|
293631
|
- |
|
aspapps
|
aspportal
|
Multiple SQL injection vulnerabilities in ASP Portal allow remote attackers to execute arbitrary SQL commands via the (1) ItemID parameter to classifieds.asp and the (2) ID parameter to Events.asp.
|
CWE-89
SQL Injection
|
CVE-2008-5605
|
2017-09-29 10:32 |
2008-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293632
|
- |
|
gazatem_technologies
|
qmail_mailing_list_manager
|
Gazatem QMail Mailing List Manager 1.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct reque…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-5606
|
2017-09-29 10:32 |
2008-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293633
|
- |
|
joomitaly
|
jmovies
|
SQL injection vulnerability in the JMovies (aka JM or com_jmovies) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
|
CWE-89
SQL Injection
|
CVE-2008-5607
|
2017-09-29 10:32 |
2008-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293634
|
- |
|
aspapps
|
asp_autodealer
|
ASP AutoDealer stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for auto.mdb.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-5608
|
2017-09-29 10:32 |
2008-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293635
|
- |
|
phpmyadmin
|
phpmyadmin
|
Cross-site request forgery (CSRF) vulnerability in phpMyAdmin 2.11.x before 2.11.9.4 and 3.x before 3.1.1.0 allows remote attackers to perform unauthorized actions as the administrator via a link or …
|
CWE-352
Origin Validation Error
|
CVE-2008-5621
|
2017-09-29 10:32 |
2008-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293636
|
- |
|
dxmsoft
|
xm_easy_personal_ftp_server
|
XM Easy Personal FTP Server 5.6.0 allows remote authenticated users to cause a denial of service via a crafted argument to the NLST command, as demonstrated by a -1 argument.
|
CWE-399
Resource Management Errors
|
CVE-2008-5626
|
2017-09-29 10:32 |
2008-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293637
|
- |
|
activewebsoftwares
|
active_trade
|
SQL injection vulnerability in account.asp in Active Trade 2 allows remote attackers to execute arbitrary SQL commands via the (1) username parameter (aka Email field) or the (2) password parameter. …
|
CWE-89
SQL Injection
|
CVE-2008-5627
|
2017-09-29 10:32 |
2008-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293638
|
- |
|
little_cms
|
little_cms
|
SQL injection vulnerability in index.php in CMS little 0.0.1 allows remote attackers to execute arbitrary SQL commands via the term parameter.
|
CWE-89
SQL Injection
|
CVE-2008-5628
|
2017-09-29 10:32 |
2008-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293639
|
- |
|
qualityunit
|
post_affiliate_pro
|
SQL injection vulnerability in merchants/index.php in Post Affiliate Pro 3 and 3.1.4 allows remote attackers to execute arbitrary SQL commands via the umprof_status parameter.
|
CWE-89
SQL Injection
|
CVE-2008-5630
|
2017-09-29 10:32 |
2008-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293640
|
- |
|
activewebsoftwares
|
active_ewebquiz
|
SQL injection vulnerability in start.asp in Active eWebquiz 8.0 allows remote attackers to execute arbitrary SQL commands via the (1) useremail parameter (aka username field) or the (2) password para…
|
CWE-89
SQL Injection
|
CVE-2008-5631
|
2017-09-29 10:32 |
2008-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
