CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
11301 CVE-2009-1956 189 DoS +Info 2009-06-07 2017-09-28
6.4
None Remote Low Not required Partial None Partial
Off-by-one error in the apr_brigade_vprintf function in Apache APR-util before 1.3.5 on big-endian platforms allows remote attackers to obtain sensitive information or cause a denial of service (application crash) via crafted input.
11302 CVE-2009-1952 89 Exec Code Sql 2009-06-05 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in the administrative login feature in PropertyMax Pro FREE 0.3, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters.
11303 CVE-2009-1946 94 Exec Code File Inclusion 2009-06-05 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in latestposts.php in AdaptBB 1.0, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the forumspath parameter.
11304 CVE-2009-1936 20 Exec Code Dir. Trav. Bypass File Inclusion 2009-06-05 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
_functions.php in cpCommerce 1.2.x, possibly including 1.2.9, sends a redirect but does not exit when it is called directly, which allows remote attackers to bypass a protection mechanism to conduct remote file inclusion and directory traversal attacks, execute arbitrary PHP code, or read arbitrary files via the GLOBALS[prefix] parameter, a different vector than CVE-2003-1500.
11305 CVE-2009-1932 189 DoS Exec Code Overflow 2009-06-04 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
Multiple integer overflows in the (1) user_info_callback, (2) user_endrow_callback, and (3) gst_pngdec_task functions (ext/libpng/gstpngdec.c) in GStreamer Good Plug-ins (aka gst-plugins-good or gstreamer-plugins-good) 0.10.15 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PNG file, which triggers a buffer overflow.
11306 CVE-2009-1922 264 +Priv 2009-08-12 2018-10-12
6.9
Admin Local Medium Not required Complete Complete Complete
The Message Queuing (aka MSMQ) service for Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP2, and Vista Gold does not properly validate unspecified IOCTL request data from user mode before passing this data to kernel mode, which allows local users to gain privileges via a crafted request, aka "MSMQ Null Pointer Vulnerability."
11307 CVE-2009-1912 22 Sql Dir. Trav. 2009-06-04 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in src/func/language.php in webSPELL 4.2.0e and earlier allows remote attackers to include and execute arbitrary local .php files via a .. (dot dot) in a language cookie. NOTE: this can be leveraged for SQL injection by including awards.php.
11308 CVE-2009-1911 22 Dir. Trav. 2009-06-04 2018-10-10
6.8
None Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in .include/init.php (aka admin/_include/init.php) in QuiXplorer 2.3.2 and earlier, as used in TinyWebGallery (TWG) 1.7.6 and earlier, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter to admin/index.php.
11309 CVE-2009-1897 119 Overflow +Priv 2009-07-20 2017-08-16
6.9
None Local Medium Not required Complete Complete Complete
The tun_chr_poll function in drivers/net/tun.c in the tun subsystem in the Linux kernel 2.6.30 and 2.6.30.1, when the -fno-delete-null-pointer-checks gcc option is omitted, allows local users to gain privileges via vectors involving a NULL pointer dereference and an mmap of /dev/net/tun, a different vulnerability than CVE-2009-1894.
11310 CVE-2009-1893 59 2009-07-17 2017-09-28
6.9
None Local Medium Not required Complete Complete Complete
The configtest function in the Red Hat dhcpd init script for DHCP 3.0.1 in Red Hat Enterprise Linux (RHEL) 3 allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file, related to the "dhcpd -t" command.
11311 CVE-2009-1878 287 2009-08-18 2009-08-26
6.8
None Remote Medium Not required Partial Partial Partial
Session fixation vulnerability in Adobe ColdFusion 8.0.1 and earlier allows remote attackers to hijack web sessions via unspecified vectors.
11312 CVE-2009-1836 287 2009-06-12 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 use the HTTP Host header to determine the context of a document provided in a non-200 CONNECT response from a proxy server, which allows man-in-the-middle attackers to execute arbitrary web script by modifying this CONNECT response, aka an "SSL tampering" attack.
