|
297911
|
- |
|
encaps
|
encapsgallery
|
Unrestricted file upload vulnerability in the file_upload function in core/misc.class.php in EncapsGallery 2.0.2 allows remote authenticated administrators to upload and execute arbitrary PHP files b…
|
CWE-20
Improper Input Validation
|
CVE-2008-1988
|
2017-08-8 10:30 |
2008-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297912
|
- |
|
ahmed_abdel-hamid_mohamed
|
acon
|
Multiple stack-based buffer overflows in (a) acon.c, (b) menu.c, and (c) child.c in Acon 1.0.5-5 through 1.0.5-7 allow local users to execute arbitrary code via (1) a long HOME environment variable o…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-1994
|
2017-08-8 10:30 |
2008-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297913
|
- |
|
licq
|
licq
|
licq before 1.3.6 allows remote attackers to cause a denial of service (file-descriptor exhaustion and application crash) via a large number of connections.
|
CWE-399
Resource Management Errors
|
CVE-2008-1996
|
2017-08-8 10:30 |
2008-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297914
|
- |
|
licq
|
licq
|
More information located: http://www.securityfocus.com/bid/28679/info
|
CWE-399
Resource Management Errors
|
CVE-2008-1996
|
2017-08-8 10:30 |
2008-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297915
|
- |
|
national_rail_enquiries
|
national_rail_enquiries_live_departure_boards
|
Cross-site scripting (XSS) vulnerability in the National Rail Enquiries Live Departure Boards gadget before 1.1 allows remote National Rail Enquiries servers or man-in-the-middle attackers to inject …
|
CWE-79
Cross-site Scripting
|
CVE-2008-2011
|
2017-08-8 10:30 |
2008-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297916
|
- |
|
lhaplus
|
lhaplus
|
Heap-based buffer overflow in Lhaplus before 1.57 allows remote attackers to execute arbitrary code via a long comment field in a ZOO archive.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-2021
|
2017-08-8 10:30 |
2008-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297917
|
- |
|
f5
|
firepass_4100
firepass_ssl_vpn
|
Cross-site scripting (XSS) vulnerability in installControl.php3 in F5 FirePass 4100 SSL VPN 5.4.2-5.5.2 and 6.0-6.2 allows remote attackers to inject arbitrary web script or HTML via the query string…
|
CWE-79
Cross-site Scripting
|
CVE-2008-2030
|
2017-08-8 10:30 |
2008-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297918
|
- |
|
vicftps
|
vicftps
|
VicFTPS 5.0 allows remote attackers to cause a denial of service (crash) via a crafted LIST command, which triggers a NULL pointer dereference. NOTE: the provenance of this information is unknown; t…
|
CWE-20
Improper Input Validation
|
CVE-2008-2031
|
2017-08-8 10:30 |
2008-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297919
|
- |
|
acritum
|
femitter_server
|
The FTP service in Acritum Femitter Server 1.03 allows remote attackers to cause a denial of service (crash) by sending multiple crafted RETR commands. NOTE: the provenance of this information is un…
|
CWE-20
Improper Input Validation
|
CVE-2008-2032
|
2017-08-8 10:30 |
2008-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297920
|
- |
|
wordpress
|
download_monitor_plugin
|
SQL injection vulnerability in wp-download_monitor/download.php in the Download Monitor 2.0.6 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter. NOT…
|
CWE-89
SQL Injection
|
CVE-2008-2034
|
2017-08-8 10:30 |
2008-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
