|
297771
|
- |
|
humayun_shabbir_bhutta
|
asp_product_catalog
|
SQL injection vulnerability in default.asp in ASP Product Catalog allows remote attackers to execute arbitrary SQL commands via the cid parameter, a different vector than CVE-2007-5220.
|
CWE-89
SQL Injection
|
CVE-2008-6875
|
2017-08-17 10:29 |
2009-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297772
|
- |
|
editeurscripts
|
espartenaires
|
Cross-site scripting (XSS) vulnerability in login.php in EsPartenaires 1.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: the EsContacts 1.0 issue is cov…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6876
|
2017-08-17 10:29 |
2009-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297773
|
- |
|
rsa
|
envision
|
RSA EnVision 3.5.0, 3.5.1, 3.5.2, and 3.7.0 does not properly restrict access to unspecified user profile functionality, which allows remote attackers to obtain the administrator password hash and co…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6886
|
2017-08-17 10:29 |
2009-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297774
|
- |
|
preprojects
|
pre_classified_listings
|
SQL injection vulnerability in detailad.asp in Pre Classified Listings 1.0 allows remote attackers to execute arbitrary SQL commands via the siteid parameter.
|
CWE-89
SQL Injection
|
CVE-2008-6887
|
2017-08-17 10:29 |
2009-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297775
|
- |
|
preprojects
|
pre_classified_listings
|
Cross-site scripting (XSS) vulnerability in signup.asp in Pre Classified Listings 1.0 allows remote attackers to inject arbitrary web script or HTML via the address parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-6888
|
2017-08-17 10:29 |
2009-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297776
|
- |
|
codetoad
|
asp_forum_script
|
SQL injection vulnerability in messages.asp in ASP Forum Script allows remote attackers to execute arbitrary SQL commands via the message_id parameter.
|
CWE-89
SQL Injection
|
CVE-2008-6890
|
2017-08-17 10:29 |
2009-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297777
|
- |
|
codetoad
|
asp_forum_script
|
Multiple cross-site scripting (XSS) vulnerabilities in ASP Forum Script allow remote attackers to inject arbitrary web script or HTML via the (1) forum_id parameter to (a) new_message.asp and (b) mes…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6891
|
2017-08-17 10:29 |
2009-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297778
|
- |
|
3cx
|
phone_system
|
Multiple cross-site scripting (XSS) vulnerabilities in login.php in 3CX Phone System Free Edition 6.1793 and 6.0.806.0 allow remote attackers to inject arbitrary web script or HTML via the (1) fName …
|
CWE-79
Cross-site Scripting
|
CVE-2008-6894
|
2017-08-17 10:29 |
2009-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297779
|
- |
|
3cx
|
phone_system
|
3CX Phone System 6.0.806.0 allows remote attackers to cause a denial of service (unstable service or crash) via unspecified vectors, as demonstrated by vulnerability scans from Nessus or SAINT.
|
NVD-CWE-noinfo
|
CVE-2008-6895
|
2017-08-17 10:29 |
2009-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297780
|
- |
|
3cx
|
phone_system
|
login.php in 3CX Phone System 6.0.806.0, when 100% disk capacity is reached, allows remote attackers to gain sensitive information via unspecified vectors that reveal the installation path.
|
CWE-200
Information Exposure
|
CVE-2008-6896
|
2017-08-17 10:29 |
2009-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
