|
305041
|
- |
|
dootzky
|
oblog
|
Multiple cross-site request forgery (CSRF) vulnerabilities in oBlog allow remote attackers to hijack the authentication of administrators for requests that (1) change the admin password, (2) force an…
|
CWE-352
Origin Validation Error
|
CVE-2009-4907
|
2024-11-21 10:10 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305042
|
- |
|
accscripts
|
acc_php_email
|
Cross-site request forgery (CSRF) vulnerability in index.php in Acc PHP eMail 1.1 allows remote attackers to hijack the authentication of administrators for requests that change passwords.
|
CWE-352
Origin Validation Error
|
CVE-2009-4906
|
2024-11-21 10:10 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305043
|
- |
|
accscripts
|
acc_statistics
|
Multiple cross-site request forgery (CSRF) vulnerabilities in index.php in Acc Statistics 1.1 allow remote attackers to hijack the authentication of administrators for requests that change (1) passwo…
|
CWE-352
Origin Validation Error
|
CVE-2009-4905
|
2024-11-21 10:10 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305044
|
- |
|
dootzky
|
oblog
|
article.php in oBlog does not properly restrict comments, which allows remote attackers to cause a denial of service (blog spam) via a comment=new action.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-4904
|
2024-11-21 10:10 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305045
|
- |
|
dootzky
|
oblog
|
Cross-site scripting (XSS) vulnerability in index.php in oBlog allows remote attackers to inject arbitrary web script or HTML via the search parameter. NOTE: the provenance of this information is un…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4903
|
2024-11-21 10:10 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305046
|
- |
|
muscle
|
pcsc-lite
|
Buffer overflow in the MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE PCSC-Lite 1.5.4 and earlier might allow local users to gain privileges via…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-4902
|
2024-11-21 10:10 |
2010-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305047
|
- |
|
muscle
|
pcsc-lite
|
The MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE PCSC-Lite before 1.5.4 might allow local users to cause a denial of service (daemon crash) vi…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-4901
|
2024-11-21 10:10 |
2010-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305048
|
- |
|
punbb
|
punbb
|
Multiple cross-site scripting (XSS) vulnerabilities in profile.php in PunBB before 1.3.4 allow remote attackers to inject arbitrary web script or HTML via the (1) password or (2) e-mail.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4894
|
2024-11-21 10:10 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305049
|
- |
|
unrealircd
|
unrealircd
|
Buffer overflow in UnrealIRCd 3.2beta11 through 3.2.8, when allow::options::noident is enabled, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via un…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-4893
|
2024-11-21 10:10 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305050
|
6.5 |
MEDIUM
Network
|
apache
|
juddi
|
The console in Apache jUDDI 3.0.0 does not properly escape line feeds, which allows remote authenticated users to spoof log entries via the numRows parameter.
|
CWE-116
Improper Encoding or Escaping of Output
|
CVE-2009-4267
|
2024-11-21 10:09 |
2018-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
