|
297591
|
- |
|
codetoad
|
asp_shopping_cart_script
|
Cross-site scripting (XSS) vulnerability in CodeToad ASP Shopping Cart Script allows remote attackers to inject arbitrary web script or HTML via the query string to the default URI.
|
CWE-79
Cross-site Scripting
|
CVE-2008-6500
|
2017-08-17 10:29 |
2009-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297592
|
- |
|
opensymphony
apache
|
xwork
struts
|
ParametersInterceptor in OpenSymphony XWork 2.0.x before 2.0.6 and 2.1.x before 2.1.2, as used in Apache Struts and other products, does not properly restrict # (pound sign) references to context obj…
|
CWE-20
Improper Input Validation
|
CVE-2008-6504
|
2017-08-17 10:29 |
2009-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297593
|
- |
|
phpbb
|
phpbb
|
Unspecified vulnerability in phpBB before 3.0.4 allows attackers to bypass intended access restrictions and activate de-activated accounts via unknown vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6506
|
2017-08-17 10:29 |
2009-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297594
|
- |
|
google
|
gears
|
Cross-domain vulnerability in the WorkerPool API in Google Gears before 0.5.4.2 allows remote attackers to bypass the Same Origin Policy and the intended access restrictions of the allowCrossOrigin f…
|
NVD-CWE-Other
|
CVE-2008-6512
|
2017-08-17 10:29 |
2009-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297595
|
- |
|
vclcomponents
|
yappa-ng
|
Cross-site scripting (XSS) vulnerability in Fritz Berger yet another php photo album - next generation (yappa-ng) allows remote attackers to inject arbitrary web script or HTML via the query string t…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6515
|
2017-08-17 10:29 |
2009-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297596
|
- |
|
phpkf
|
phpkf-portal
|
Multiple directory traversal vulnerabilities in phpKF-Portal 1.10 allow remote attackers to include arbitrary files via a .. (dot dot) in the (1) tema_dizin parameter to baslik.php and (2) portal_aya…
|
CWE-22
Path Traversal
|
CVE-2008-6516
|
2017-08-17 10:29 |
2009-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297597
|
- |
|
imatix
|
xitami
|
Multiple format string vulnerabilities in the SSI filter in Xitami Web Server 2.5c2, and possibly other versions, allow remote attackers to cause a denial of service (daemon crash) and possibly execu…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2008-6520
|
2017-08-17 10:29 |
2009-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297598
|
- |
|
drupal
|
drupal
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the update feature in Drupal 5.x before 5.13 and 6.x before 6.7 allow remote attackers to perform unauthorized actions as the superuser v…
|
CWE-352
Origin Validation Error
|
CVE-2008-6532
|
2017-08-17 10:29 |
2009-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297599
|
- |
|
drupal
|
drupal
|
Drupal 5.x before 5.13 and 6.x before 6.7 does not delete all related content when an input format is deleted, which prevents the content from being properly filtered and allows remote attackers to c…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6533
|
2017-08-17 10:29 |
2009-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297600
|
- |
|
7-zip
|
7-zip
|
Unspecified vulnerability in 7-zip before 4.5.7 has unknown impact and remote attack vectors, as demonstrated by the PROTOS GENOME test suite for Archive Formats (c10).
|
NVD-CWE-noinfo
|
CVE-2008-6536
|
2017-08-17 10:29 |
2009-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
