|
289051
|
- |
|
aspindir
|
shibby_shop
|
SQL injection vulnerability in default.asp in sHibby sHop 2.2 and earlier allows remote attackers to execute arbitrary SQL commands via the sayfa parameter.
|
CWE-89
SQL Injection
|
CVE-2008-2872
|
2017-10-19 10:30 |
2008-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289052
|
- |
|
aspindir
|
shibby_shop
|
sHibby sHop 2.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request to Db/urun.mdb.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-2873
|
2017-10-19 10:30 |
2008-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289053
|
- |
|
aspindir
|
shibby_shop
|
upgrade.asp in sHibby sHop 2.2 and earlier does not require administrative authentication, which allows remote attackers to update a file or have unspecified other impact via a direct request.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-2882
|
2017-10-19 10:30 |
2008-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289054
|
- |
|
chaozzatwork
|
fubarforum
|
Directory traversal vulnerability in index.php in chaozz@work FubarForum 1.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
|
CWE-22
Path Traversal
|
CVE-2008-2887
|
2017-10-19 10:30 |
2008-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289055
|
- |
|
offl
|
online_fantasy_football_league
|
Multiple SQL injection vulnerabilities in Online Fantasy Football League (OFFL) 0.2.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) fflteam_id parameter to teams.ph…
|
CWE-89
SQL Injection
|
CVE-2008-2890
|
2017-10-19 10:30 |
2008-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289056
|
- |
|
aprox
|
aproxengine
|
Directory traversal vulnerability in index.php in AproxEngine 5.1.0.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
|
CWE-22
Path Traversal
|
CVE-2008-2895
|
2017-10-19 10:30 |
2008-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289057
|
- |
|
clever_copy
|
clever_copy
|
SQL injection vulnerability in results.php in Clever Copy 3.0 allows remote attackers to execute arbitrary SQL commands via the searchtype parameter.
|
CWE-89
SQL Injection
|
CVE-2008-2909
|
2017-10-19 10:30 |
2008-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289058
|
- |
|
kblance
|
kblance
|
SQL injection vulnerability in index.php in KbLance allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a comment action.
|
CWE-89
SQL Injection
|
CVE-2008-2972
|
2017-10-19 10:30 |
2008-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289059
|
- |
|
simple_php_agenda
|
simple_php_agenda
|
Directory traversal vulnerability in index.php in Simple PHP Agenda 2.2.4 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
|
CWE-22
Path Traversal
|
CVE-2008-3031
|
2017-10-19 10:30 |
2008-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289060
|
- |
|
mole_group
|
lastminute_script
|
SQL injection vulnerability in index.php in Mole Group Lastminute Script 4.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter.
|
CWE-89
SQL Injection
|
CVE-2008-3125
|
2017-10-19 10:30 |
2008-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
