6308 matches found
GLSA-200907-08 : Multiple Ralink wireless drivers: Execution of arbitrary code
The remote host is affected by the vulnerability described in GLSA-200907-08 Multiple Ralink wireless drivers: Execution of arbitrary code Aviv reported an integer overflow in multiple Ralink wireless card drivers when processing a probe request packet with a long SSID, possibly related to an...
Directory traversal
Multiple directory traversal vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to create executable files in arbitrary directories via directory traversal sequences in the input to unspecified connector modules, as exploited in the wild for remote code execution in July 2009,...
CVE-2009-2265
Multiple directory traversal vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to create executable files in arbitrary directories via directory traversal sequences in the input to unspecified connector modules, as exploited in the wild for remote code execution in July 2009,...
CVE-2009-2265
Multiple directory traversal vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to create executable files in arbitrary directories via directory traversal sequences in the input to unspecified connector modules, as exploited in the wild for remote code execution in July 2009,...
CVE-2009-2265
Removed by vendor...
VulnCheck KEV: CVE-2009-2265
Multiple directory traversal vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to create executable files in arbitrary directories via directory traversal sequences in the input to unspecified connector modules, as exploited in the wild for remote code execution in July 2009,...
apr-util heap buffer underwrite
The aprstrmatchprecompile function in strmatch/aprstrmatch.c in Apache APR-util before 1.3.5 allows remote attackers to cause a denial of service daemon crash via crafted input involving 1 a .htaccess file used with the Apache HTTP Server, 2 the SVNMasterURI directive in the moddavsvn module in t...
DEBIAN-CVE-2009-0023
The aprstrmatchprecompile function in strmatch/aprstrmatch.c in Apache APR-util before 1.3.5 allows remote attackers to cause a denial of service daemon crash via crafted input involving 1 a .htaccess file used with the Apache HTTP Server, 2 the SVNMasterURI directive in the moddavsvn module in t...
Mandrake Security Advisory MDVSA-2009:123 (opensc)
The remote host is missing an update to opensc announced via advisory MDVSA-2009:123. OpenVAS Vulnerability Test $Id: mdksa2009123.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:123 opensc Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft In...
Solaris Update for S9 perl 5.005_03`s CGI.pm and Safe.pm modules 121997-02
Check for the Version of S9 perl 5.00503s CGI.pm and Safe.pm modules OpenVAS Vulnerability Test Solaris Update for S9 perl 5.00503s CGI.pm and Safe.pm modules 121997-02 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is fr...
Solaris Update for S9 perl 5.005_03`s CGI.pm and Safe.pm modules 121997-02
Check for the Version of S9 perl 5.00503s CGI.pm and Safe.pm modules OpenVAS Vulnerability Test Solaris Update for S9 perl 5.00503s CGI.pm and Safe.pm modules 121997-02 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is fr...
Sql injection
Multiple SQL injection vulnerabilities in myColex 1.4.2 allow remote attackers to execute arbitrary SQL commands via 1 the formUser parameter aka the Name field to common/login.php, and allow remote authenticated users to execute arbitrary SQL commands via the ID parameter in a Detail action to 2...
CVE-2009-1811
Multiple cross-site scripting XSS vulnerabilities in myGesuad 0.9.14 aka 0.9 allow remote attackers to inject arbitrary web script or HTML via 1 the Page parameter in a List action to modules/ereignis.php, 2 the Kontext parameter in a Search action to modules/kategorie.php, 3 the image parameter ...
CVE-2009-1809
Multiple cross-site scripting XSS vulnerabilities in myColex 1.4.2 allow remote attackers to inject arbitrary web script or HTML via 1 the year parameter to modules/kalender.php, 2 the Page parameter in a List action to modules/ereignis.php, 3 the Kontext parameter in a Search action to...
CVE-2009-1810
Multiple SQL injection vulnerabilities in myColex 1.4.2 allow remote attackers to execute arbitrary SQL commands via 1 the formUser parameter aka the Name field to common/login.php, and allow remote authenticated users to execute arbitrary SQL commands via the ID parameter in a Detail action to 2...
[Full-disclosure] Drupal Embedded Media Field Module Multiple XSS
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Details of this disclosure are posted at http://lampsecurity.org/drupal-6-embed-media-xss-vulnerability Vendor notified: 5/27/09 Vendor response: see below Description of Vulnerability: - ----------------------------- Drupal http://drupal.org is a...
[SECURITY] Fedora 10 Update: eggdrop-1.6.19-4.fc10
Eggdrop is the world's most popular Open Source IRC bot, designed for flexibility and ease of use. It is extendable with Tcl scripts and/or C modules, has support for the big five IRC networks and is able to form botnets, share partylines and userfiles between bots...
[SECURITY] Fedora 9 Update: eggdrop-1.6.19-4.fc9
Eggdrop is the world's most popular Open Source IRC bot, designed for flexibility and ease of use. It is extendable with Tcl scripts and/or C modules, has support for the big five IRC networks and is able to form botnets, share partylines and userfiles between bots...
[Full-disclosure] Drupal 6 CCK Module XSS Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Vendor Notified: 05/18/09 Vendor Response: Karoly Negyesi of Drupal security denies issue exists. Drupal security has responded to reports of CCK based XSS vulnerabilities in past with http://drupal.org/node/372836, which basically shirks the issue...
Pluck 4.6.2 (langpref) Local File Inclusion Vulnerabilities
Exploit for unknown platform in category web applications =========================================================== Pluck 4.6.2 langpref Local File Inclusion Vulnerabilities =========================================================== =-=-local file include-=-=...