|
292961
|
- |
|
simple_machines
|
simple_machines_forum
|
SQL injection vulnerability in Load.php in Simple Machines Forum (SMF) 1.1.4 and earlier allows remote attackers to execute arbitrary SQL commands by setting the db_character_set parameter to a multi…
|
CWE-89
SQL Injection
|
CVE-2008-6741
|
2017-09-29 10:33 |
2009-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292962
|
- |
|
gofoxy
|
foxy
|
Foxy P2P software allows remote attackers to cause a denial of service (memory consumption) via a foxy URI with a download action and a large fs value.
|
CWE-20
Improper Input Validation
|
CVE-2008-6742
|
2017-09-29 10:33 |
2009-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292963
|
- |
|
shock-therapy
|
rsmscript
|
RSMScript 1.21 allows remote attackers to bypass authentication and gain administrative privileges by setting the verified cookie to an arbitrary value and performing a direct request to (1) delete.p…
|
CWE-287
Improper Authentication
|
CVE-2008-6743
|
2017-09-29 10:33 |
2009-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292964
|
- |
|
blogphp
|
blogphp
|
index.php in BlogPHP 2.0 allows remote attackers to gain administrator privileges via a crafted email parameter in a register2 action.
|
CWE-20
Improper Input Validation
|
CVE-2008-6745
|
2017-09-29 10:33 |
2009-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292965
|
- |
|
china-on-site
|
flexphpdirectory
|
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPDirectory 0.0.1, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) checku…
|
CWE-89
SQL Injection
|
CVE-2008-6749
|
2017-09-29 10:33 |
2009-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292966
|
- |
|
china-on-site
|
flexphpdirectory
|
Unrestricted file upload vulnerability in add.php in FlexPHPDirectory 0.0.1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a…
|
CWE-20
Improper Input Validation
|
CVE-2008-6750
|
2017-09-29 10:33 |
2009-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292967
|
- |
|
revou
|
tclone
|
Unrestricted file upload vulnerability in index.php in the Twitter Clone (TClone) plugin for ReVou Micro Blogging allows remote attackers to execute arbitrary code by uploading a file with an executa…
|
CWE-20
Improper Input Validation
|
CVE-2008-6751
|
2017-09-29 10:33 |
2009-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292968
|
- |
|
revou
|
revou
|
adminlogin/password.php in the Twitter Clone (TClone) plugin for ReVou Micro Blogging does not verify the original password before changing passwords, which allows remote attackers to change the admi…
|
CWE-20
Improper Input Validation
|
CVE-2008-6752
|
2017-09-29 10:33 |
2009-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292969
|
- |
|
china-on-site
|
flexcustomer0.0.6
|
Static code injection vulnerability in admin/install.php in Flexcustomer 0.0.6 might allow remote attackers to inject arbitrary PHP code into const.inc.php via the installdbname parameter (aka the Da…
|
CWE-94
Code Injection
|
CVE-2008-6761
|
2017-09-29 10:33 |
2009-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292970
|
- |
|
hypersilence
|
silentum_loginsys
|
login2.php in Silentum LoginSys 1.0.0 allows remote attackers to bypass authentication and obtain access to an arbitrary account by setting the logged_in cookie to that account's username.
|
CWE-287
Improper Authentication
|
CVE-2008-6763
|
2017-09-29 10:33 |
2009-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
