|
293261
|
- |
|
reality
|
medias_phpizabi
|
Unrestricted file upload vulnerability in image.php in PHPizabi 0.848b C1 HFP1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension from the event page, …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-0805
|
2017-09-29 10:30 |
2008-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293262
|
- |
|
lookstrike
|
lan_manager
|
Multiple PHP remote file inclusion vulnerabilities in LookStrike Lan Manager 0.9 allow remote attackers to execute arbitrary PHP code via a URL in the sys_conf[path][real] parameter to (1) modules\cl…
|
CWE-94
Code Injection
|
CVE-2008-0803
|
2017-09-29 10:30 |
2008-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293263
|
- |
|
auracms
|
auracms
|
Multiple SQL injection vulnerabilities in AuraCMS 1.62 allow remote attackers to execute arbitrary SQL commands via (1) the kid parameter to (a) mod/dl.php or (b) mod/links.php, and (2) the query par…
|
CWE-89
SQL Injection
|
CVE-2008-0811
|
2017-09-29 10:30 |
2008-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293264
|
- |
|
xpweb
|
xpweb
|
Directory traversal vulnerability in Download.php in XPWeb 3.0.1, 3.3.2, and possibly other versions, allows remote attackers to read arbitrary files via a .. (dot dot) in the url parameter.
|
CWE-22
Path Traversal
|
CVE-2008-0813
|
2017-09-29 10:30 |
2008-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293265
|
- |
|
truc
|
truc
|
Directory traversal vulnerability in download.php in Tracking Requirements & Use Cases (TRUC) 0.11.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the upload_filename paramete…
|
CWE-22
Path Traversal
|
CVE-2008-0814
|
2017-09-29 10:30 |
2008-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293266
|
- |
|
freephpgallery
|
freephpgallery
|
Multiple directory traversal vulnerabilities in freePHPgallery 0.6 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang cookie to (1) comment.php, (2) in…
|
CWE-22
Path Traversal
|
CVE-2008-0818
|
2017-09-29 10:30 |
2008-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293267
|
- |
|
osi_codes_inc.
|
phplive
|
SQL injection vulnerability in admin/traffic/knowledge_searchm.php in OSI Codes Inc. PHP Live! 3.2.2 allows remote attackers to execute arbitrary SQL commands via the questid parameter in an expand_q…
|
CWE-89
SQL Injection
|
CVE-2008-0821
|
2017-09-29 10:30 |
2008-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293268
|
- |
|
phpnuke
|
book
|
SQL injection vulnerability in the Books module of PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter.
|
CWE-89
SQL Injection
|
CVE-2008-0827
|
2017-09-29 10:30 |
2008-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293269
|
- |
|
joomla
joomlapixel
mambo
|
joomla
jooget
mambo
|
SQL injection vulnerability in jooget.php in the Joomlapixel Jooget! (com_jooget) 2.6.8 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter …
|
CWE-89
SQL Injection
|
CVE-2008-0829
|
2017-09-29 10:30 |
2008-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293270
|
- |
|
apple
|
iphoto
|
The Digital Photo Access Protocol (DPAP) server for iPhoto 4.0.3 allows remote attackers to cause a denial of service (crash) via a malformed dpap: URI, a different vulnerability than CVE-2008-0043.
|
CWE-20
Improper Input Validation
|
CVE-2008-0830
|
2017-09-29 10:30 |
2008-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
