Unspecified vulnerability in Hitachi Groupmax Groupware Server 07-00 through 07-50-/A, Groupmax Server Set 03-00 through 06-52, Groupware Server Set 03-00 through 06-52, and Scheduler Server Set 03-00 through 06-52 has unknown impact and attack...
Multiple cross-site scripting (XSS) vulnerabilities in Anantasoft Gazelle CMS 1.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) user parameter to user.php or (2) lookup parameter to...
Stack-based buffer overflow in AIMP2 Audio Converter 2.53 (build 330) and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long File1 argument in a...
Multiple unspecified vulnerabilities in Hitachi JP1/File Transmission Server/FTP before 09-00 allow remote attackers to execute arbitrary code via unknown attack vectors. Date published : 2009-09-11 http://www.securityfocus.com/bid/36307 http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS09-015/index.html
Mevin Productions Basic PHP Events Lister 2.0 does not properly restrict access to (1) admin/reset.php and (2) admin/user_add.php, which allows remote authenticated users to reset administrative passwords or add administrators via a direct request....
Directory traversal vulnerability in index.php in Anantasoft Gazelle CMS 1.0, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the template parameter. Date published : 2009-09-11...
Buffer overflow in Alias Manager in Apple Mac OS X 10.4.11 and 10.5.8 allows attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted alias file. Date published...
Multiple cross-site request forgery (CSRF) vulnerabilities in the web management interface in the ZyXEL P-330W router allow remote attackers to hijack the authentication of administrators for requests that (1) enable remote router management via...
Cross-site scripting (XSS) vulnerability in the web management interface in the ZyXEL P-330W router allows remote attackers to inject arbitrary web script or HTML via the pingstr parameter and other unspecified vectors. Date published...
Multiple cross-site scripting (XSS) vulnerabilities in OpenWebMail before 2.53 (Stable) allow remote attackers to inject arbitrary web script or HTML via unknown vectors. Date published : 2009-09-10 http://freshmeat.net/projects/openwebmail/releases/270453 http://archives.neohapsis.com/archives/apps/freshmeat/2008-01/0032.html
Lantronix MSS485-T allows remote attackers to cause a denial of service (unstable performance and service loss) via certain vulnerability scans, as demonstrated using (1) Nessus and (2) nmap. Date published : 2009-09-10 http://archives.neohapsis.com/archives/fulldisclosure/2008-01/0487.html http://osvdb.org/51003
Double free vulnerability in Deliantra server engine before 2.4 has unknown impact and attack vectors. Date published : 2009-09-10 http://cvs.schmorp.de/cf.schmorp.de/server/Changes http://osvdb.org/48898
Phoenix Contact FL IL 24 BK-PAC allows remote attackers to cause a denial of service (hang) via (1) unspecified manipulations as demonstrated by a Nessus scan or (2) malformed input to TCP port 502....
Multiple unspecified vulnerabilities in phpns before 2.1.1beta1 have unknown impact and attack vectors. Date published : 2009-09-10 http://archives.neohapsis.com/archives/apps/freshmeat/2008-01/0029.html http://osvdb.org/40571