|
293001
|
- |
|
surat_kabar
|
phpwebnews
|
SQL injection vulnerability in bukutamu.php in phpWebNews 0.2 MySQL Edition allows remote attackers to execute arbitrary SQL commands via the det parameter.
|
CWE-89
SQL Injection
|
CVE-2008-6812
|
2017-09-29 10:33 |
2009-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293002
|
- |
|
surat_kabar
|
phpwebnews
|
SQL injection vulnerability in index.php in phpWebNews 0.2 MySQL Edition allows remote attackers to execute arbitrary SQL commands via the id_kat parameter.
|
CWE-89
SQL Injection
|
CVE-2008-6813
|
2017-09-29 10:33 |
2009-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293003
|
- |
|
jan_de_graaff
|
com_simpleboard
|
Unrestricted file upload vulnerability in image_upload.php in the SimpleBoard (com_simpleboard) component 1.0.1 and earlier for Mambo allows remote attackers to execute arbitrary code by uploading a …
|
CWE-20
Improper Input Validation
|
CVE-2008-6814
|
2017-09-29 10:33 |
2009-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293004
|
- |
|
myktools
|
myktools
|
mykdownload.php in MyKtools 2.4 does not require administrative authentication, which allows remote attackers to read a database backup by making a direct request, and then sending an unspecified req…
|
CWE-287
Improper Authentication
|
CVE-2008-6815
|
2017-09-29 10:33 |
2009-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293005
|
- |
|
newearthpt
|
imgupload
|
Unrestricted file upload vulnerability in uploadp.php in New Earth Programming Team (NEPT) imgupload (aka Image Uploader) 1.0 allows remote attackers to execute arbitrary code by uploading a file wit…
|
NVD-CWE-Other
|
CVE-2008-6822
|
2017-09-29 10:33 |
2009-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293006
|
- |
|
trixbox
|
trixbox
|
Directory traversal vulnerability in user/index.php in Fonality trixbox CE 2.6.1 and earlier allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the langChoice parame…
|
CWE-22
Path Traversal
|
CVE-2008-6825
|
2017-09-29 10:33 |
2009-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293007
|
- |
|
mhfmedia
|
ads_pro
|
dhtml.pl in MHF Media Pro allows remote attackers to execute arbitrary commands via shell metacharacters in the page parameter, as demonstrated using the (1) advert_top.htm or (2) advert_login.htm pa…
|
CWE-20
Improper Input Validation
|
CVE-2008-6826
|
2017-09-29 10:33 |
2009-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293008
|
- |
|
vicftps
|
vicftps
|
VicFTPS 5.0 allows remote attackers to cause a denial of service (crash) via a LIST command that starts with a "/\/" (forward slash, backward slash, forward slash). NOTE: this might be the same issu…
|
CWE-20
Improper Input Validation
|
CVE-2008-6829
|
2017-09-29 10:33 |
2009-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293009
|
- |
|
fuzzylime
|
fuzzylime_\(cms\)
|
Directory traversal vulnerability in commsrss.php in fuzzylime (cms) before 3.01b allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in a files array element for …
|
CWE-22
Path Traversal
|
CVE-2008-6833
|
2017-09-29 10:33 |
2009-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293010
|
- |
|
fuzzylime
|
fuzzylime_\(cms\)
|
Multiple directory traversal vulnerabilities in fuzzylime (cms) 3.01 and 3.01a allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the s parameter to code/co…
|
CWE-22
Path Traversal
|
CVE-2008-6834
|
2017-09-29 10:33 |
2009-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
