Total
304758 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-2453 | 1 Citrix | 2 Presentation Server, Xenapp | 2009-07-14 | 7.5 HIGH | N/A |
| Citrix XenApp (formerly Presentation Server) 4.5 Hotfix Rollup Pack 3 does not apply an access policy when it is defined with the Access Gateway Advanced Edition filters, which allows attackers to bypass intended access restrictions via unknown vectors. | |||||
| CVE-2009-2452 | 1 Citrix | 1 Licensing | 2009-07-14 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Citrix Licensing 11.5 have unknown impact and attack vectors, related to "underlying components of the License Management Console." | |||||
| CVE-2009-2448 | 1 Esoftpro | 1 Online Guestbook Pro | 2009-07-14 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in ogp_show.php in Online Guestbook Pro 5.1 allows remote attackers to inject arbitrary web script or HTML via the search_choice parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2009-2447 | 1 Esoftpro | 1 Online Guestbook Pro | 2009-07-14 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ogp_show.php in Online Guestbook Pro 5.1 allow remote attackers to inject arbitrary web script or HTML via the (1) search or (2) display parameter. | |||||
| CVE-2009-2449 | 1 Adbnewssender | 1 Adbnewssender | 2009-07-14 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in maillinglist/admin/change_config.php in ADbNewsSender before 1.5.6 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the path_to_lang parameter. | |||||
| CVE-2009-2440 | 1 Jnmsolutions | 1 Guestbook | 2009-07-13 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in JNM Guestbook 3.0 allows remote attackers to inject arbitrary web script or HTML via the page parameter. | |||||
| CVE-2009-2442 | 1 Linea21 | 1 Linea21 | 2009-07-13 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in public/index.php in Linea21 1.2.1 allows remote attackers to inject arbitrary web script or HTML via the search parameter in a resultats-recherche action. | |||||
| CVE-2009-2436 | 1 Phponlinedatingsoftware | 1 Myphpdating | 2009-07-13 | 7.5 HIGH | N/A |
| SQL injection vulnerability in page.php in Online Dating Software MyPHPDating 1.0 allows remote attackers to execute arbitrary SQL commands via the page_id parameter. | |||||
| CVE-2009-2438 | 1 Clansphere | 1 Clansphere | 2009-07-13 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in the search module in ClanSphere 2009.0 and 2009.0.2 allows remote attackers to inject arbitrary web script or HTML via the text parameter in a list action. NOTE: this might overlap CVE-2008-1399. | |||||
| CVE-2009-2437 | 1 Rentventory | 1 Rentventory | 2009-07-13 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in Rentventory 1.0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) username (aka Login) and (2) password parameters in a login action. | |||||
| CVE-2009-2386 | 1 Awingsoft | 1 Awakening Winds3d Viewer Plugin | 2009-07-13 | 9.3 HIGH | N/A |
| Insecure method vulnerability in Awingsoft Awakening Winds3D Viewer plugin 3.5.0.0, 3.0.0.5, and possibly other versions allows remote attackers to force the download and execution of arbitrary files via the GetURL method. | |||||
| CVE-2009-2427 | 1 Jobbr | 1 Jobbr | 2009-07-13 | 7.5 HIGH | N/A |
| SQL injection vulnerability in co-profile.php in Jobbr 2.2.7 allows remote attackers to execute arbitrary SQL commands via the emp_id parameter. | |||||
| CVE-2009-2423 | 1 Ebayclonescript | 1 Ebay Clone | 2009-07-13 | 7.5 HIGH | N/A |
| SQL injection vulnerability in category.php in Ebay Clone 2009 allows remote attackers to execute arbitrary SQL commands via the cate_id parameter in a list action. | |||||
| CVE-2009-2428 | 1 Tauschregal.de | 1 Tausch Ticket Script | 2009-07-13 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Tausch Ticket Script 3 allow remote attackers to execute arbitrary SQL commands via the (1) userid parameter to suchauftraege_user.php and the (2) descr parameter to vote.php; and other unspecified vectors. | |||||
| CVE-2009-1420 | 1 Hp | 3 Hpovnnm.hpovmib, Hpovnnm.hpovsnmp, Openview Network Node Manager | 2009-07-11 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in rping in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53, when used with SNMP (aka HPOvNNM.HPOVSNMP) before 1.30.009 and MIB (aka HPOvNNM.HPOVMIB) before 1.30.009, allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors. | |||||
| CVE-2009-1732 | 1 Richard Ellerbrock | 1 Ipplan | 2009-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in admin/usermanager in IPplan 4.91a allows remote attackers to inject arbitrary web script or HTML via the grp parameter. | |||||
| CVE-2007-2807 | 1 Eggheads | 1 Eggdrop Irc Bot | 2009-07-10 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in mod/server.mod/servrmsg.c in Eggdrop 1.6.18, and possibly earlier, allows user-assisted, remote IRC servers to execute arbitrary code via a long private message. | |||||
| CVE-2009-2343 | 1 Zoph | 1 Zoph | 2009-07-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in people.php in Zoph before 0.7.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-2475 | 1 Ebay | 1 Enhanced Picture Uploader Activex Control | 2009-07-09 | 9.3 HIGH | N/A |
| eBay Enhanced Picture Uploader ActiveX control (EPUWALcontrol.dll) before 1.0.27 allows remote attackers to execute arbitrary commands via the PictureUrls property. | |||||
| CVE-2009-2373 | 1 Drupal | 1 Drupal | 2009-07-08 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Forum module in Drupal 6.x before 6.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||