|
293681
|
- |
|
watchfire
|
appscan
|
Multiple absolute path traversal vulnerabilities in certain ActiveX controls in WatchFire AppScan 7.0 allow remote attackers to create or overwrite arbitrary files via a full pathname in the argument…
|
CWE-22
Path Traversal
|
CVE-2008-2015
|
2017-09-29 10:30 |
2008-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293682
|
- |
|
phpizabi
|
phpizabi
|
The AssignUser function in template.class.php in PHPizabi 0.848b C1 HFP3 performs unsafe macro expansions on strings delimited by '{' and '}' characters, which allows remote authenticated users to ob…
|
CWE-200
Information Exposure
|
CVE-2008-2018
|
2017-09-29 10:30 |
2008-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293683
|
- |
|
pd9_software
|
megabbs
|
Mulatiple cross-site scripting (XSS) vulnerabilities in PD9 Software MegaBBS 2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) toid parameter to send-private-message.asp a…
|
CWE-79
Cross-site Scripting
|
CVE-2008-2022
|
2017-09-29 10:30 |
2008-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293684
|
- |
|
pd9_software
|
megabbs
|
Multiple SQL injection vulnerabilities in PD9 Software MegaBBS 2.2 allow remote attackers to execute arbitrary SQL commands via the (1) invisible and (2) timeoffset parameters to profile/controlpanel…
|
CWE-89
SQL Injection
|
CVE-2008-2023
|
2017-09-29 10:30 |
2008-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293685
|
- |
|
minibb
|
minibb
|
Cross-site scripting (XSS) vulnerability in index.php in miniBB 2.2, and possibly earlier, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the gla…
|
CWE-79
Cross-site Scripting
|
CVE-2008-2024
|
2017-09-29 10:30 |
2008-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293686
|
- |
|
minibb
|
minibb
|
miniBB 2.2, and possibly earlier, when register_globals is enabled, allows remote attackers to obtain the full path via a direct request to the glang parameter in a registernew action to index.php, w…
|
CWE-200
Information Exposure
|
CVE-2008-2028
|
2017-09-29 10:30 |
2008-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293687
|
- |
|
minibb
|
minibb
|
Multiple SQL injection vulnerabilities in (1) setup_mysql.php and (2) setup_options.php in miniBB 2.2 and possibly earlier, when register_globals is enabled, allow remote attackers to execute arbitra…
|
CWE-89
SQL Injection
|
CVE-2008-2029
|
2017-09-29 10:30 |
2008-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293688
|
- |
|
aspindir
|
angelo-emlak
|
Multiple SQL injection vulnerabilities in Angelo-Emlak 1.0 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) hpz/profil.asp and (2) hpz/prodetail.asp.
|
CWE-89
SQL Injection
|
CVE-2008-2047
|
2017-09-29 10:30 |
2008-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293689
|
- |
|
aspindir
|
angelo-emlak
|
Cross-site scripting (XSS) vulnerability in hpz/admin/Default.asp in Angelo-Emlak 1.0 allows remote attackers to inject arbitrary web script or HTML via the sayfa parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-2048
|
2017-09-29 10:30 |
2008-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293690
|
- |
|
joovili
|
joovili
|
SQL injection vulnerability in browse.videos.php in Joovili 3.1 allows remote attackers to execute arbitrary SQL commands via the category parameter.
|
CWE-89
SQL Injection
|
CVE-2008-2063
|
2017-09-29 10:30 |
2008-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
