|
293991
|
- |
|
plusphp
|
plusphp_short_url_multi-user_script
|
PHP remote file inclusion vulnerability in plus.php in plusPHP Short URL Multi-User Script 1.6 allows remote attackers to execute arbitrary PHP code via a URL in the _pages_dir parameter.
|
CWE-94
Code Injection
|
CVE-2008-2480
|
2017-09-29 10:31 |
2008-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293992
|
- |
|
phpraider
|
phpraider
|
PHP remote file inclusion vulnerability in authentication/phpbb3/phpbb3.functions.php in phpRaider 1.0.7 and 1.0.7a, when register_globals is enabled, allows remote attackers to execute arbitrary PHP…
|
CWE-94
Code Injection
|
CVE-2008-2481
|
2017-09-29 10:31 |
2008-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293993
|
- |
|
xomol
|
xomol_cms
|
Directory traversal vulnerability in index.php in Xomol CMS 1.20071213 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the op parameter.
|
CWE-22
Path Traversal
|
CVE-2008-2483
|
2017-09-29 10:31 |
2008-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293994
|
- |
|
xomol
|
xomol_cms
|
SQL injection vulnerability in index.php in Xomol CMS 1.20071213, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the email parameter.
|
CWE-89
SQL Injection
|
CVE-2008-2484
|
2017-09-29 10:31 |
2008-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293995
|
- |
|
maxsite
|
maxsite
|
SQL injection vulnerability in index.php in MAXSITE 1.10 and earlier allows remote attackers to execute arbitrary SQL commands via the category parameter in a webboard action.
|
CWE-89
SQL Injection
|
CVE-2008-2487
|
2017-09-29 10:31 |
2008-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293996
|
- |
|
beaussier
|
roomphplanning
|
admin/userform.php in RoomPHPlanning 1.5 does not require administrative credentials, which allows remote authenticated users to create new admin accounts.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-2488
|
2017-09-29 10:31 |
2008-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293997
|
- |
|
quate
|
quate_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in Quate CMS 0.3.4 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) index.php, (2) login.php, and (3) credits…
|
CWE-79
Cross-site Scripting
|
CVE-2008-2496
|
2017-09-29 10:31 |
2008-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293998
|
- |
|
henning_stoverud
|
phphotoalbum
|
Multiple SQL injection vulnerabilities in PHPhotoalbum 0.5 allow remote attackers to execute arbitrary SQL commands via the (1) album parameter to thumbnails.php and the (2) pid parameter to displayi…
|
CWE-89
SQL Injection
|
CVE-2008-2501
|
2017-09-29 10:31 |
2008-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293999
|
- |
|
simpel_side
|
netbutik
|
Multiple SQL injection vulnerabilities in Simpel Side Netbutik 1 through 4 allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter to netbutik.php and the (2) id parameter …
|
CWE-89
SQL Injection
|
CVE-2008-2504
|
2017-09-29 10:31 |
2008-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294000
|
- |
|
simpel_side
|
weblosninger
|
Cross-site scripting (XSS) vulnerability in result.php in Simpel Side Weblosning 1 through 4 allows remote attackers to inject arbitrary web script or HTML via the search parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-2505
|
2017-09-29 10:31 |
2008-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
