|
294421
|
- |
|
zero_cms
|
zero_cms
|
Multiple SQL injection vulnerabilities in Zero CMS 1.0 Alpha allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to index.php, or the (2) f or t parameters to forums/ind…
|
CWE-89
SQL Injection
|
CVE-2008-0232
|
2017-09-29 10:30 |
2008-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294422
|
- |
|
zero_cms
|
zero_cms
|
Unrestricted file upload vulnerability in Zero CMS 1.0 Alpha and earlier allows remote attackers to bypass intended access restrictions and upload and execute arbitrary files by uploading an avatar f…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-0233
|
2017-09-29 10:30 |
2008-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294423
|
- |
|
microsoft
|
vfp_ole_server_activex_control
|
The Microsoft VFP_OLE_Server ActiveX control allows remote attackers to execute arbitrary code by invoking the foxcommand method.
|
CWE-94
Code Injection
|
CVE-2008-0235
|
2017-09-29 10:30 |
2008-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294424
|
- |
|
microsoft
|
visual_foxpro
|
An ActiveX control for Microsoft Visual FoxPro (vfp6r.dll 6.0.8862.0) allows remote attackers to execute arbitrary commands by invoking the DoCmd method.
|
NVD-CWE-Other
|
CVE-2008-0236
|
2017-09-29 10:30 |
2008-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294425
|
- |
|
microsoft
|
rich_textbox_control
|
The Microsoft Rich Textbox ActiveX Control (RICHTX32.OCX) 6.1.97.82 allows remote attackers to execute arbitrary commands by invoking the insecure SaveFile method.
|
CWE-20
Improper Input Validation
|
CVE-2008-0237
|
2017-09-29 10:30 |
2008-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294426
|
- |
|
sun
|
solaris
|
Unspecified vulnerability in libdevinfo in Sun Solaris 10 allows local users to access files and gain privileges via unknown vectors, related to login device permissions.
|
NVD-CWE-noinfo
|
CVE-2008-0242
|
2017-09-29 10:30 |
2008-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294427
|
- |
|
uploadscript
|
uploadimage
uploadscript
|
admin.php in UploadImage 1.0 does not check for the original password before making a change to a new password, which allows remote attackers to gain administrator privileges via the pass parameter i…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-0245
|
2017-09-29 10:30 |
2008-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294428
|
- |
|
uploadscript
|
uploadimage
uploadscript
|
admin.php in UploadScript 1.0 does not check for the original password before making a change to a new password, which allows remote attackers to gain administrator privileges via the pass parameter …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-0246
|
2017-09-29 10:30 |
2008-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294429
|
- |
|
streamaudio
|
chaincast_proxymanager_activex_control
|
Buffer overflow in an ActiveX control in ccpm_0237.dll for StreamAudio ChainCast ProxyManager allows remote attackers to execute arbitrary code via a long URL argument to the InternalTuneIn method.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-0248
|
2017-09-29 10:30 |
2008-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294430
|
- |
|
microsoft
|
visual_interdev
|
Buffer overflow in Microsoft Visual InterDev 6.0 (SP6) allows user-assisted attackers to execute arbitrary code via a Studio Solution (.SLN) file with a long Project line.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-0250
|
2017-09-29 10:30 |
2008-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