11313 CVE-2009-1826 287 2009-05-29 2017-09-28
6.5
None Remote Low Single system Partial Partial Partial
modules/admuser.php in myGesuad 0.9.14 (aka 0.9) does not require administrative authentication, which allows remote authenticated users to list user accounts via a Find action.
11314 CVE-2009-1812 89 Exec Code Sql 2009-05-29 2017-09-28
6.0
None Remote Medium Single system Partial Partial Partial
Multiple SQL injection vulnerabilities in myGesuad 0.9.14 (aka 0.9) allow remote attackers to execute arbitrary SQL commands via (1) the formUser parameter (aka the Name field) to common/login.php, and allow remote authenticated users to execute arbitrary SQL commands via the ID parameter in a Detail action to (2) kategorie.php, (3) budget.php, (4) zahlung.php, or (5) adresse.php in modules/, related to classes/class.perform.php.
11315 CVE-2009-1810 89 Exec Code Sql 2009-05-29 2017-09-28
6.0
None Remote Medium Single system Partial Partial Partial
Multiple SQL injection vulnerabilities in myColex 1.4.2 allow remote attackers to execute arbitrary SQL commands via (1) the formUser parameter (aka the Name field) to common/login.php, and allow remote authenticated users to execute arbitrary SQL commands via the ID parameter in a Detail action to (2) kategorie.php, (3) medium.php, (4) person.php, or (5) schlagwort.php in modules/, related to classes/class.perform.php.
11316 CVE-2009-1802 352 CSRF 2009-05-28 2009-05-28
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in FreePBX 2.5.1, and other 2.4.x, 2.5.x, and pre-release 2.6.x versions, allow remote attackers to hijack the authentication of admins for requests that create a new admin account or have unspecified other impact.
11317 CVE-2009-1799 89 Exec Code Sql 2009-05-28 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in the getGalleryImage function in st_admin/gallery_output.php in ST-Gallery 0.1 alpha, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) gallery_category or (2) gallery_show parameter to example.php.
11318 CVE-2009-1797 352 CSRF 2009-12-28 2010-06-29
6.8
User Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities on the Network Management Card (NMC) on American Power Conversion (APC) Switched Rack PDU (aka Rack Mount Power Distribution) devices and other devices allow remote attackers to hijack the authentication of (1) administrator or (2) device users for requests that create new administrative users or have unspecified other impact.
11319 CVE-2009-1786 362 2009-05-26 2017-09-28
6.9
Admin Local Medium Not required Complete Complete Complete
The malloc subsystem in libc in IBM AIX 5.3 and 6.1 allows local users to create or overwrite arbitrary files via a symlink attack on the log file associated with the MALLOCDEBUG environment variable.
11320 CVE-2009-1782 Bypass 2009-05-22 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Multiple F-Secure anti-virus products, including Anti-Virus for Microsoft Exchange 7.10 and earlier; Internet Gatekeeper for Windows 6.61 and earlier, Windows 6.61 and earlier, and Linux 2.16 and earlier; Internet Security 2009 and earlier, Anti-Virus 2009 and earlier, Client Security 8.0 and earlier, and others; allow remote attackers to bypass malware detection via a crafted (1) ZIP and (2) RAR archive.
11321 CVE-2009-1781 94 2009-05-22 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
Static code injection vulnerability in admin.php in Frax.dk Php Recommend 1.3 and earlier allows remote attackers to inject arbitrary PHP code into phpre_config.php via the form_aula parameter.
11322 CVE-2009-1779 94 Exec Code File Inclusion 2009-05-22 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in admin.php in Frax.dk Php Recommend 1.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the form_include_template parameter.
11323 CVE-2009-1778 89 Exec Code Sql 2009-05-22 2018-10-10
6.8
None Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in the new user registration feature in BigACE CMS 2.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter.
