|
293131
|
- |
|
wordpress
|
wp_forum
|
SQL injection vulnerability in the WP-Forum 1.7.4 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the user parameter in a showprofile action to the default URI.
|
CWE-89
SQL Injection
|
CVE-2008-0388
|
2017-09-29 10:30 |
2008-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293132
|
- |
|
auracms
|
auracms
mod_block_statistik
|
stat.php in AuraCMS 1.62, and Mod Block Statistik for AuraCMS, allows remote attackers to inject arbitrary PHP code into online.db.txt via the X-Forwarded-For HTTP header in a stat action to index.ph…
|
CWE-94
Code Injection
|
CVE-2008-0390
|
2017-09-29 10:30 |
2008-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293133
|
- |
|
alilg
|
alitalk
|
inc/elementz.php in aliTalk 1.9.1.1 does not properly verify authentication, which allows remote attackers to add an arbitrary user account via a modified lilil parameter, in conjunction with the ubi…
|
CWE-287
Improper Authentication
|
CVE-2008-0391
|
2017-09-29 10:30 |
2008-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293134
|
- |
|
microsoft
|
visual_basic
|
Multiple buffer overflows in Microsoft Visual Basic Enterprise Edition 6.0 SP6 allow user-assisted remote attackers to execute arbitrary code via a .dsr file with a long (1) ConnectionName or (2) Com…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-0392
|
2017-09-29 10:30 |
2008-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293135
|
- |
|
gradman
|
gradman
|
Directory traversal vulnerability in info.php in GradMan 0.1.3 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the tabla parameter, a different …
|
CWE-22
Path Traversal
|
CVE-2008-0393
|
2017-09-29 10:30 |
2008-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293136
|
- |
|
citadel
|
smtp
|
Buffer overflow in Citadel SMTP server 7.10 and earlier allows remote attackers to execute arbitrary code via a long RCPT TO command, which is not properly handled by the makeuserkey function. NOTE:…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-0394
|
2017-09-29 10:30 |
2008-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293137
|
- |
|
aflog.org
|
aflog
|
Multiple SQL injection vulnerabilities in aflog 1.01, and possibly earlier versions, allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to comments.php and (2) an unspe…
|
CWE-89
SQL Injection
|
CVE-2008-0397
|
2017-09-29 10:30 |
2008-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293138
|
- |
|
aflog
|
aflog
|
Cross-site scripting (XSS) vulnerability in aflog 1.01, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the comment form.
|
CWE-79
Cross-site Scripting
|
CVE-2008-0398
|
2017-09-29 10:30 |
2008-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293139
|
- |
|
toshiba
|
surveillix
|
Multiple buffer overflows in Toshiba Surveillance (Surveillix) RecordSend ActiveX control (MeIpCamX.DLL 1.0.0.4) allow remote attackers to execute arbitrary code via long arguments to the (1) SetPort…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-0399
|
2017-09-29 10:30 |
2008-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293140
|
- |
|
invision_power_services
|
invision_gallery
|
SQL injection vulnerability in Invision Gallery 2.0.7 and earlier allows remote attackers to execute arbitrary SQL commands via the album parameter in a rate command.
|
CWE-89
SQL Injection
|
CVE-2008-0421
|
2017-09-29 10:30 |
2008-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
