Unspecified vulnerability in the Oracle Spatial component in Oracle Database 10.1.0.5 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. Date published : 2009-01-13 http://www.securityfocus.com/bid/33177 http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html
Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.0.2.8 and 9.2.0.8DV allows remote authenticated users to affect availability, related to SYS.OLAPIMPL_T. Date published : 2009-01-13 http://www.securityfocus.com/bid/33177 http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html
Unspecified vulnerability in the SQL*Plus Windows GUI component in Oracle Database allows local users to affect confidentiality via unknown vectors. Date published : 2009-01-13 http://www.securityfocus.com/bid/33177 http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html
Unspecified vulnerability in the Oracle JDeveloper component in Oracle Application Server 10.1.2.3 allows local users to affect confidentiality via unknown vectors. Date published : 2009-01-13 http://www.securityfocus.com/bid/33177 http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html
The sys_remap_file_pages function in mm/fremap.c in the Linux kernel before 2.6.24.1 allows local users to cause a denial of service or gain privileges via unspecified vectors, related to the vm_file structure member, and the...
iyzi Forum 1.0 beta 3 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing a password via a direct request for db/iyziforum.mdb....
CodeAvalanche Articles stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator password via a direct request for _private/CAArticles.mdb. NOTE: some...
CodeAvalanche FreeForAll stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator password via a direct request for _private/CAFFAPage.mdb. NOTE: some...
CodeAvalanche Directory stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator password via a direct request for _private/CADirectory.mdb. NOTE: some...
CodeAvalanche FreeWallpaper stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator password via a direct request for _private/CAFreeWallpaper.mdb. NOTE: some...
CodeAvalanche RateMySite stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator password via a direct request for _private/CARateMySite.mdb. NOTE: some...
SQL injection vulnerability in connection.php in Mediatheka 4.2 and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter. Date published : 2009-01-12 http://www.securityfocus.com/bid/32836 https://www.exploit-db.com/exploits/7476
Directory traversal vulnerability in index.php in Mediatheka 4.2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter. Date published : 2009-01-12 http://www.securityfocus.com/bid/32815 https://www.exploit-db.com/exploits/7458
Cross-site scripting (XSS) vulnerability in admin_dblayers.asp in ClickAndEmail allows remote attackers to inject arbitrary web script or HTML via the tablename parameter in an update action. Date published : 2009-01-12 http://www.securityfocus.com/bid/32857 https://www.exploit-db.com/exploits/7485