|
293221
|
- |
|
rianxosencabos_cms
|
rianxosencabos_cms
|
Rianxosencabos CMS 0.9 allows remote attackers to bypass authentication and gain administrative access by setting the usuario and pass cookies to 1.
|
CWE-287
Improper Authentication
|
CVE-2008-4244
|
2017-09-29 10:32 |
2008-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293222
|
- |
|
rianxosencabos_cms
|
rianxosencabos_cms
|
The Admin Control Panel in Rianxosencabos CMS 0.9 does not require administrator privileges, which allows remote authenticated users to (1) change a user's privileges, (2) delete a user account, or p…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-4245
|
2017-09-29 10:32 |
2008-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293223
|
- |
|
microsoft
|
windows_mobile
|
Microsoft Windows Mobile 6.0 on HTC Wiza 200 and HTC MDA 8125 devices does not properly handle the first attempt to establish a Bluetooth connection to a peer with a long name, which allows remote at…
|
CWE-20
Improper Input Validation
|
CVE-2008-4295
|
2017-09-29 10:32 |
2008-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293224
|
- |
|
redhat
|
enterprise_linux
enterprise_linux_desktop
|
A certain Red Hat patch for tog-pegasus in OpenGroup Pegasus 2.7.0 does not properly configure the PAM tty name, which allows remote authenticated users to bypass intended access restrictions and sen…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-4313
|
2017-09-29 10:32 |
2008-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293225
|
- |
|
redhat
|
enterprise_linux
enterprise_linux_desktop
|
tog-pegasus in OpenGroup Pegasus 2.7.0 on Red Hat Enterprise Linux (RHEL) 5, Fedora 9, and Fedora 10 does not log failed authentication attempts to the OpenPegasus CIM server, which makes it easier f…
|
NVD-CWE-Other
|
CVE-2008-4315
|
2017-09-29 10:32 |
2008-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293226
|
- |
|
project-observer
|
observer
|
Observer 0.3.2.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the query parameter to (1) whois.php or (2) netcmd.php.
|
CWE-20
Improper Input Validation
|
CVE-2008-4318
|
2017-09-29 10:32 |
2008-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293227
|
- |
|
libra_file_manager
|
php_filemanager
|
fileadmin.php in Libra File Manager (aka Libra PHP File Manager) 1.18 and earlier allows remote attackers to bypass authentication, and read arbitrary files, modify arbitrary files, and list arbitrar…
|
CWE-287
Improper Authentication
|
CVE-2008-4319
|
2017-09-29 10:32 |
2008-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293228
|
- |
|
flashget
|
flashget_ftp
|
Buffer overflow in FlashGet (formerly JetCar) FTP 1.9 allows remote FTP servers to execute arbitrary code via a long response to the PWD command.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-4321
|
2017-09-29 10:32 |
2008-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293229
|
- |
|
microsoft
|
windows_xp
|
Windows Explorer in Microsoft Windows XP SP3 allows user-assisted attackers to cause a denial of service (application crash) via a crafted .ZIP file.
|
NVD-CWE-noinfo
|
CVE-2008-4323
|
2017-09-29 10:32 |
2008-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293230
|
- |
|
openengine
|
openengine
|
PHP remote file inclusion vulnerability in cms/system/openengine.php in openEngine 2.0 beta4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the oe_classpath parameter.
|
CWE-20
Improper Input Validation
|
CVE-2008-4329
|
2017-09-29 10:32 |
2008-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