11324 CVE-2009-1766 89 Exec Code Sql 2009-05-22 2018-10-10
6.4
None Remote Low Not required None Partial Partial
SQL injection vulnerability in index.php in LightOpenCMS 0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
11325 CVE-2009-1765 22 Dir. Trav. 2009-05-22 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
Multiple directory traversal vulnerabilities in pluck 4.6.2, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the langpref parameter to (1) data/modules/contactform/module_info.php, (2) data/modules/blog/module_info.php, and (3) data/modules/albums/module_info.php, different vectors than CVE-2008-3194.
11326 CVE-2009-1757 352 CSRF 2009-05-22 2009-05-22
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in Transmission 1.5 before 1.53 and 1.6 before 1.61 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
11327 CVE-2009-1750 Exec Code 2009-05-22 2017-09-28
6.0
None Remote Medium Single system Partial Partial Partial
Unrestricted file upload vulnerability in VidSharePro allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via unspecified vectors.
11328 CVE-2009-1741 89 Exec Code Sql 2009-05-20 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in login.php in DM FileManager 3.9.2, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields.
11329 CVE-2009-1733 352 CSRF 2009-05-20 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in IPplan 4.91a allows remote attackers to hijack the authentication of administrators for requests that (1) change the password, (2) add users, or (3) delete users via unknown vectors.
11330 CVE-2009-1728 119 DoS Exec Code Overflow 2009-08-06 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Stack-based buffer overflow in Image RAW in Apple Mac OS X 10.5 before 10.5.8, and 10.4 before Digital Camera RAW Compatibility Update 2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Canon RAW image.
11331 CVE-2009-1727 2009-08-06 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X 10.5 before 10.5.8 makes it easier for user-assisted remote attackers to execute arbitrary JavaScript via a web page that offers a download with a Content-Type value that is not on the list of possibly unsafe content types for Safari.
11332 CVE-2009-1722 119 DoS Exec Code Overflow 2009-07-31 2012-10-22
6.8
User Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in the compression implementation in OpenEXR 1.2.2 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors.
11333 CVE-2009-1721 16 DoS Exec Code 2009-07-31 2012-10-22
6.8
User Remote Medium Not required Partial Partial Partial
The decompression implementation in the Imf::hufUncompress function in OpenEXR 1.2.2 and 1.6.1 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger a free of an uninitialized pointer.
11334 CVE-2009-1717 189 DoS Exec Code Overflow Mem. Corr. 2009-06-05 2018-10-10
6.8
User Remote Medium Not required Partial Partial Partial
Integer overflow in Terminal in Apple Mac OS X 10.5 before 10.5.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted size value in a CSI[4 xterm resize escape sequence that triggers a heap-based buffer overflow.
11335 CVE-2009-1677 94 2009-05-18 2017-09-28
6.5
User Remote Low Single system Partial Partial Partial
Multiple static code injection vulnerabilities in the saveFeed function in rss/feedcreator.class.php in Bitweaver 2.6 and earlier allow (1) remote authenticated users to inject arbitrary PHP code into files by placing PHP sequences into the account's "display name" setting and then invoking boards/boards_rss.php, and might allow (2) remote attackers to inject arbitrary PHP code into files via the HTTP Host header in a request to boards/boards_rss.php.
11336 CVE-2009-1665 264 2009-05-18 2017-09-28
6.4
None Remote Low Not required None Partial Partial
myaccount.php in Easy Scripts Answer and Question Script allows remote attackers to remove arbitrary user accounts via a modified userid parameter without specifying any additional fields.
11337 CVE-2009-1663 Exec Code 2009-05-18 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
Unrestricted file upload vulnerability in myaccount.php in Easy Scripts Answer and Question Script allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the uploads/[username] directory.
11338 CVE-2009-1661 89 Exec Code Sql 2009-05-18 2018-10-10
6.8
None Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in admin/utopic.php in uTopic 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the rating parameter to index.php.
