|
292981
|
- |
|
babbleboard
|
babbleboard
|
Cross-site scripting (XSS) vulnerability in index.php in BabbleBoard 1.1.6 allows remote attackers to inject arbitrary web script or HTML via the username.
|
CWE-79
Cross-site Scripting
|
CVE-2008-6906
|
2017-09-29 10:33 |
2009-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292982
|
- |
|
2532gigs
|
2532gigs
|
Multiple SQL injection vulnerabilities in checkuser.php in 2532designs 2532|Gigs 1.2.2 Stable, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) …
|
CWE-89
SQL Injection
|
CVE-2008-6907
|
2017-09-29 10:33 |
2009-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292983
|
- |
|
brewblogger
|
brewblogger
|
SQL injection vulnerability in the authenticateUser function in includes/authentication.inc.php in BrewBlogger (BB) 2.1.0.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbi…
|
CWE-89
SQL Injection
|
CVE-2008-6911
|
2017-09-29 10:33 |
2009-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292984
|
- |
|
zeeways
|
shaadiclone
|
Zeeways SHAADICLONE 2.0 allows remote attackers to bypass authentication and gain administrative privileges via a direct request to admin/home.php.
|
CWE-287
Improper Authentication
|
CVE-2008-6912
|
2017-09-29 10:33 |
2009-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292985
|
- |
|
zeeways
|
zeejobsite
|
Unrestricted file upload vulnerability in editresume_next.php in Zeeways ZEEJOBSITE 2.0 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as…
|
CWE-20
Improper Input Validation
|
CVE-2008-6913
|
2017-09-29 10:33 |
2009-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292986
|
- |
|
zeeways
|
zeeproperty
|
Unrestricted file upload vulnerability in viewprofile.php in Zeeways ZEEPROPERTY 1.0 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6914
|
2017-09-29 10:33 |
2009-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292987
|
- |
|
zeeways
|
zeeproperty
|
Cross-site scripting (XSS) vulnerability in view_prop_details.php in Zeeways ZEEPROPERTY 1.0 allows remote attackers to inject arbitrary web script or HTML via the propid parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-6915
|
2017-09-29 10:33 |
2009-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292988
|
- |
|
siemens
john_doe
|
speedstream_5200
netport_software
|
Siemens SpeedStream 5200 with NetPort Software 1.1 allows remote attackers to bypass authentication via an invalid Host header, possibly involving a trailing dot in the hostname.
|
CWE-287
Improper Authentication
|
CVE-2008-6916
|
2017-09-29 10:33 |
2009-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292989
|
- |
|
exoscripts
|
exophpdesk
|
SQL injection vulnerability in admin.php in Exocrew ExoPHPDesk 1.2 Final allows remote attackers to execute arbitrary SQL commands via the username (user parameter).
|
CWE-89
SQL Injection
|
CVE-2008-6917
|
2017-09-29 10:33 |
2009-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292990
|
- |
|
theportal2.pl
|
theportal2
|
Unrestricted file upload vulnerability in admin/galeria.php in ThePortal2 2.2 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6918
|
2017-09-29 10:33 |
2009-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
