|
298661
|
- |
|
xigla
|
absolute_banner_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in Xigla Absolute Banner Manager XE 2.0 allow remote authenticated administrators to inject arbitrary web script or HTML via the text parameter in …
|
CWE-79
Cross-site Scripting
|
CVE-2008-2761
|
2017-08-8 10:31 |
2008-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298662
|
- |
|
xigla
|
absolute_form_processor_xe
|
SQL injection vulnerability in search.asp in Xigla Absolute Form Processor XE 4.0 allows remote authenticated administrators to execute arbitrary SQL commands via the orderby parameter.
|
CWE-89
SQL Injection
|
CVE-2008-2762
|
2017-08-8 10:31 |
2008-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298663
|
- |
|
xigla
|
absolute_live_support_xe
|
SQL injection vulnerability in search.asp in Xigla Absolute Live Support XE 5.1 allows remote authenticated administrators to execute arbitrary SQL commands via the orderby parameter.
|
CWE-89
SQL Injection
|
CVE-2008-2763
|
2017-08-8 10:31 |
2008-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298664
|
- |
|
xigla
|
absolute_live_support_xe
|
Cross-site scripting (XSS) vulnerability in admin/search.asp in Xigla Absolute Live Support XE 5.1 allows remote authenticated administrators to inject arbitrary web script or HTML via unspecified ve…
|
CWE-79
Cross-site Scripting
|
CVE-2008-2764
|
2017-08-8 10:31 |
2008-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298665
|
- |
|
xigla
|
absolute_image_gallery_xe
|
SQL injection vulnerability in gallery.asp in Xigla Absolute Image Gallery XE allows remote attackers to execute arbitrary SQL commands via the categoryid parameter in a viewimage action.
|
CWE-89
SQL Injection
|
CVE-2008-2765
|
2017-08-8 10:31 |
2008-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298666
|
- |
|
xigla
|
absolute_image_gallery_xe
|
Cross-site scripting (XSS) vulnerability in Xigla Absolute Image Gallery XE allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in (1) admin/search.asp and (2) gall…
|
CWE-79
Cross-site Scripting
|
CVE-2008-2766
|
2017-08-8 10:31 |
2008-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298667
|
- |
|
xigla
|
absolute_poll_manager_xe
|
SQL injection vulnerability in search.asp in Xigla Poll Manager XE allows remote authenticated users with administrator role privileges to execute arbitrary SQL commands via the orderby parameter.
|
CWE-89
SQL Injection
|
CVE-2008-2767
|
2017-08-8 10:31 |
2008-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298668
|
- |
|
xigla
|
absolute_poll_manager_xe
|
Cross-site scripting (XSS) vulnerability in admin/search.asp in Xigla Poll Manager XE allows remote authenticated users with administrator role privileges to inject arbitrary web script or HTML via u…
|
CWE-79
Cross-site Scripting
|
CVE-2008-2768
|
2017-08-8 10:31 |
2008-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298669
|
- |
|
drupal
|
drupal
node_hierarchy_module
|
The Node Hierarchy module 5.x before 5.x-1.1 and 6.x before 6.x-1.0 for Drupal does not properly implement access checks, which allows remote attackers with "access content" permissions to bypass res…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-2771
|
2017-08-8 10:31 |
2008-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298670
|
- |
|
drupal
|
magic_tabs_module
|
The Magic Tabs module 5.x before 5.x-1.1 for Drupal allows remote attackers to execute arbitrary PHP code via unspecified URL arguments, possibly related to a missing "whitelist of callbacks."
|
CWE-94
Code Injection
|
CVE-2008-2772
|
2017-08-8 10:31 |
2008-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
