|
297771
|
- |
|
icq
|
icq_toolbar
|
toolbaru.dll in ICQ Toolbar (ICQToolbar) 2.3 allows remote attackers to cause a denial of service (toolbar crash) via a long argument to the IsChecked method, a different vector than CVE-2008-7136.
|
CWE-20
Improper Input Validation
|
CVE-2008-7135
|
2017-08-17 10:29 |
2009-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297772
|
- |
|
alexguestbook
|
\@lex_guestbook
|
Multiple cross-site scripting (XSS) vulnerabilities in @lex Guestbook 4.0.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) language_setup parameter to setup.php…
|
CWE-79
Cross-site Scripting
|
CVE-2008-7140
|
2017-08-17 10:29 |
2009-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297773
|
- |
|
alexphpteam
|
\@lex_poll
|
Cross-site scripting (XSS) vulnerability in setup.php in @lex Poll 2.1 allows remote attackers to inject arbitrary web script or HTML via the language_setup parameter. NOTE: the provenance of this i…
|
CWE-79
Cross-site Scripting
|
CVE-2008-7141
|
2017-08-17 10:29 |
2009-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297774
|
- |
|
rarlab
|
winrar
|
Multiple unspecified vulnerabilities in RARLAB WinRAR before 3.71 have unknown impact and attack vectors related to crafted (1) ACE, (2) ARJ, (3) BZ2, (4) CAB, (5) GZ, (6) LHA, (7) RAR, (8) TAR, or (…
|
NVD-CWE-noinfo
|
CVE-2008-7144
|
2017-08-17 10:29 |
2009-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297775
|
- |
|
ber_kessels
|
refine_by_taxo
|
Cross-site scripting (XSS) vulnerability in Refine by Taxonomy 5.x before 5.x-0.1, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via a taxonomy term, which is no…
|
CWE-79
Cross-site Scripting
|
CVE-2008-7150
|
2017-08-17 10:29 |
2009-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297776
|
- |
|
gurpartap_singh
|
live
|
Cross-site request forgery (CSRF) vulnerability in Live 5.x before 5.x-0.1, a module for Drupal, allows remote attackers to hijack the authentication of unspecified privileged users for requests that…
|
CWE-352
Origin Validation Error
|
CVE-2008-7151
|
2017-08-17 10:29 |
2009-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297777
|
- |
|
simon_rycroft
|
sid
|
Multiple PHP remote file inclusion vulnerabilities in Specimen Image Database (SID), when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the dir parame…
|
CWE-94
Code Injection
|
CVE-2008-7152
|
2017-08-17 10:29 |
2009-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297778
|
- |
|
phprisk
|
netrisk
|
NetRisk 1.9.7 does not properly restrict access to admin/change_submit.php, which allows remote attackers to change the password of arbitrary users via a direct request.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7155
|
2017-08-17 10:29 |
2009-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297779
|
- |
|
numarasoftware
|
footprints
|
Numara FootPrints 7.5a through 7.5a1 and 8.0 through 8.0a allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) transcriptFile parameter to MRcgi/MRchat.pl or (2) …
|
CWE-78
OS Command
|
CVE-2008-7158
|
2017-08-17 10:29 |
2009-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297780
|
- |
|
silcnet
|
silc_toolkit
|
The silc_asn1_encoder function in lib/silcasn1/silcasn1_encode.c in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.8 allows remote attackers to overwrite a stack location and possibly ex…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2008-7159
|
2017-08-17 10:29 |
2009-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
