|
297611
|
- |
|
simplecustomer
|
simple_customer
|
SQL injection vulnerability in login.php in Simple Customer as downloaded on 20081118 allows remote attackers to execute arbitrary SQL commands via the email parameter. NOTE: the provenance of this …
|
CWE-89
SQL Injection
|
CVE-2008-6326
|
2017-08-17 10:29 |
2009-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297612
|
- |
|
streber-pm
|
streber
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Streber before 0.08093 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors.
|
CWE-352
Origin Validation Error
|
CVE-2008-6331
|
2017-08-17 10:29 |
2009-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297613
|
- |
|
impresscms
|
impresscms
|
Cross-site scripting (XSS) vulnerability in the userranks feature in modules/system/admin.php in ImpressCMS 1.0.2 final allows remote attackers to inject arbitrary web script or HTML via the rank_tit…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6360
|
2017-08-17 10:29 |
2009-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297614
|
- |
|
chipmunk_scripts
|
chipmunk_guestbook
|
SQL injection vulnerability in index.php in Chipmunk Guestbook 1.4m allows remote attackers to execute arbitrary SQL commands via the start parameter.
|
CWE-89
SQL Injection
|
CVE-2008-6368
|
2017-08-17 10:29 |
2009-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297615
|
- |
|
nagios
|
nagios
|
Unspecified vulnerability in Nagios before 3.0.6 has unspecified impact and remote attack vectors related to CGI programs, "adaptive external commands," and "writing newlines and submitting service c…
|
CWE-94
Code Injection
|
CVE-2008-6373
|
2017-08-17 10:29 |
2009-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297616
|
- |
|
nexusjnr
|
jbook
|
JBook stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to userids.mdb.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6375
|
2017-08-17 10:29 |
2009-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297617
|
- |
|
nexusjnr
|
jbook
|
SQL injection vulnerability in main.asp in Jbook allows remote attackers to execute arbitrary SQL commands via the password (pass parameter).
|
CWE-89
SQL Injection
|
CVE-2008-6376
|
2017-08-17 10:29 |
2009-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297618
|
- |
|
drupal
|
storm
|
SQL injection vulnerability in SpeedTech Organization and Resource Manager (Storm) 5.x before 5.x-1.14 and 6.x before 6.x-1.18, a module for Drupal, allows remote authenticated users with storm proje…
|
CWE-89
SQL Injection
|
CVE-2008-6383
|
2017-08-17 10:29 |
2009-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297619
|
- |
|
drupal
|
storm
|
Per vendor advisory at: http://drupal.org/node/342246
"Versions Affected
* Versions of Storm for Drupal 5.x prior to 5.x-1.14
* Versions of Storm for Drupal 6.x prior to 6.x-1.18
Dr…
|
CWE-89
SQL Injection
|
CVE-2008-6383
|
2017-08-17 10:29 |
2009-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297620
|
- |
|
drupal
|
comment_mail
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Comment Mail 5.x before 5.x-1.1, a module for Drupal, allow remote attackers to hijack the authentication of administrators.
|
CWE-352
Origin Validation Error
|
CVE-2008-6384
|
2017-08-17 10:29 |
2009-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
