|
284481
|
- |
|
symantec
|
backupexec_system_recovery
|
Unrestricted file upload vulnerability in the FileUpload class running on the Symantec LiveState Apache Tomcat server, as used by Symantec Backup Exec System Recovery Manager 7.0 and 7.0.1, allows re…
|
CWE-20
Improper Input Validation
|
CVE-2008-0457
|
2018-10-16 07:00 |
2008-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284482
|
- |
|
webwiz
|
web_wiz_forums
web_wiz_newspad
web_wiz_rich_text_editor
|
Web Wiz RTE_file_browser.asp in, as used in Web Wiz Rich Text Editor 4.0, Web Wiz Forums 9.07, and Web Wiz Newspad 1.02, does not require authentication, which allows remote attackers to list directo…
|
CWE-287
Improper Authentication
|
CVE-2008-0466
|
2018-10-16 07:00 |
2008-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284483
|
- |
|
tiger_php_news_system
|
tiger_php_news_system
|
SQL injection vulnerability in index.php in Tiger Php News System (TPNS) 1.0b and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter in a newscat action.
|
CWE-89
SQL Injection
|
CVE-2008-0469
|
2018-10-16 07:00 |
2008-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284484
|
- |
|
phpbb
|
phpbb
|
Cross-site request forgery (CSRF) vulnerability in privmsg.php in phpBB 2.0.22 allows remote attackers to delete private messages (PM) as arbitrary users via a deleteall action.
|
CWE-352
Origin Validation Error
|
CVE-2008-0471
|
2018-10-16 07:00 |
2008-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284485
|
- |
|
woltlab
|
burning_board
|
Cross-site request forgery (CSRF) vulnerability in modcp.php in Woltlab Burning Board (wBB) 2.3.6 PL2 allows remote attackers to delete threads as moderators or administrators via a thread_del action.
|
CWE-352
Origin Validation Error
|
CVE-2008-0472
|
2018-10-16 07:00 |
2008-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284486
|
- |
|
web_wiz
|
rich_text_editor
|
RTE_popup_save_file.asp in Web Wiz Rich Text Editor 4.0 allows remote attackers to upload (1) .html and (2) .htm files via unspecified vectors.
|
CWE-20
Improper Input Validation
|
CVE-2008-0473
|
2018-10-16 07:00 |
2008-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284487
|
- |
|
web_wiz
|
newspad
|
Directory traversal vulnerability in RTE_file_browser.asp in Web Wiz NewsPad 1.02 allows remote attackers to list arbitrary directories, and .txt and .zip files, via a .....\\\ in the sub parameter.
|
CWE-22
Path Traversal
|
CVE-2008-0479
|
2018-10-16 07:00 |
2008-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284488
|
- |
|
web_wiz
|
web_wiz_forums
|
Multiple directory traversal vulnerabilities in Web Wiz Forums 9.07 and earlier allow remote attackers to list arbitrary directories, and .txt and .zip files, via a .....\\\ in the sub parameter to (…
|
CWE-22
Path Traversal
|
CVE-2008-0480
|
2018-10-16 07:00 |
2008-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284489
|
- |
|
web_wiz
|
rich_text_editor
|
Directory traversal vulnerability in RTE_file_browser.asp in Web Wiz Rich Text Editor 4.0 allows remote attackers to list arbitrary directories, and .txt and .zip files, via a .....\\\ in the sub par…
|
CWE-22
Path Traversal
|
CVE-2008-0481
|
2018-10-16 07:00 |
2008-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284490
|
- |
|
mplayer
|
mplayer
|
Array index error in libmpdemux/demux_mov.c in MPlayer 1.0 rc2 and earlier might allow remote attackers to execute arbitrary code via a QuickTime MOV file with a crafted stsc atom tag.
|
CWE-189
Numeric Errors
|
CVE-2008-0485
|
2018-10-16 07:00 |
2008-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
