|
293201
|
- |
|
stash
|
stash
|
admin/login.php in Stash 1.0.3 allows remote attackers to bypass authentication and gain administrative access by setting a bsm cookie.
|
CWE-287
Improper Authentication
|
CVE-2008-4081
|
2017-09-29 10:31 |
2008-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293202
|
- |
|
brim-project
|
brim
|
SQL injection vulnerability in the Tasks plugin in Brim 2.0.0, when magic_quotes_gpc is disabled, allows remote authenticated users to execute arbitrary SQL commands via an arbitrary field in a searc…
|
CWE-89
SQL Injection
|
CVE-2008-4082
|
2017-09-29 10:31 |
2008-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293203
|
- |
|
brim-project
|
brim
|
Cross-site scripting (XSS) vulnerability in the Bookmarks plugin in Brim 2.0 allows remote authenticated users to inject arbitrary web script or HTML via the name parameter in an addItemPost action t…
|
CWE-79
Cross-site Scripting
|
CVE-2008-4083
|
2017-09-29 10:31 |
2008-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293204
|
- |
|
myiosoft
|
easyclassifields
|
SQL injection vulnerability in staticpages/easyclassifields/index.php in MyioSoft EasyClassifields 3.0 allows remote attackers to execute arbitrary SQL commands via the go parameter in a browse actio…
|
CWE-89
SQL Injection
|
CVE-2008-4084
|
2017-09-29 10:31 |
2008-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293205
|
- |
|
source_workshop
|
reciprocal_links_manager
|
SQL injection vulnerability in index.php in Reciprocal Links Manager 1.1 allows remote attackers to execute arbitrary SQL commands via the site parameter in an open action.
|
CWE-89
SQL Injection
|
CVE-2008-4086
|
2017-09-29 10:31 |
2008-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293206
|
- |
|
acoustica
|
beatcraft
|
Stack-based buffer overflow in Acoustica Beatcraft 1.02 Build 19 allows user-assisted attackers to cause a denial of service or execute arbitrary code via a Beatcraft Project (aka bcproj) file with a…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-4087
|
2017-09-29 10:31 |
2008-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293207
|
- |
|
myphpnuke
|
myphpnuke
|
SQL injection vulnerability in print.php in myPHPNuke (MPN) before 1.8.8_8rc2 allows remote attackers to execute arbitrary SQL commands via the sid parameter.
|
CWE-89
SQL Injection
|
CVE-2008-4088
|
2017-09-29 10:31 |
2008-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293208
|
- |
|
myphpnuke
|
myphpnuke
|
Cross-site scripting (XSS) vulnerability in print.php in myPHPNuke (MPN) before 1.8.8_8rc2 allows remote attackers to inject arbitrary web script or HTML via the sid parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-4089
|
2017-09-29 10:31 |
2008-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293209
|
- |
|
couponscript
|
coupon_script
|
SQL injection vulnerability in index.php in PHP Coupon Script 4.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in an addtocart action, a different vector than CVE-20…
|
CWE-89
SQL Injection
|
CVE-2008-4090
|
2017-09-29 10:31 |
2008-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293210
|
- |
|
myphpnuke
|
myphpnuke
|
SQL injection vulnerability in printfeature.php in myPHPNuke (MPN) before 1.8.8_8rc2 allows remote attackers to execute arbitrary SQL commands via the artid parameter.
|
CWE-89
SQL Injection
|
CVE-2008-4092
|
2017-09-29 10:31 |
2008-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
