
2024-11-21 10:01 |
2023-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305749
|
6.1 |
MEDIUM
Network
|
cool-php-captcha_project
|
cool-php-captcha
|
A vulnerability classified as problematic was found in jianlinwei cool-php-captcha up to 0.2. This vulnerability affects unknown code of the file example-form.php. The manipulation of the argument ca…
|
-
|
CVE-2009-10001
|
2024-11-21 10:01 |
2023-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305750
|
6.1 |
MEDIUM
Network
|
wordcraft_project
|
wordcraft
|
A vulnerability was found in capnsquarepants wordcraft up to 0.6. It has been classified as problematic. Affected is an unknown function of the file tag.php. The manipulation of the argument tag lead…
|
-
|
CVE-2009-10003
|
2024-11-21 10:01 |
2023-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
