CyberSecurityBoard
Sponsor Register Login

CVE-2009-2033

Cross-site scripting (XSS) vulnerability in index.php in Yogurt 0.3 allows remote attackers to inject arbitrary web script or HTML via the msg parameter.

Publication date: Fri, 12 Jun 2009 23:00:00 +0000


Cyber News related to CVE-2009-2033

CVE-2009-3403 - Unspecified vulnerability in the JRockit component in BEA Product Suite R27.6.4: JRE/JDK, 1.4.2, 5, and, and 6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this issue subsumes ...
12 years ago
Cyber Insurance Market to be Worth Over $90bn by 2033 - The global cyber insurance market is projected to be worth $90.6bn by 2033, at a growth rate of 22.3% CAGR from 2023, according to an analysis by Market. Us. The industry is expected to reach $14.8bn by the end of 2024, a significant rise from a ...
1 year ago Infosecurity-magazine.com
CVE-2010-0079 - Multiple vulnerabilities in the JRockit component in BEA Product Suite R27.6.5 using JRE/JDK 1.4.2, 5, and 6 allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this CVE identifier overlaps ...
12 years ago
CVE-2009-3239 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-2139, CVE-2009-2140. Reason: This candidate is a duplicate of CVE-2009-2139 and CVE-2009-2140. Notes: All CVE users should reference CVE-2009-2139 and CVE-2009-2140 instead of ...
55 years ago Tenable.com
CVE-2009-4212 - Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly ...
5 years ago
CVE-2009-2033 - Cross-site scripting (XSS) vulnerability in index.php in Yogurt 0.3 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. ...
7 years ago
Google fixes first actively exploited Chrome zero-day of 2024 - Google has released security updates to fix the first Chrome zero-day vulnerability exploited in the wild since the start of the year. The company fixed the zero-day for users in the Stable Desktop channel, with patched versions rolling out worldwide ...
1 year ago Bleepingcomputer.com
Google Rushes to Patch Eighth Chrome Zero-Day This Year - Google on Wednesday announced emergency patches for a Chrome vulnerability that is under active exploitation. The issue, tracked as CVE-2023-7024, is described as a high-severity heap buffer overflow bug in Chrome's WebRTC component. Supported by ...
1 year ago Securityweek.com
Google Rushes to Patch Eighth Chrome Zero-Day This Year - Google on Wednesday announced emergency patches for a Chrome vulnerability that is under active exploitation. The issue, tracked as CVE-2023-7024, is described as a high-severity heap buffer overflow bug in Chrome's WebRTC component. Supported by ...
1 year ago Packetstormsecurity.com
Google Chrome Zero-day Exploited in the Wild: Patch Now! - Google has released urgent upgrades to fix the Chrome zero-day high-severity vulnerability that has been widely exploited, which could lead to software crashes or arbitrary code execution. To address the actively exploited zero-day vulnerability, the ...
1 year ago Cybersecuritynews.com
Alert: New Chrome Zero-Day Vulnerability Being Exploited - Google, in light of recent events, has launched a critical update for a high-severity Chrome zero-day vulnerability. As per recent reports, Google claims that the vulnerability has been actively exploited. It's worth noting that the vulnerability ...
1 year ago Securityboulevard.com
CVE-2008-2033 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-1381. Reason: This candidate is a duplicate of CVE-2008-1381. Notes: All CVE users should reference CVE-2008-1381 instead of this candidate. All references and descriptions in ...
55 years ago Tenable.com
CVE-2012-2033 - Adobe Shockwave Player before 11.6.5.635 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2029, CVE-2012-2030, CVE-2012-2031, and ...
7 years ago
CVE-2012-2030 - Adobe Shockwave Player before 11.6.5.635 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2029, CVE-2012-2031, CVE-2012-2032, and ...
7 years ago
CVE-2012-2032 - Adobe Shockwave Player before 11.6.5.635 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2029, CVE-2012-2030, CVE-2012-2031, and ...
7 years ago
CVE-2012-2031 - Adobe Shockwave Player before 11.6.5.635 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2029, CVE-2012-2030, CVE-2012-2032, and ...
7 years ago
CVE-2012-2029 - Adobe Shockwave Player before 11.6.5.635 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2030, CVE-2012-2031, CVE-2012-2032, and ...
7 years ago
CVE-2006-2033 - PHP remote file inclusion vulnerability in Core CoreNews 2.0.1 and earlier allows remote authenticated users to execute arbitrary commands via the show parameter. NOTE: this is a different vector than CVE-2006-1212, although it might be the same ...
6 years ago
CVE-2002-2033 - faqmanager.cgi in FAQManager 2.2.5 and earlier allows remote attackers to read arbitrary files by specifying the filename in the toc parameter with a trailing null character (%00). ...
16 years ago
CVE-2010-2033 - Directory traversal vulnerability in the Percha Multicategory Article (com_perchacategoriestree) component 0.6 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller ...
14 years ago
CVE-2011-4142 - The Web Search feature in EMC SourceOne Email Management 6.5 before 6.5.2.4033, 6.6 before 6.6.1.2194, and 6.7 before 6.7.2.2033 places cleartext credentials in log files, which allows local users to obtain sensitive information by reading these ...
13 years ago
CVE-2005-2033 - Directory traversal vulnerability in folderview.asp for Blue-Collar Productions i-Gallery 3.3 allows remote attackers to read arbitrary files and directories via the folder parameter. ...
8 years ago
CVE-2015-2033 - Anyterm Daemon in Infoblox Network Automation NetMRI before NETMRI-23483 allows remote attackers to execute arbitrary commands with root privileges via a crafted terminal/anyterm-module request. ...
8 years ago
CVE-2004-2033 - Orenosv 0.5.9f allows remote attackers to cause a denial of service (crash) via a long HTTP GET request. ...
7 years ago
CVE-2007-2033 - Unspecified vulnerability in Cisco Wireless Control System (WCS) before 4.0.81.0 allows remote authenticated users to read any configuration page by changing the group membership of user accounts, aka Bug ID CSCse78596. ...
7 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)