|
297681
|
- |
|
drupal
|
suggested_terms_module
|
Cross-site scripting (XSS) vulnerability in the Suggested Terms module 5.x before 5.x-1.2 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via crafted Taxonomy term…
|
CWE-79
Cross-site Scripting
|
CVE-2008-3500
|
2017-08-8 10:31 |
2008-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297682
|
- |
|
novell
|
groupwise
|
Cross-site scripting (XSS) vulnerability in the WebAccess simple interface in Novell Groupwise 7.0.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2008-3501
|
2017-08-8 10:31 |
2008-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297683
|
- |
|
bestpractical
|
rt
|
Unspecified vulnerability in Best Practical Solutions RT 3.0.0 through 3.6.6 allows remote authenticated users to cause a denial of service (CPU or memory consumption) via unspecified vectors related…
|
NVD-CWE-noinfo
|
CVE-2008-3502
|
2017-08-8 10:31 |
2008-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297684
|
- |
|
webgui
|
plain_black_webgui
|
RSSFromParent in Plain Black WebGUI before 7.5.13 does not restrict view access to Collaboration System (CS) RSS feeds, which allows remote attackers to obtain sensitive information (CS data).
|
CWE-287
Improper Authentication
|
CVE-2008-3503
|
2017-08-8 10:31 |
2008-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297685
|
- |
|
mpfm
|
mask_php_file_manager
|
Unspecified vulnerability in mask PHP File Manager (mPFM) before 2.3 has unknown impact and remote attack vectors related to "manipulation of cookies."
|
CWE-287
Improper Authentication
|
CVE-2008-3504
|
2017-08-8 10:31 |
2008-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297686
|
- |
|
crafty_syntax_live_help
|
crafty_syntax_live_help
|
Cross-site scripting (XSS) vulnerability in livehelp_js.php in Crafty Syntax Live Help (CSLH) 2.14.6 allows remote attackers to inject arbitrary web script or HTML via the department parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-3510
|
2017-08-8 10:31 |
2008-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297687
|
- |
|
softbiz
|
image_gallery
|
Multiple cross-site scripting (XSS) vulnerabilities in Softbiz Image Gallery (Photo Gallery) allow remote attackers to inject arbitrary web script or HTML via the (1) latest parameter to (a) index.ph…
|
CWE-79
Cross-site Scripting
|
CVE-2008-3511
|
2017-08-8 10:31 |
2008-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297688
|
- |
|
redhat
|
jboss_enterprise_application_platform
|
The default configuration of the JBossAs component in Red Hat JBoss Enterprise Application Platform (aka JBossEAP or EAP), possibly 4.2 before CP04 and 4.3 before CP02, when a production environment …
|
CWE-16
Configuration
|
CVE-2008-3519
|
2017-08-8 10:31 |
2008-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297689
|
- |
|
redhat
jasper_project
|
enterprise_virtualization
jasper
|
Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via vectors related to the mif_hdr…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-3522
|
2017-08-8 10:31 |
2008-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297690
|
- |
|
redhat
|
fedora
initscripts
|
rc.sysinit in initscripts before 8.76.3-1 on Fedora 9 and other Linux platforms allows local users to delete arbitrary files via a symlink attack on a file or directory under (1) /var/lock or (2) /va…
|
CWE-59
Link Following
|
CVE-2008-3524
|
2017-08-8 10:31 |
2008-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
