88793 matches found
CVE-2009-4165
SQL injection vulnerability in the simple Glossar simpleglossar extension 1.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2009-4400
Cross-site scripting XSS vulnerability in the Parish Administration Database steparishadmin extension 0.1.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2009-4803
SQL injection vulnerability in the Accessibility Glossary a21glossary extension 0.4.10 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2009-4740
Directory traversal vulnerability in the Webesse E-Card wsecard extension 1.0.2 and earlier for TYPO3 has unspecified impact and remote attack vectors...
CVE-2009-4182
Multiple unspecified vulnerabilities in HP Web Jetadmin 10.2, when a remote SQL server is used, allow remote attackers to obtain access to data or cause a denial of service, possibly by leveraging authentication and encryption weaknesses on the SQL server...
CVE-2009-4919
Buffer overflow on Cisco Adaptive Security Appliances ASA 5580 series devices with software before 8.12 allows remote attackers to have an unspecified impact via long IKE attributes, aka Bug ID CSCsu43121...
CVE-2009-4379
Multiple cross-site scripting XSS vulnerabilities in Valarsoft Webmatic before 3.0.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2008-2924...
CVE-2009-4706
Cross-site scripting XSS vulnerability in the Mailform mailform extension before 0.9.24 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2009-4966
SQL injection vulnerability in the AST ZipCodeSearch astaddresszipsearch extension 0.5.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2010-0334
SQL injection vulnerability in the Vote rank for news voteforttnews extension 1.0.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2010-0141
MeetingTime in Cisco Unified MeetingPlace 6 before MR5, and possibly 5, allows remote attackers to discover usernames, passwords, and unspecified other data from the user database via a modified authentication sequence to the Audio Server, aka Bug ID CSCsv76935...
CVE-2010-0932
The FTP server in Perforce Server 2008.1 allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a certain MKD command...
CVE-2010-0329
SQL injection vulnerability in the powermail extension 1.5.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to the "SQL selection field" and "typoscript."...
CVE-2010-0326
Cross-site scripting XSS vulnerability in the Developer log devlog extension 2.9.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2010-0344
SQL injection vulnerability in the zakstoremanagement extension 1.0.0 and earlier TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2010-0331
Cross-site scripting XSS vulnerability in the TV21 Talkshow tv21talkshow extension 1.0.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2010-0834
The base-files package before 5.0.0ubuntu7.1 on Ubuntu 9.10 and before 5.0.0ubuntu20.10.04.2 on Ubuntu 10.04 LTS, as shipped on Dell Latitude 2110 netbooks, does not require authentication for package installation, which allows remote archive servers and man-in-the-middle attackers to execute...
CVE-2010-0339
SQL injection vulnerability in the User Links vm19userlinks extension 0.1.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2010-0342
SQL injection vulnerability in the Reports for Job jobreports extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2010-0359
Buffer overflow in the SSLv2 support in Zeus Web Server before 4.3r5 allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via a long string in an invalid Client Hello message...