|
298161
|
- |
|
knowledgetree_document_management
|
knowledgetree_document_management
|
The DropDocuments plugin in KnowledgeTree before 3.5.4a allows remote authenticated users to gain administrative privileges via a certain sequence of "browse documents" and dashboard requests.
|
NVD-CWE-Other
|
CVE-2008-5857
|
2017-08-8 10:33 |
2009-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298162
|
- |
|
knowledgetree_document_management
|
knowledgetree_document_management
|
Multiple cross-site scripting (XSS) vulnerabilities in KnowledgeTree before 3.5.4a allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-20…
|
CWE-79
Cross-site Scripting
|
CVE-2008-5858
|
2017-08-8 10:33 |
2009-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298163
|
- |
|
yerba
|
yerba
|
Directory traversal vulnerability in Yerba SACphp 6.3 allows remote attackers to read arbitrary files, and possibly have other impact, via directory traversal sequences in the mod field contained in …
|
CWE-22
Path Traversal
|
CVE-2008-5867
|
2017-08-8 10:33 |
2009-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298164
|
- |
|
nortel
|
multimedia_communication_server_5100
|
Nortel Multimedia Communication Server (MSC) 5100 3.0.13 does not verify credentials during call placement, which allows remote attackers to spoof and redirect VoIP calls, possibly related to the sno…
|
CWE-255
Credentials Management
|
CVE-2008-5871
|
2017-08-8 10:33 |
2009-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298165
|
- |
|
nortel
|
multimedia_communication_server_5100
|
Multiple unspecified vulnerabilities in the UNIStim File Transfer Protocol (UFTP) processing in IP Client Manager (IPCM) in Nortel Multimedia Communication Server (MSC) 5100 3.0.13 allow remote attac…
|
CWE-20
Improper Input Validation
|
CVE-2008-5872
|
2017-08-8 10:33 |
2009-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298166
|
- |
|
irrlicht
|
irrlicht
|
Buffer overflow in Irrlicht before 1.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors in the B3D loader.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-5876
|
2017-08-8 10:33 |
2009-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298167
|
- |
|
xrdp
|
xrdp
|
Array index error in the xrdp_bitmap_def_proc function in xrdp/funcs.c in xrdp 0.4.1 and earlier allows remote attackers to execute arbitrary code via vectors that manipulate the value of the edit_po…
|
CWE-189
Numeric Errors
|
CVE-2008-5903
|
2017-08-8 10:33 |
2009-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298168
|
- |
|
xrdp
|
xrdp
|
The rdp_rdp_process_color_pointer_pdu function in rdp/rdp_rdp.c in xrdp 0.4.1 and earlier allows remote RDP servers to have an unknown impact via input data that sets crafted values for certain lengt…
|
CWE-20
Improper Input Validation
|
CVE-2008-5904
|
2017-08-8 10:33 |
2009-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298169
|
- |
|
ktorrent
|
ktorrent
|
The web interface plugin in KTorrent before 3.1.4 allows remote attackers to bypass intended access restrictions and upload arbitrary torrent files, and trigger the start of downloads and seeding, vi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-5905
|
2017-08-8 10:33 |
2009-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298170
|
- |
|
ktorrent
|
ktorrent
|
Eval injection vulnerability in the web interface plugin in KTorrent before 3.1.4 allows remote attackers to execute arbitrary PHP code via unspecified parameters to this interface's PHP scripts.
|
CWE-20
Improper Input Validation
|
CVE-2008-5906
|
2017-08-8 10:33 |
2009-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
