|
297721
|
- |
|
mediawiki
|
mediawiki
|
Unspecified vulnerability in MediaWiki 1.11 before 1.11.2 allows remote attackers to obtain sensitive "cross-site" information via the callback parameter in an API call for JavaScript Object Notation…
|
CWE-200
Information Exposure
|
CVE-2008-1318
|
2017-08-8 10:30 |
2008-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297722
|
- |
|
gallarific
|
gallarific
|
Cross-site scripting (XSS) vulnerability in search.php in Gallarific allows remote attackers to inject arbitrary web script or HTML via the query parameter. NOTE: the provenance of this information …
|
CWE-79
Cross-site Scripting
|
CVE-2008-1326
|
2017-08-8 10:30 |
2008-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297723
|
- |
|
novell
|
groupwise
|
Unspecified vulnerability in the Windows client API in Novell GroupWise 7 before SP3 and 6.5 before SP6 Update 3 allows remote authenticated users to access the non-shared stored e-mail messages of a…
|
NVD-CWE-noinfo
CWE-200
CWE-264
Information Exposure
Permissions, Privileges, and Access Controls
|
CVE-2008-1330
|
2017-08-8 10:30 |
2008-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297724
|
- |
|
sco
|
unixware
|
Directory traversal vulnerability in (1) pkgadd and (2) pkgrm in SCO UnixWare 7.1.4 allows local users to gain privileges via unknown vectors.
|
CWE-22
Path Traversal
|
CVE-2008-1343
|
2017-08-8 10:30 |
2008-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297725
|
- |
|
advanced_data_solutions
|
virtual_support_office_xp
|
SQL injection vulnerability in MyIssuesView.asp in Advanced Data Solutions Virtual Support Office-XP (VSO-XP) allows remote attackers to execute arbitrary SQL commands via the Issue_ID parameter.
|
CWE-89
SQL Injection
|
CVE-2008-1354
|
2017-08-8 10:30 |
2008-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297726
|
- |
|
jeeblestechnology
|
jeebles_directory
|
Cross-site scripting (XSS) vulnerability in index.php in Jeebles Technology Jeebles Directory 2.9.60 allows remote attackers to inject arbitrary web script or HTML via the path parameter. NOTE: the …
|
CWE-79
Cross-site Scripting
|
CVE-2008-1355
|
2017-08-8 10:30 |
2008-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297727
|
- |
|
sun
|
solaris
|
Unspecified vulnerability in xscreensaver in Sun Solaris 10 Java Desktop System (JDS), when using the GNOME On-Screen Keyboard (GOK), allows local users to bypass authentication via unknown vectors t…
|
CWE-287
Improper Authentication
|
CVE-2008-1356
|
2017-08-8 10:30 |
2008-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297728
|
- |
|
invision_power_services
|
invision_power_board
|
Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB or IP.Board) 2.3.4 before 2008-03-13 allows remote attackers to inject arbitrary web script or HTML via nested BBCodes, a differe…
|
CWE-79
Cross-site Scripting
|
CVE-2008-1359
|
2017-08-8 10:30 |
2008-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297729
|
- |
|
nagios
|
nagios
|
Cross-site scripting (XSS) vulnerability in Nagios before 2.11 allows remote attackers to inject arbitrary web script or HTML via unknown vectors to unspecified CGI scripts, a different issue than CV…
|
CWE-79
Cross-site Scripting
|
CVE-2008-1360
|
2017-08-8 10:30 |
2008-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297730
|
- |
|
wildmary
|
yap_blog
|
PHP remote file inclusion vulnerability in index.php in wildmary Yap Blog 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. NOTE: the provenance of this info…
|
CWE-94
Code Injection
|
CVE-2008-1370
|
2017-08-8 10:30 |
2008-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
