|
298211
|
- |
|
phpizabi
|
phpizabi
|
Attacker must have administrative access
In order to exploit this vulnerability to execute arbitrary code, the attacker would first be required to upload a malicious file or inject arbitrary comma…
|
CWE-22
Path Traversal
|
CVE-2008-3723
|
2017-08-8 10:32 |
2008-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298212
|
- |
|
papoo
|
papoo
|
SQL injection vulnerability in index.php in Papoo before 3.7.2 allows remote attackers to execute arbitrary SQL commands via the suchanzahl parameter.
|
CWE-89
SQL Injection
|
CVE-2008-3724
|
2017-08-8 10:32 |
2008-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298213
|
- |
|
microworld_technologies
|
mailscan
|
Cross-site scripting (XSS) vulnerability in Web Based Administration in MicroWorld Technologies MailScan 5.6.a espatch 1 allows remote attackers to inject arbitrary web script or HTML via the URI.
|
CWE-79
Cross-site Scripting
|
CVE-2008-3726
|
2017-08-8 10:32 |
2008-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298214
|
- |
|
microworld_technologies
|
mailscan
|
Web Based Administration in MicroWorld Technologies MailScan 5.6.a espatch 1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to determi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-3728
|
2017-08-8 10:32 |
2008-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298215
|
- |
|
microworld_technologies
|
mailscan
|
Web Based Administration in MicroWorld Technologies MailScan 5.6.a espatch 1 allows remote attackers to bypass authentication and obtain administrative access via a direct request with (1) an IsAdmin…
|
CWE-287
Improper Authentication
|
CVE-2008-3729
|
2017-08-8 10:32 |
2008-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298216
|
- |
|
nordicwind
|
noah
nordicwind_document_management_system
|
Cross-site scripting (XSS) vulnerability in Nordicwind Document Management System (NOAH) before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2008-3730
|
2017-08-8 10:32 |
2008-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298217
|
- |
|
phpizabi
|
phpizabi
|
Cross-site scripting (XSS) vulnerability in index.php in PHPizabi before 848 Core HotFix Pack 3 allows remote attackers to inject arbitrary web script or HTML via the query parameter in a blogs.searc…
|
CWE-79
Cross-site Scripting
|
CVE-2008-3735
|
2017-08-8 10:32 |
2008-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298218
|
- |
|
spacetag
system_consultants
|
lacoodast
la_cooda_wiz
|
Multiple cross-site request forgery (CSRF) vulnerabilities in (1) System Consultants La!Cooda WIZ 1.4.0 and earlier and (2) SpaceTag LacoodaST 2.1.3 and earlier allow remote attackers to hijack the a…
|
CWE-352
Origin Validation Error
|
CVE-2008-3736
|
2017-08-8 10:32 |
2008-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298219
|
- |
|
spacetag
system_consultants
|
lacoodast
la_cooda_wiz
|
Unspecified vulnerability in (1) System Consultants La!Cooda WIZ 1.4.0 and earlier and (2) SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to execute arbitrary PHP scripts, and delete fi…
|
CWE-94
Code Injection
|
CVE-2008-3737
|
2017-08-8 10:32 |
2008-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298220
|
- |
|
spacetag
system_consultants
|
lacoodast
la_cooda_wiz
|
Cross-site scripting (XSS) vulnerability in (1) System Consultants La!Cooda WIZ 1.4.0 and earlier and (2) SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to inject arbitrary web script o…
|
CWE-79
Cross-site Scripting
|
CVE-2008-3739
|
2017-08-8 10:32 |
2008-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
