Vulnerability_Archives

CVE_ARCHIVES.DB

ARCHIVE_CHRONOLOGY.INDEXSTATUS: ONLINE

Risk_Filter:

Records: 5,778

Mode: SECURE_QUERY

CVE-2009-4535

MEDIUM

Mongoose 2.8.0 and earlier allows remote attackers to obtain the source code for a web page by appending a / (slash) character to the URI.

Discovered

Dec 31, 2009

CVE-2009-4534

MEDIUM

Open redirect vulnerability in the FAQ Ask module 5.x and 6.x before 6.x-2.0, a module for Drupal, allows remote attackers to redirect users to arbitr

Discovered

Dec 31, 2009

CVE-2009-4533

MEDIUM

The Webform module 5.x before 5.x-2.8 and 6.x before 6.x-2.8, a module for Drupal, does not prevent caching of a page that contains token placeholders

Discovered

Dec 31, 2009

CVE-2009-4532

LOW

Cross-site scripting (XSS) vulnerability in the Webform module 5.x before 5.x-2.8 and 6.x before 6.x-2.8, a module for Drupal, allows remote authentic

Discovered

Dec 31, 2009

CVE-2009-4531

MEDIUM

httpdx 1.4.4 and earlier allows remote attackers to obtain the source code for a web page by appending a . (dot) character to the URI.

Discovered

Dec 31, 2009

CVE-2009-4530

MEDIUM

Mongoose 2.8.0 and earlier allows remote attackers to obtain the source code for a web page by appending ::$DATA to the URI.

Discovered

Dec 31, 2009

CVE-2009-4529

MEDIUM

InterVations NaviCOPA Web Server 3.0.1.2 and earlier allows remote attackers to obtain the source code for a web page via a trailing encoded space cha

Discovered

Dec 31, 2009

CVE-2009-4528

MEDIUM

The Organic Groups (OG) Vocabulary module 6.x before 6.x-1.0 for Drupal allows remote authenticated group members to bypass intended access restrictio

Discovered

Dec 31, 2009

CVE-2009-4527

MEDIUM

The Shibboleth authentication module 5.x before 5.x-3.4 and 6.x before 6.x-3.2, a module for Drupal, does not properly remove statically granted privi

Discovered

Dec 31, 2009

CVE-2009-4526

MEDIUM

The Send by e-mail sub-module in the Print (aka Printer, e-mail and PDF versions) module 5.x before 5.x-4.9 and 6.x before 6.x-1.9, a module for Drupa

Discovered

Dec 31, 2009

CVE-2009-4525

MEDIUM

Cross-site scripting (XSS) vulnerability in the Print (aka Printer, e-mail and PDF versions) module 5.x before 5.x-4.9 and 6.x before 6.x-1.9, a modul

Discovered

Dec 31, 2009

CVE-2009-4524

MEDIUM

Cross-site scripting (XSS) vulnerability in the RealName module 6.x-1.x before 6.x-1.3 for Drupal allows remote attackers to inject arbitrary web scri

Discovered

Dec 31, 2009

CVE-2009-4523

MEDIUM

Cross-site scripting (XSS) vulnerability in index.php in Zainu 1.0 allows remote attackers to inject arbitrary web script or HTML via the searchSongKe

Discovered

Dec 31, 2009

CVE-2009-4522

MEDIUM

Cross-site scripting (XSS) vulnerability in search.5.html in BloofoxCMS 0.3.5 allows remote attackers to inject arbitrary web script or HTML via the s

Discovered

Dec 31, 2009

CVE-2009-4521

MEDIUM

Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse Business Intelligence and Reporting Tools (BIRT) before 2.5.0, as used in KonaK

Discovered

Dec 31, 2009

CVE-2009-4520

MEDIUM

The CCK Comment Reference module 5.x before 5.x-1.2 and 6.x before 6.x-1.3, a module for Drupal, allows remote attackers to bypass intended access res

Discovered

Dec 31, 2009

CVE-2009-4519

HIGH

Multiple unspecified vulnerabilities in Ortro before 1.3.4 have unknown impact and attack vectors.

Discovered

Dec 31, 2009

CVE-2009-4518

MEDIUM

Cross-site scripting (XSS) vulnerability in the Insert Node module 5.x before 5.x-1.2 for Drupal allows remote attackers to inject arbitrary web scrip

Discovered

Dec 31, 2009

CVE-2009-4517

MEDIUM

Cross-site request forgery (CSRF) vulnerability in the FAQ Ask module 5.x and 6.x before 6.x-2.0, a module for Drupal, allows remote attackers to hija

Discovered

Dec 31, 2009

CVE-2009-4516

MEDIUM

Cross-site scripting (XSS) vulnerability in the FAQ Ask module 5.x and 6.x before 6.x-2.0, a module for Drupal, allows remote attackers to inject arbi

Discovered

Dec 31, 2009

...