|
292941
|
- |
|
butterflymedia
|
butterfly_organizer
|
Multiple cross-site scripting (XSS) vulnerabilities in Butterfly Organizer 2.0.0 allow remote attackers to inject arbitrary web script or HTML via the (1) mytable parameter to view.php, (2) mytable p…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6700
|
2017-09-29 10:33 |
2009-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292942
|
- |
|
preprojects
|
pre_ads_portal
|
Multiple cross-site scripting (XSS) vulnerabilities in Pre ADS Portal 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the msg parameter to (1) homeadmin/adminhome.ph…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6715
|
2017-09-29 10:33 |
2009-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292943
|
- |
|
preprojects
|
pre_ads_portal
|
homeadmin/adminhome.php in Pre ADS Portal 2.0 and earlier does not require administrative authentication, which allows remote attackers to have an unspecified impact via a direct request.
|
CWE-287
Improper Authentication
|
CVE-2008-6716
|
2017-09-29 10:33 |
2009-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292944
|
- |
|
uochm
|
signup
|
U&M Software Signup 1.0 and 1.1 does not require administrative authentication for all scripts in the admin/ directory, which allows remote attackers to have an unspecified impact via a direct reques…
|
CWE-287
Improper Authentication
|
CVE-2008-6717
|
2017-09-29 10:33 |
2009-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292945
|
- |
|
uochm
|
justbookit
|
U&M Software JustBookIt 1.0 does not require administrative authentication for all scripts in the admin/ directory, which allows remote attackers to have an unspecified impact via a direct request to…
|
CWE-287
Improper Authentication
|
CVE-2008-6718
|
2017-09-29 10:33 |
2009-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292946
|
- |
|
uochm
|
justlistit
|
U&M Software Event Lister (aka JustListIt) 1.0 does not require administrative authentication for all scripts in the admin/ directory, which allows remote attackers to have an unspecified impact via …
|
CWE-287
Improper Authentication
|
CVE-2008-6719
|
2017-09-29 10:33 |
2009-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292947
|
- |
|
deltascripts
|
php_links
|
SQL injection vulnerability in admin/adm_login.php in DeltaScripts PHP Links 1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the admin_username parameter (aka the admin …
|
CWE-89
SQL Injection
|
CVE-2008-6720
|
2017-09-29 10:33 |
2009-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292948
|
- |
|
ajsquare
|
aj_article
|
SQL injection vulnerability in index.php in AJ Square AJ Article allows remote attackers to execute arbitrary SQL commands via the txtName parameter (aka the username field).
|
CWE-89
SQL Injection
|
CVE-2008-6721
|
2017-09-29 10:33 |
2009-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292949
|
- |
|
turnkeyforms
|
entertainment_portal
|
TurnkeyForms Entertainment Portal 2.0 allows remote attackers to bypass authentication and gain administrative access by setting the adminLogged cookie to Administrator.
|
CWE-287
Improper Authentication
|
CVE-2008-6723
|
2017-09-29 10:33 |
2009-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292950
|
- |
|
cmscout
|
cmscout
|
Multiple SQL injection vulnerabilities in CMScout 2.06 allow remote authenticated users to execute arbitrary SQL commands via the id parameter to (1) index.php in a mythings page (mythings.php) and (…
|
CWE-89
SQL Injection
|
CVE-2008-6725
|
2017-09-29 10:33 |
2009-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
