|
298261
|
- |
|
ibm
|
lotus_quickr
|
Multiple cross-site scripting (XSS) vulnerabilities (1) in the WYSIWYG editors, (2) during local group creation, (3) during HTML redirects, (4) in the HTML import, (5) in the Rich text editor, and (6…
|
CWE-79
Cross-site Scripting
|
CVE-2008-3860
|
2017-08-8 10:32 |
2008-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298262
|
- |
|
trend_micro
|
internet_security_2007
internet_security_2008
officescan
|
The Trend Micro Personal Firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 200…
|
CWE-287
Improper Authentication
|
CVE-2008-3866
|
2017-08-8 10:32 |
2009-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298263
|
- |
|
adobe
|
flash_player
|
The System.setClipboard method in ActionScript in Adobe Flash Player 9.0.124.0 and earlier allows remote attackers to populate the clipboard with a URL that is difficult to delete and does not requir…
|
NVD-CWE-Other
|
CVE-2008-3873
|
2017-08-8 10:32 |
2008-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298264
|
- |
|
caudium
|
caudium
|
configvar in Caudium 1.4.12 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/roken#####.pike temporary file.
|
CWE-59
Link Following
|
CVE-2008-3883
|
2017-08-8 10:32 |
2008-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298265
|
- |
|
blogn
|
blogn
|
Cross-site scripting (XSS) vulnerability in Blogn (BURO GUN) 1.9.7 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2006-…
|
CWE-79
Cross-site Scripting
|
CVE-2008-3884
|
2017-08-8 10:32 |
2008-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298266
|
- |
|
blogn
|
blogn
|
Cross-site request forgery (CSRF) vulnerability in Blogn (BURO GUN) 1.9.7 and earlier allows remote attackers to hijack the authentication of arbitrary users for requests that make content modificati…
|
CWE-352
Origin Validation Error
|
CVE-2008-3885
|
2017-08-8 10:32 |
2008-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298267
|
- |
|
dotproject
|
dotproject
|
Multiple cross-site scripting (XSS) vulnerabilities in index.php in dotProject 2.1.2 allow remote attackers to inject arbitrary web script or HTML via (1) the inactive parameter in a tasks action, (2…
|
CWE-79
Cross-site Scripting
|
CVE-2008-3886
|
2017-08-8 10:32 |
2008-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298268
|
- |
|
dotproject
|
dotproject
|
Multiple SQL injection vulnerabilities in index.php in dotProject 2.1.2 allow (1) remote authenticated users to execute arbitrary SQL commands via the tab parameter in a projects action, and (2) remo…
|
CWE-89
SQL Injection
|
CVE-2008-3887
|
2017-08-8 10:32 |
2008-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298269
|
- |
|
dotproject
|
dotproject
|
http://secunia.com/advisories/31681:
"Successful exploitation of this vulnerability allows e.g. retrieval of administrator usernames and password hashes, but requires valid user credentials."
…
|
CWE-89
SQL Injection
|
CVE-2008-3887
|
2017-08-8 10:32 |
2008-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298270
|
- |
|
freebsd
|
freebsd
|
The kernel in FreeBSD 6.3 through 7.0 on amd64 platforms can make an extra swapgs call after a General Protection Fault (GPF), which allows local users to gain privileges by triggering a GPF during t…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-3890
|
2017-08-8 10:32 |
2008-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
