|
292941
|
- |
|
fuzzylime
|
fuzzylime_\(cms\)
|
Directory traversal vulnerability in commsrss.php in fuzzylime (cms) before 3.01b allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in a files array element for …
|
CWE-22
Path Traversal
|
CVE-2008-6833
|
2017-09-29 10:33 |
2009-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292942
|
- |
|
fuzzylime
|
fuzzylime_\(cms\)
|
Multiple directory traversal vulnerabilities in fuzzylime (cms) 3.01 and 3.01a allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the s parameter to code/co…
|
CWE-22
Path Traversal
|
CVE-2008-6834
|
2017-09-29 10:33 |
2009-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292943
|
- |
|
gmitc
|
com_dbquery
|
PHP remote file inclusion vulnerability in the Green Mountain Information Technology and Consulting Database Query (com_dbquery) component 1.4.1.1 and earlier for Joomla! allows remote attackers to e…
|
CWE-94
Code Injection
|
CVE-2008-6841
|
2017-09-29 10:33 |
2009-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292944
|
- |
|
pluck-cms
|
pluck
|
Directory traversal vulnerability in data/modules/blog/module_pages_site.php in Pluck 4.6.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the post paramet…
|
CWE-22
Path Traversal
|
CVE-2008-6842
|
2017-09-29 10:33 |
2009-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292945
|
- |
|
ez
|
ez_publish
|
The registration view (/user/register) in eZ Publish 3.5.6 and earlier, and possibly other versions before 3.9.5, 3.10.1, and 4.0.1, allows remote attackers to gain privileges as other users via modi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6844
|
2017-09-29 10:33 |
2009-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292946
|
- |
|
w2b
|
phpgreetcards
|
Cross-site scripting (XSS) vulnerability in index.php in phpGreetCards 3.7 allows remote attackers to inject arbitrary web script or HTML via the category parameter in a select action.
|
CWE-79
Cross-site Scripting
|
CVE-2008-6848
|
2017-09-29 10:33 |
2009-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292947
|
- |
|
w2b
|
phpgreetcards
|
Unrestricted file upload vulnerability in index.php in phpGreetCards 3.7 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via …
|
CWE-94
Code Injection
|
CVE-2008-6849
|
2017-09-29 10:33 |
2009-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292948
|
- |
|
php_link_directory
|
php_link_directory
|
SQL injection vulnerability in page.php in PHP Link Directory (phpLD) 3.3, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands…
|
CWE-89
SQL Injection
|
CVE-2008-6851
|
2017-09-29 10:33 |
2009-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292949
|
- |
|
joomla
markus_donhauser
|
joomla\!
ice_gallery_component_for_joomla
|
SQL injection vulnerability in the Ice Gallery (com_ice) component 0.5 beta 2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.
|
CWE-89
SQL Injection
|
CVE-2008-6852
|
2017-09-29 10:33 |
2009-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292950
|
- |
|
netcat
|
netcat
|
SQL injection vulnerability in modules/poll/index.php in AIST NetCat 3.0 and 3.12 allows remote attackers to execute arbitrary SQL commands via the PollID parameter.
|
CWE-89
SQL Injection
|
CVE-2008-6853
|
2017-09-29 10:33 |
2009-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
