|
298451
|
- |
|
proftpd_project
|
proftpd
|
ProFTPD 1.3.1 interprets long commands from an FTP client as multiple commands, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and execute arbitrary FTP commands v…
|
CWE-352
Origin Validation Error
|
CVE-2008-4242
|
2017-08-8 10:32 |
2008-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298452
|
- |
|
ibm
|
websphere_application_server
|
CRLF injection vulnerability in the WebContainer component in IBM WebSphere Application Server (WAS) 5.1.1.19 and earlier 5.1.x versions allows remote attackers to inject arbitrary HTTP headers and c…
|
CWE-20
Improper Input Validation
|
CVE-2008-4283
|
2017-08-8 10:32 |
2009-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298453
|
- |
|
ibm
|
websphere_application_server
|
Open redirect vulnerability in the ibm_security_logout servlet in IBM WebSphere Application Server (WAS) 5.1.1.19 and earlier 5.x versions, 6.0.x before 6.0.2.33, and 6.1.x before 6.1.0.23 allows rem…
|
CWE-59
Link Following
|
CVE-2008-4284
|
2017-08-8 10:32 |
2009-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298454
|
- |
|
ibm
|
websphere_application_server
|
Unspecified vulnerability in the Performance Monitoring Infrastructure (PMI) feature in the Servlet Engine/Web Container component in IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.19, whe…
|
CWE-399
Resource Management Errors
|
CVE-2008-4285
|
2017-08-8 10:32 |
2009-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298455
|
- |
|
opera
|
opera_browser
|
Opera before 9.52 does not check the CRL override upon encountering a certificate that lacks a CRL, which has unknown impact and attack vectors. NOTE: it is not clear whether this is a vulnerability…
|
NVD-CWE-noinfo
CWE-255
Credentials Management
|
CVE-2008-4292
|
2017-08-8 10:32 |
2008-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298456
|
- |
|
opera
|
opera
|
Unspecified vulnerability in Opera before 9.52 on Windows, when registered as a protocol handler, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via …
|
NVD-CWE-noinfo
|
CVE-2008-4293
|
2017-08-8 10:32 |
2008-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298457
|
- |
|
ibm
|
tivoli_netcool_webtop
|
IBM Tivoli Netcool/Webtop 2.1 before 2.1.0.5 preserves cached user privileges after logout, which allows physically proximate attackers to hijack a session by visiting an unattended workstation, as d…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-4294
|
2017-08-8 10:32 |
2008-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298458
|
- |
|
php-collab
|
php-collab
|
Multiple SQL injection vulnerabilities in phpCollab 2.5 rc3, 2.4, and earlier allow remote attackers to execute arbitrary SQL commands via the loginForm parameter to general/login.php, and unspecifie…
|
CWE-89
SQL Injection
|
CVE-2008-4303
|
2017-08-8 10:32 |
2008-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298459
|
- |
|
phpcollab
|
phpcollab
|
general/login.php in phpCollab 2.5 rc3 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified input related to the SSL_CLIENT_CERT environment varia…
|
CWE-78
OS Command
|
CVE-2008-4304
|
2017-08-8 10:32 |
2008-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298460
|
- |
|
php-collab
|
php-collab
|
Static code injection vulnerability in installation/setup.php in phpCollab 2.5 rc3 and earlier allows remote authenticated administrators to inject arbitrary PHP code into include/settings.php via th…
|
CWE-94
Code Injection
|
CVE-2008-4305
|
2017-08-8 10:32 |
2008-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
