|
298301
|
- |
|
lussumo
|
vanilla
|
Cross-site request forgery (CSRF) vulnerability in the sign-out page in Vanilla 1.1.4 and earlier allows remote attackers to hijack the authentication of arbitrary users for requests that trigger a l…
|
CWE-352
Origin Validation Error
|
CVE-2008-3760
|
2017-08-8 10:32 |
2008-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298302
|
- |
|
realtime_internet_band_rehearsal
|
low_latency_internet_connection_tool
|
Realtime Internet Band Rehearsal Low-Latency (Internet) Connection tool (llcon) before 2.1.2 allows remote attackers to cause a denial of service (application crash) via malformed protocol messages.
|
CWE-20
Improper Input Validation
|
CVE-2008-3766
|
2017-08-8 10:32 |
2008-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298303
|
- |
|
vbulletin
|
vbulletin
|
Cross-site scripting (XSS) vulnerability in vBulletin 3.7.2 PL1 and 3.6.10 PL3, when "Show New Private Message Notification Pop-Up" is enabled, allows remote authenticated users to inject arbitrary w…
|
CWE-79
Cross-site Scripting
|
CVE-2008-3773
|
2017-08-8 10:32 |
2008-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298304
|
- |
|
simasy
|
simasy_cms
|
SQL injection vulnerability in index.php in Simasy CMS allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2008-3774
|
2017-08-8 10:32 |
2008-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298305
|
- |
|
fujitsu
|
web_based_admin_view
|
Directory traversal vulnerability in Fujitsu Web-Based Admin View 2.1.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI.
|
CWE-22
Path Traversal
|
CVE-2008-3776
|
2017-08-8 10:32 |
2008-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298306
|
- |
|
avaya
|
sip_enablement_services
communication_manager
|
The SIP Enablement Services (SES) Server in Avaya SIP Enablement Services 5.0, and Communication Manager (CM) 5.0 on the S8300C with SES enabled, writes account names and passwords to the (1) alarm a…
|
CWE-200
Information Exposure
|
CVE-2008-3777
|
2017-08-8 10:32 |
2008-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298307
|
- |
|
avaya
|
sip_enablement_services
communication_manager
|
The remote management interface in SIP Enablement Services (SES) Server in Avaya SIP Enablement Services 5.0, and Communication Manager (CM) 5.0 on the S8300C with SES enabled, proceeds with Core rou…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-3778
|
2017-08-8 10:32 |
2008-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298308
|
- |
|
gmod
|
gbrowse
|
Cross-site scripting (XSS) vulnerability in GMOD GBrowse before 1.69 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2008-3781
|
2017-08-8 10:32 |
2008-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298309
|
- |
|
discountedscripts
|
acg_ptp
|
Multiple cross-site scripting (XSS) vulnerabilities in admin/index.php in ACG-PTP 1.0.6 allow remote authenticated administrators to inject arbitrary web script or HTML via the (1) Category name fiel…
|
CWE-79
Cross-site Scripting
|
CVE-2008-3782
|
2017-08-8 10:32 |
2008-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298310
|
- |
|
picturespro
|
picturespro_photo_cart
|
Cross-site scripting (XSS) vulnerability in index.php in PICTURESPRO Photo Cart 3.9 allows remote attackers to inject arbitrary web script or HTML via the qtitle parameter (aka "Gallery or event name…
|
CWE-79
Cross-site Scripting
|
CVE-2008-3786
|
2017-08-8 10:32 |
2008-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
