|
298771
|
- |
|
ibm
|
maximo
|
Multiple cross-site scripting (XSS) vulnerabilities in jsp/common/system/debug.jsp in IBM Maximo 4.1 and 5.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Accept, (2) Acce…
|
CWE-79
Cross-site Scripting
|
CVE-2008-3161
|
2017-08-8 10:31 |
2008-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298772
|
- |
|
regretless
|
dodos_mail
|
Directory traversal vulnerability in dodosmail.php in DodosMail 2.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the dodosmail_header_file parameter. NO…
|
CWE-22
Path Traversal
|
CVE-2008-3163
|
2017-08-8 10:31 |
2008-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298773
|
- |
|
empire_server
|
empire_server
|
The files utility in Empire Server before 4.3.15 discloses the world creation time, which makes it easier for attackers to determine the PRNG seed.
|
CWE-200
Information Exposure
|
CVE-2008-3168
|
2017-08-8 10:31 |
2008-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298774
|
- |
|
empire_server
|
empire_server
|
Multiple heap-based buffer overflows in Empire Server before 4.3.15 allow remote attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors, related to a "coord…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-3169
|
2017-08-8 10:31 |
2008-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298775
|
- |
|
apple
|
safari
|
Apple Safari allows web sites to set cookies for country-specific top-level domains, such as co.uk and com.au, which could allow remote attackers to perform a session fixation attack and hijack a use…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-3170
|
2017-08-8 10:31 |
2008-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298776
|
- |
|
apple
|
safari
|
Apple Safari sends Referer headers containing https URLs to different https web sites, which allows remote attackers to obtain potentially sensitive information by reading Referer log data.
|
CWE-200
Information Exposure
|
CVE-2008-3171
|
2017-08-8 10:31 |
2008-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298777
|
- |
|
opera
|
opera
|
Opera allows web sites to set cookies for country-specific top-level domains that have DNS A records, such as co.tv, which could allow remote attackers to perform a session fixation attack and hijack…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-3172
|
2017-08-8 10:31 |
2008-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298778
|
- |
|
sophos
|
es1000
es4000
sophos_anti-virus
sophos_puremessage_anti-virus
|
Sophos virus detection engine 2.75 on Linux and Unix, as used in Sophos Email Appliance, Pure Message for Unix, and Sophos Anti-Virus Interface (SAVI), allows remote attackers to cause a denial of se…
|
CWE-16
Configuration
|
CVE-2008-3177
|
2017-08-8 10:31 |
2008-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298779
|
- |
|
chipmunk_scripts
|
chipmunk_blogger
|
Multiple cross-site scripting (XSS) vulnerabilities in Chipmunk Blog (Blogger) allow remote attackers to inject arbitrary web script or HTML via the membername parameter to (1) members.php, (2) comme…
|
CWE-79
Cross-site Scripting
|
CVE-2008-3186
|
2017-08-8 10:31 |
2008-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298780
|
- |
|
opensuse
|
zypper
|
zypp-refresh-patches in zypper in SUSE openSUSE 10.2, 10.3, and 11.0 does not ask the user before accepting repository keys, which allows remote repositories to cause a denial of service (package dat…
|
CWE-20
Improper Input Validation
|
CVE-2008-3187
|
2017-08-8 10:31 |
2008-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
