|
298411
|
- |
|
stephenjungels
|
plait
|
plaiter in Plait before 1.6 allows local users to overwrite arbitrary files via a symlink attack on (1) cut.$$, (2) head.$$, (3) awk.$$, and (4) ps.$$ temporary files in /tmp/.
|
CWE-59
Link Following
|
CVE-2008-4085
|
2017-08-8 10:32 |
2008-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298412
|
- |
|
flip4mac
|
flip4mac_wmv
|
Multiple unspecified vulnerabilities in the Importer in Flip4Mac WMV before 2.2.1 have unknown impact and attack vectors, different vulnerabilities than CVE-2007-6713.
|
NVD-CWE-noinfo
|
CVE-2008-4095
|
2017-08-8 10:32 |
2008-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298413
|
- |
|
phpmyadmin
|
phpmyadmin
|
libraries/database_interface.lib.php in phpMyAdmin before 2.11.9.1 allows remote authenticated users to execute arbitrary code via a request to server_databases.php with a sort_by parameter containin…
|
CWE-20
Improper Input Validation
|
CVE-2008-4096
|
2017-08-8 10:32 |
2008-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298414
|
- |
|
joomla
|
com_mailto
|
The mailto (aka com_mailto) component in Joomla! 1.5 before 1.5.7 sends e-mail messages without validating the URL, which allows remote attackers to transmit spam.
|
CWE-20
Improper Input Validation
|
CVE-2008-4103
|
2017-08-8 10:32 |
2008-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298415
|
- |
|
joomla
|
joomla
|
Multiple open redirect vulnerabilities in Joomla! 1.5 before 1.5.7 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a "passed in" URL.
|
CWE-59
Link Following
|
CVE-2008-4104
|
2017-08-8 10:32 |
2008-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298416
|
- |
|
joomla
|
joomla
|
JRequest in Joomla! 1.5 before 1.5.7 does not sanitize variables that were set with JRequest::setVar, which allows remote attackers to conduct "variable injection" attacks and have unspecified other …
|
CWE-20
Improper Input Validation
|
CVE-2008-4105
|
2017-08-8 10:32 |
2008-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298417
|
- |
|
python_software_foundation
|
python
|
Tools/faqwiz/move-faqwiz.sh (aka the generic FAQ wizard moving tool) in Python 2.4.5 might allow local users to overwrite arbitrary files via a symlink attack on a tmp$RANDOM.tmp temporary file. NOT…
|
CWE-59
Link Following
|
CVE-2008-4108
|
2017-08-8 10:32 |
2008-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298418
|
- |
|
ibm
|
websphere_application_server
|
Unspecified vulnerability in Servlet Engine/Web Container in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.31 and 6.1 before 6.1.0.19, when the FileServing feature is enabled, has unknown…
|
NVD-CWE-noinfo
|
CVE-2008-4111
|
2017-08-8 10:32 |
2008-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298419
|
- |
|
sun
|
management_center
|
Unspecified vulnerability in a web page in the PRM module in Sun Management Center (SunMC) 3.6.1 and 4.0 allows remote attackers to cause a denial of service (memory consumption) via unspecified vect…
|
NVD-CWE-noinfo
|
CVE-2008-4117
|
2017-08-8 10:32 |
2008-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298420
|
- |
|
high_norm
|
sound_master_2nd
|
Cross-site scripting (XSS) vulnerability in High Norm Sound Master 2nd 1.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2008-4118
|
2017-08-8 10:32 |
2008-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