11339 CVE-2009-1659 Bypass 2009-05-18 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
Unrestricted file upload vulnerability in admin/uploadimage.php in eLitius 1.0 allows remote attackers to bypass intended access restrictions and upload and execute arbitrary files via an avatar file with an accepted Content-Type such as image/gif, then requesting the file in admin/banners/.
11340 CVE-2009-1655 89 Exec Code Sql 2009-05-16 2017-09-28
6.5
User Remote Low Single system Partial Partial Partial
Multiple SQL injection vulnerabilities in myaccount.php in Easy Scripts Answer and Question Script allow remote authenticated users to execute arbitrary SQL commands via the (1) user name (userid parameter) and (2) password.
11341 CVE-2009-1637 264 2009-05-15 2017-09-28
6.4
None Remote Low Not required Partial Partial None
profile.php in Simple Customer 1.3 does not require administrative authentication, which allows remote attackers to change the admin e-mail address and password via the email and password parameters.
11342 CVE-2009-1629 287 DoS 2009-05-14 2018-10-10
6.8
None Remote Medium Not required Partial Partial Partial
ajaxterm.js in AjaxTerm 0.10 and earlier generates session IDs with predictable random numbers based on certain JavaScript functions, which makes it easier for remote attackers to (1) hijack a session or (2) cause a denial of service (session ID exhaustion) via a brute-force attack.
11343 CVE-2009-1625 22 Dir. Trav. 2009-05-12 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in index.php in Thickbox Gallery 2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the ln parameter.
11344 CVE-2009-1615 Exec Code 2009-05-11 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
Unrestricted file upload vulnerability in Leap CMS 0.1.4 allows remote attackers to execute arbitrary code by uploading a file with an executable extension via an admin.system.files (aka Manage Files) request to the default URI, then accessing the file via a direct request.
11345 CVE-2009-1613 89 Exec Code Sql 2009-05-11 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in leap.php in Leap CMS 0.1.4, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) searchterm or (2) email parameter.
11346 CVE-2009-1609 20 Exec Code 2009-05-11 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
Unrestricted file upload vulnerability in admin/uploadform.asp in Battle Blog 1.25 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file.
11347 CVE-2009-1601 264 Bypass 2009-05-11 2017-08-16
6.8
None Local Low Single system Complete Complete Complete
The Ubuntu clamav-milter.init script in clamav-milter before 0.95.1+dfsg-1ubuntu1.2 in Ubuntu 9.04 sets the ownership of the current working directory to the clamav account, which might allow local users to bypass intended access restrictions via read or write operations involving this directory.
11348 CVE-2009-1584 89 Exec Code Sql 2009-05-07 2018-10-10
6.0
None Remote Medium Single system Partial Partial Partial
Multiple SQL injection vulnerabilities in TemaTres 1.0.3 and 1.031, when magic_quotes_gpc is disabled, allow remote attackers or remote authenticated users to execute arbitrary SQL commands via the (1) mail, (2) password, and (3) letra parameters to index.php; (4) y and (5) m parameters to sobre.php; and the (6) dcTema, (7) madsTema, (8) zthesTema, (9) skosTema, and (10) xtmTema parameters to xml.php.
11349 CVE-2009-1579 94 Exec Code 2009-05-14 2017-09-28
6.8
User Remote Medium Not required Partial Partial Partial
The map_yp_alias function in functions/imap_general.php in SquirrelMail before 1.4.18 and NaSMail before 1.7 allows remote attackers to execute arbitrary commands via shell metacharacters in a username string that is used by the ypmatch program.
11350 CVE-2009-1561 352 1 CSRF 2009-05-06 2009-05-07
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in administration.cgi on the Cisco Linksys WRT54GC router with firmware 1.05.7 allows remote attackers to hijack the intranet connectivity of arbitrary users for requests that change the administrator password via the sysPasswd and sysConfirmPasswd parameters.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.