|
298711
|
- |
|
checkinstall
|
checkinstall
|
Race condition in (1) checkinstall 1.6.1 and (2) installwatch allows local users to overwrite arbitrary files and have other impacts via symlink and possibly other attacks on temporary working direct…
|
CWE-362
Race Condition
|
CVE-2008-2958
|
2017-08-8 10:31 |
2008-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298712
|
- |
|
phpmyadmin
|
phpmyadmin
|
Cross-site scripting (XSS) vulnerability in phpMyAdmin before 2.11.7, when register_globals is enabled and .htaccess support is disabled, allows remote attackers to inject arbitrary web script or HTM…
|
CWE-79
Cross-site Scripting
|
CVE-2008-2960
|
2017-08-8 10:31 |
2008-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298713
|
- |
|
drupal
|
aggregation_module
|
Multiple cross-site scripting (XSS) vulnerabilities in the Aggregation module 5.x before 5.x-4.4 for Drupal allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2008-2998
|
2017-08-8 10:31 |
2008-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298714
|
- |
|
drupal
|
aggregation_module
|
Per Hyperlink Record 1026625, Drupal core is not affected. If you do not use the contributed Aggregation module, there is nothing you need to do.
|
CWE-79
Cross-site Scripting
|
CVE-2008-2998
|
2017-08-8 10:31 |
2008-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298715
|
- |
|
drupal
|
aggregation_module
drupal
|
Multiple SQL injection vulnerabilities in the Aggregation module 5.x before 5.x-4.4 for Drupal allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2008-2999
|
2017-08-8 10:31 |
2008-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298716
|
- |
|
drupal
|
aggregation_module
drupal
|
Per Hyperlink Record 1026625, Drupal core is not affected. If you do not use the contributed Aggregation module, there is nothing you need to do.
|
CWE-89
SQL Injection
|
CVE-2008-2999
|
2017-08-8 10:31 |
2008-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298717
|
- |
|
drupal
|
aggregation_module
|
The Aggregation module 5.x before 5.x-4.4 for Drupal, when node access modules are used, does not properly implement access control, which allows remote attackers to bypass intended restrictions.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-3000
|
2017-08-8 10:31 |
2008-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298718
|
- |
|
drupal
|
aggregation_module
|
Per Hyperlink Record 1026625, Drupal core is not affected. If you do not use the contributed Aggregation module, there is nothing you need to do.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-3000
|
2017-08-8 10:31 |
2008-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298719
|
- |
|
drupal
|
aggregation_module
|
The Aggregation module 5.x before 5.x-4.4 for Drupal allows remote attackers to upload files with arbitrary extensions, and possibly execute arbitrary code, via a crafted feed that allows upload of f…
|
CWE-94
Code Injection
|
CVE-2008-3001
|
2017-08-8 10:31 |
2008-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298720
|
- |
|
drupal
|
aggregation_module
|
Per Hyperlink Record 1026625, Drupal core is not affected. If you do not use the contributed Aggregation module, there is nothing you need to do.
|
CWE-94
Code Injection
|
CVE-2008-3001
|
2017-08-8 10:31 |
2008-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
