|
297531
|
- |
|
myktools
|
myktools
|
Directory traversal vulnerability in configuration_script.php in MyKtools 3.0 allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the langage…
|
CWE-22
Path Traversal
|
CVE-2008-6273
|
2017-08-17 10:29 |
2009-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297532
|
- |
|
drupal
|
user_karma_module
|
Cross-site scripting (XSS) vulnerability in the User Karma module 5.x before 5.x-1.13 and 6.x before 6.x-1.0-beta1, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6275
|
2017-08-17 10:29 |
2009-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297533
|
- |
|
drupal
|
user_karma_module
|
Multiple SQL injection vulnerabilities in the User Karma module 5.x before 5.x-1.13 and 6.x before 6.x-1.0-beta1, a module for Drupal, allow remote authenticated administrators to execute arbitrary S…
|
CWE-89
SQL Injection
|
CVE-2008-6276
|
2017-08-17 10:29 |
2009-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297534
|
- |
|
cisco
|
wrt160n
|
Cross-site scripting (XSS) vulnerability in apply.cgi on the Linksys WRT160N allows remote attackers to inject arbitrary web script or HTML via the action parameter in a DHCP_Static operation.
|
CWE-79
Cross-site Scripting
|
CVE-2008-6280
|
2017-08-17 10:29 |
2009-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297535
|
- |
|
subtextproject
|
subtext
|
Cross-site scripting (XSS) vulnerability in Subtext 2.0 allows remote attackers to inject arbitrary web script or HTML via a comment, related to "the feature which converts URLs to anchor tags."
|
CWE-79
Cross-site Scripting
|
CVE-2008-6283
|
2017-08-17 10:29 |
2009-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297536
|
- |
|
camera_life
|
camera_life
|
Multiple cross-site scripting (XSS) vulnerabilities in Camera Life 2.6.2b8 allow remote attackers to inject arbitrary web script or HTML via the q parameter to (1) search.php and (2) rss.php; the que…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6295
|
2017-08-17 10:29 |
2009-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297537
|
- |
|
dhcart
|
dhcart
|
Cross-site scripting (XSS) vulnerability in order.php in DHCart allows remote attackers to inject arbitrary web script or HTML via the (1) domain and (2) d1 parameters.
|
CWE-79
Cross-site Scripting
|
CVE-2008-6297
|
2017-08-17 10:29 |
2009-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297538
|
- |
|
rocketeer.dip
|
sisapilocation
|
Unspecified vulnerability in sISAPILocation before 1.0.2.2 allows remote attackers to bypass intended access restrictions for character encoding and the cookie secure flag via unknown vectors related…
|
CWE-20
Improper Input Validation
|
CVE-2008-6298
|
2017-08-17 10:29 |
2009-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297539
|
- |
|
joomla
|
joomla
|
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.5.7 and earlier allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via (1) the title and …
|
CWE-79
Cross-site Scripting
|
CVE-2008-6299
|
2017-08-17 10:29 |
2009-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297540
|
- |
|
gwm
|
galatolo_webmanager
|
Galatolo WebManager 1.3a allows remote attackers to bypass authentication and gain administrative access by setting the (1) gwm_user and (2) gwm_pass cookies to admin. NOTE: the provenance of this i…
|
CWE-287
Improper Authentication
|
CVE-2008-6300
|
2017-08-17 10:29 |
2009-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
