|
297731
|
- |
|
drake_team
|
drake_cms
|
Absolute path traversal vulnerability in install/index.php in Drake CMS 0.4.11 RC8 allows remote attackers to read and execute arbitrary files via a full pathname in the d_root parameter. NOTE: the …
|
CWE-22
Path Traversal
|
CVE-2008-1371
|
2017-08-8 10:30 |
2008-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297732
|
- |
|
drake_team
|
drake_cms
|
CVE description identifies vulnerability as remote attacker, but both links describe vulnerability as local-file inclusion.
|
CWE-22
Path Traversal
|
CVE-2008-1371
|
2017-08-8 10:30 |
2008-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297733
|
- |
|
zoneminder
|
zoneminder
|
ZoneMinder before 1.23.3 allows remote authenticated users, and possibly unauthenticated attackers in some installations, to execute arbitrary commands via shell metacharacters in a crafted URL.
|
CWE-94
Code Injection
|
CVE-2008-1381
|
2017-08-8 10:30 |
2008-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297734
|
- |
|
zoneminder
|
zoneminder
|
The following link contains patch information: http://www.zoneminder.com/wiki/index.php/1.23.2_Patches
|
CWE-94
Code Injection
|
CVE-2008-1381
|
2017-08-8 10:30 |
2008-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297735
|
- |
|
gentoo
|
linux
|
The docert function in ssl-cert.eclass, when used by src_compile or src_install on Gentoo Linux, stores the SSL key in a binpkg, which allows local users to extract the key from the binpkg, and cause…
|
CWE-310
Cryptographic Issues
|
CVE-2008-1383
|
2017-08-8 10:30 |
2008-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297736
|
- |
|
checkpoint
|
check_point_vpn-1_pro
vpn-1
vpn-1_firewall-1
vpn-1_power_utm
vpn-1_power_utm_with_ngx
|
Check Point VPN-1 Power/UTM, with NGX R60 through R65 and NG AI R55 software, allows remote authenticated users to cause a denial of service (site-to-site VPN tunnel outage), and possibly intercept n…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-1397
|
2017-08-8 10:30 |
2008-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297737
|
- |
|
clansphere
|
clansphere
|
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Clansphere 2008 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: the provenance of thi…
|
CWE-79
Cross-site Scripting
|
CVE-2008-1399
|
2017-08-8 10:30 |
2008-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297738
|
- |
|
f-secure
|
f-secure_anti-virus
f-secure_anti-virus_client_security
f-secure_anti-virus_for_linux
f-secure_anti-virus_for_workstations
f-secure_anti-virus_linux_client_security
f-secure_client_sec…
|
Unspecified vulnerability in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, allows remote attackers to execute arbitra…
|
NVD-CWE-noinfo
CWE-20
Improper Input Validation
|
CVE-2008-1412
|
2017-08-8 10:30 |
2008-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297739
|
- |
|
axyl
|
axyl
|
The prerm script in axyl 2.1.7 allows local users to overwrite arbitrary files via a symlink attack on the axyl.conf temporary file.
|
CWE-59
Link Following
|
CVE-2008-1417
|
2017-08-8 10:30 |
2008-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297740
|
- |
|
drupal
|
ubercart_module
|
Multiple cross-site scripting (XSS) vulnerabilities in the Ubercart 5.x before 5.x-1.0-beta7 module for Drupal allow remote attackers to inject arbitrary web script or HTML via a text attribute value…
|
CWE-79
Cross-site Scripting
|
CVE-2008-1428
|
2017-08-8 10:30 |
2008-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
