|
298441
|
- |
|
apache
|
xerces-c\+\+
|
The XML parser in Xerces-C++ before 3.0.0 allows context-dependent attackers to cause a denial of service (stack consumption and crash) via an XML schema definition with a large maxOccurs value, whic…
|
CWE-20
Improper Input Validation
|
CVE-2008-4482
|
2017-08-8 10:32 |
2008-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298442
|
- |
|
bluecoat
|
security_gateway_os
|
Cross-site scripting (XSS) vulnerability in the ICAP patience page in Blue Coat Security Gateway OS (SGOS) 4.2 before 4.2.9, 5.2 before 5.2.5, and 5.3 before 5.3.1.7 allows remote attackers to inject…
|
CWE-79
Cross-site Scripting
|
CVE-2008-4485
|
2017-08-8 10:32 |
2008-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298443
|
- |
|
atarone
|
atarone
|
SQL injection vulnerability in ap-save.php in Atarone CMS 1.2.0 allows remote attackers to execute arbitrary SQL commands via the (1) site_name, (2) email, (3) theme_chosen, (4) hp, (5) c_meta, (6) i…
|
CWE-89
SQL Injection
|
CVE-2008-4487
|
2017-08-8 10:32 |
2008-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298444
|
- |
|
atarone
|
atarone
|
Cross-site scripting (XSS) vulnerability in ap-pages.php in Atarone CMS 1.2.0 allows remote attackers to inject arbitrary web script or HTML via the (1) name and (2) id parameters. NOTE: the provena…
|
CWE-79
Cross-site Scripting
|
CVE-2008-4488
|
2017-08-8 10:32 |
2008-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298445
|
- |
|
atarone
|
atarone
|
Directory traversal vulnerability in ap-save.php in Atarone CMS 1.2.0 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the theme_chosen parame…
|
CWE-22
Path Traversal
|
CVE-2008-4489
|
2017-08-8 10:32 |
2008-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298446
|
- |
|
php_web_explorer
|
php_web_explorer_lite
|
Multiple directory traversal vulnerabilities in PHP Web Explorer 0.99b and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) refer parameter to…
|
CWE-22
Path Traversal
|
CVE-2008-4499
|
2017-08-8 10:32 |
2008-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298447
|
- |
|
herosoft
|
hero_dvd_player
|
Heap-based buffer overflow in Mplayer.exe in Herosoft Inc. Hero DVD Player 3.0.8 allows user-assisted remote attackers to execute arbitrary code via an M3u file with a "long entry." NOTE: the provena…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-4504
|
2017-08-8 10:32 |
2008-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298448
|
- |
|
ibm
|
lotus_quickr
|
Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 (8.1.0.1) might allow attackers to cause a denial of service (system crash) via a "nonstandard URL argument" to the OpenDocument co…
|
CWE-20
Improper Input Validation
|
CVE-2008-4505
|
2017-08-8 10:32 |
2008-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298449
|
- |
|
ibm
|
lotus_quickr
|
Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 (8.1.0.1) allows a place manager to "demote or delete a place superuser group" via unknown vectors.
|
NVD-CWE-noinfo
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-4506
|
2017-08-8 10:32 |
2008-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298450
|
- |
|
ibm
|
lotus_quickr
|
Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 (8.1.0.1) allows editors to delete pages that were created by a different author via unknown vectors.
|
NVD-CWE-noinfo
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-4507
|
2017-08-8 10:32 |
2008-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
