|
297631
|
- |
|
grafxsoftware
|
minicwb
|
Multiple cross-site scripting (XSS) vulnerabilities in javascript/editor/editor/filemanager/browser/mcpuk/connectors/php/connector.php in GraFX miniCWB 2.1.1 and earlier allow remote attackers to inj…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6620
|
2017-08-17 10:29 |
2009-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297632
|
- |
|
typo3
|
wt_gallery
|
Directory traversal vulnerability in the wt_gallery extension 2.5.0 and earlier for TYPO3 allows remote attackers to read arbitrary image files and determine directory structure via unspecified vecto…
|
CWE-22
Path Traversal
|
CVE-2008-6630
|
2017-08-17 10:29 |
2009-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297633
|
- |
|
blogphp
|
blogphp
|
Multiple cross-site scripting (XSS) vulnerabilities in index.php in BlogPHP 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) user parameter in a sendmessage action and th…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6631
|
2017-08-17 10:29 |
2009-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297634
|
- |
|
libraryvideocompany
|
safari_montage
|
Multiple cross-site scripting (XSS) vulnerabilities in forgotPW.php in Library Video Company SAFARI Montage 3.1.x allow remote attackers to inject arbitrary web script or HTML via the (1) school and …
|
CWE-79
Cross-site Scripting
|
CVE-2008-6637
|
2017-08-17 10:29 |
2009-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297635
|
- |
|
ajaxplorer
|
ajaxplorer
|
Cross-site request forgery (CSRF) vulnerability in admin.php in AjaXplorer 2.3.3 and 2.3.4 allows remote attackers to hijack the authentication of administrators for requests that modify passwords vi…
|
CWE-352
Origin Validation Error
|
CVE-2008-6639
|
2017-08-17 10:29 |
2009-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297636
|
- |
|
aspindir
|
batmanportal
|
Multiple SQL injection vulnerabilities in BatmanPorTaL allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) uyeadmin.asp and (2) profil.asp. NOTE: the provenance of t…
|
CWE-89
SQL Injection
|
CVE-2008-6640
|
2017-08-17 10:29 |
2009-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297637
|
- |
|
structum
|
infobiz_server
|
Cross-site scripting (XSS) vulnerability in search_results.php in InfoBiz Server allows remote attackers to inject arbitrary web script or HTML via the keywords parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-6654
|
2017-08-17 10:29 |
2009-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297638
|
- |
|
comscripts
|
gedcom_to_mysl
|
Multiple cross-site scripting (XSS) vulnerabilities in GEDCOM_TO_MYSQL 2 allow remote attackers to inject arbitrary web script or HTML via the (1) nom_branche and (2) nom parameters to php/prenom.php…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6655
|
2017-08-17 10:29 |
2009-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297639
|
- |
|
vertex4
|
sunage
|
Integer overflow in Vertex4 SunAge 1.08.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted packet to UDP port 27960.
|
CWE-189
Numeric Errors
|
CVE-2008-6670
|
2017-08-17 10:29 |
2009-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297640
|
- |
|
vertex4
|
sunage
|
Vertex4 SunAge 1.08.1 and earlier allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted join packet to UDP port 27960.
|
CWE-189
Numeric Errors
|
CVE-2008-6671
|
2017-08-17 10:29 |
2009-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
