|
297741
|
- |
|
tigran_abrahamyan
|
phpecho_cms
|
PHP remote file inclusion vulnerability in kernel/smarty/Smarty.class.php in PHPEcho CMS 2.0 rc3 allows remote attackers to execute arbitrary PHP code via a URL in unspecified vectors that modify the…
|
CWE-94
Code Injection
|
CVE-2008-7034
|
2017-08-17 10:29 |
2009-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297742
|
- |
|
phpraider
simple_machines
|
phpraider
|
Cross-site scripting (XSS) vulnerability in an unspecified component in Simple Machines phpRaider 1.0.7 allows remote attackers to inject arbitrary web script or HTML via the resistance field. NOTE:…
|
CWE-79
Cross-site Scripting
|
CVE-2008-7035
|
2017-08-17 10:29 |
2009-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297743
|
- |
|
e-xoops
bcoos
|
e-xoops
devtracker
bcoos
|
Multiple cross-site scripting (XSS) vulnerabilities in index.php in DevTracker module 3.0 for bcoos 1.1.11 and earlier, and DevTracker module 0.20 for E-XooPS 1.0.8 and earlier, allow remote attacker…
|
CWE-79
Cross-site Scripting
|
CVE-2008-7036
|
2017-08-17 10:29 |
2009-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297744
|
- |
|
itn
|
itn_news_gadget
|
The Sidebar gadget in ITN News Gadget (aka ITN Hub Gadget) 1.06 for Windows Vista, and possibly other versions before 1.23, allows remote web servers or man-in-the-middle attackers to execute arbitra…
|
CWE-20
Improper Input Validation
|
CVE-2008-7037
|
2017-08-17 10:29 |
2009-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297745
|
- |
|
gelatocms
|
gelatocms
|
Cross-site scripting (XSS) vulnerability in admin/comments.php in Gelato CMS 0.95 allows remote attackers to inject arbitrary web script or HTML via the content parameter in a comment. NOTE: some of…
|
CWE-79
Cross-site Scripting
|
CVE-2008-7039
|
2017-08-17 10:29 |
2009-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297746
|
- |
|
yellowswordfish
|
simple_forum
|
SQL injection vulnerability in ahah/sf-profile.php in the Yellow Swordfish Simple Forum module for Wordpress allows remote attackers to execute arbitrary SQL commands via the u parameter. NOTE: this…
|
CWE-89
SQL Injection
|
CVE-2008-7040
|
2017-08-17 10:29 |
2009-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297747
|
- |
|
natterchat
|
natterchat
|
Multiple cross-site scripting (XSS) vulnerabilities in NatterChat 1.12 allow remote attackers to inject arbitrary web script or HTML via the (1) txtUsername parameter to registerDo.asp, as invoked fr…
|
CWE-79
Cross-site Scripting
|
CVE-2008-7048
|
2017-08-17 10:29 |
2009-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297748
|
- |
|
raidsonic
|
icy_box_nas
|
userHandler.cgi in RaidSonic ICY BOX NAS firmware 2.3.2.IB.2.RS.1 allows remote attackers to bypass authentication and gain administrator privileges by setting the login parameter to admin. NOTE: the…
|
CWE-287
Improper Authentication
|
CVE-2008-7081
|
2017-08-17 10:29 |
2009-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297749
|
- |
|
unica
|
affinium_campaign
|
Multiple cross-site scripting (XSS) vulnerabilities in Unica Affinium Campaign 7.2.1.0.55 allow remote attackers to inject arbitrary web script or HTML via a Javascript event in the (1) url, (2) Page…
|
CWE-79
Cross-site Scripting
|
CVE-2008-7092
|
2017-08-17 10:29 |
2009-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297750
|
- |
|
unica
|
affinium_campaign
|
Multiple directory traversal vulnerabilities in Unica Affinium Campaign 7.2.1.0.55 allow remote attackers to (1) create arbitrary directories or files via a .. (dot dot) in the folder name in the new…
|
CWE-22
Path Traversal
|
CVE-2008-7093
|
2017-08-17 10:29 |
2009-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
