|
297541
|
- |
|
softbizscripts
|
classifieds_script
|
Cross-site scripting (XSS) vulnerability in signinform.php in Softbiz Classifieds Script allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: the provenance of…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6306
|
2017-08-17 10:29 |
2009-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297542
|
- |
|
softbizscripts
|
classifieds_script
|
Multiple cross-site scripting (XSS) vulnerabilities in Softbiz Classifieds Script allow remote attackers to inject arbitrary web script or HTML via the (1) radio parameter to showcategory.php, (2) ms…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6325
|
2017-08-17 10:29 |
2009-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297543
|
- |
|
simplecustomer
|
simple_customer
|
SQL injection vulnerability in login.php in Simple Customer as downloaded on 20081118 allows remote attackers to execute arbitrary SQL commands via the email parameter. NOTE: the provenance of this …
|
CWE-89
SQL Injection
|
CVE-2008-6326
|
2017-08-17 10:29 |
2009-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297544
|
- |
|
streber-pm
|
streber
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Streber before 0.08093 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors.
|
CWE-352
Origin Validation Error
|
CVE-2008-6331
|
2017-08-17 10:29 |
2009-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297545
|
- |
|
impresscms
|
impresscms
|
Cross-site scripting (XSS) vulnerability in the userranks feature in modules/system/admin.php in ImpressCMS 1.0.2 final allows remote attackers to inject arbitrary web script or HTML via the rank_tit…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6360
|
2017-08-17 10:29 |
2009-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297546
|
- |
|
chipmunk_scripts
|
chipmunk_guestbook
|
SQL injection vulnerability in index.php in Chipmunk Guestbook 1.4m allows remote attackers to execute arbitrary SQL commands via the start parameter.
|
CWE-89
SQL Injection
|
CVE-2008-6368
|
2017-08-17 10:29 |
2009-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297547
|
- |
|
nagios
|
nagios
|
Unspecified vulnerability in Nagios before 3.0.6 has unspecified impact and remote attack vectors related to CGI programs, "adaptive external commands," and "writing newlines and submitting service c…
|
CWE-94
Code Injection
|
CVE-2008-6373
|
2017-08-17 10:29 |
2009-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297548
|
- |
|
nexusjnr
|
jbook
|
JBook stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to userids.mdb.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6375
|
2017-08-17 10:29 |
2009-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297549
|
- |
|
nexusjnr
|
jbook
|
SQL injection vulnerability in main.asp in Jbook allows remote attackers to execute arbitrary SQL commands via the password (pass parameter).
|
CWE-89
SQL Injection
|
CVE-2008-6376
|
2017-08-17 10:29 |
2009-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297550
|
- |
|
drupal
|
storm
|
SQL injection vulnerability in SpeedTech Organization and Resource Manager (Storm) 5.x before 5.x-1.14 and 6.x before 6.x-1.18, a module for Drupal, allows remote authenticated users with storm proje…
|
CWE-89
SQL Injection
|
CVE-2008-6383
|
2017-08-17 10:29 |
2009-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
