|
298601
|
- |
|
blogphp
|
blogphp
|
BlogPHP 2.0 allows remote attackers to bypass authentication, and post (1) messages or (2) comments as an arbitrary user, via a modified blogphp_username field in a cookie.
|
CWE-287
Improper Authentication
|
CVE-2008-2524
|
2017-08-8 10:31 |
2008-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298602
|
- |
|
typo3
|
rlmp_eventdb
|
Cross-site scripting (XSS) vulnerability in the Event Database (aka rlmp_eventdb) extension before 1.1.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vecto…
|
CWE-79
Cross-site Scripting
|
CVE-2008-2525
|
2017-08-8 10:31 |
2008-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298603
|
- |
|
typo3
|
wt_gallery
|
Cross-site scripting (XSS) vulnerability in the WT Gallery (aka wt_gallery) extension 2.6.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vector…
|
CWE-79
Cross-site Scripting
|
CVE-2008-2526
|
2017-08-8 10:31 |
2008-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298604
|
- |
|
citrix
|
access_gateway
|
Unspecified vulnerability in Citrix Access Gateway Standard Edition 4.5.7 and earlier and Advanced Edition 4.5 HF2 and earlier allows attackers to bypass authentication and gain "access to network re…
|
NVD-CWE-noinfo
CWE-287
Improper Authentication
|
CVE-2008-2528
|
2017-08-8 10:31 |
2008-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298605
|
- |
|
buildanichestore3
|
bans
|
Cross-site scripting (XSS) vulnerability in the search script in Build A Niche Store (BANS) 3.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter.
|
CWE-352
Origin Validation Error
|
CVE-2008-2531
|
2017-08-8 10:31 |
2008-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298606
|
- |
|
sun
|
cluster
|
The Sun Cluster Global File System in Sun Cluster 3.1 on Sun Solaris 8 through 10, when an underlying ufs filesystem is used, might allow local users to read data from arbitrary deleted files, or cor…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-2539
|
2017-08-8 10:31 |
2008-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298607
|
- |
|
skype_technologies
|
skype
|
Skype 3.6.0.248, and other versions before 3.8.0.139, uses a case-sensitive comparison when checking for dangerous extensions, which allows user-assisted remote attackers to bypass warning dialogs an…
|
CWE-20
Improper Input Validation
|
CVE-2008-2545
|
2017-08-8 10:31 |
2008-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298608
|
- |
|
ibm
|
websphere_application_server
|
Unspecified vulnerability in the Web Services Security component in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.17 has unknown impact and attack vectors related to an attribute in the SOA…
|
NVD-CWE-noinfo
|
CVE-2008-2550
|
2017-08-8 10:31 |
2008-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298609
|
- |
|
slashcode.com
|
slash
|
Cross-site scripting (XSS) vulnerability in Slashdot Like Automated Storytelling Homepage (Slash) (aka Slashcode) R_2_5_0_94 and earlier allows remote attackers to inject arbitrary web script or HTML…
|
CWE-79
Cross-site Scripting
|
CVE-2008-2553
|
2017-08-8 10:31 |
2008-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298610
|
- |
|
damian_frizza
|
borland_interbase
|
Integer overflow in Borland Interbase 2007 SP2 (8.1.0.256) allows remote attackers to execute arbitrary code via a malformed packet to TCP port 3050, which triggers a stack-based buffer overflow. NO…
|
CWE-189
Numeric Errors
|
CVE-2008-2559
|
2017-08-8 10:31 |
2008-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
