|
284461
|
- |
|
hfs
|
http_file_server
|
HTTP File Server (HFS) before 2.2c allows remote attackers to append arbitrary text to the log file by using the base64 representation of this text during HTTP Basic Authentication.
|
CWE-287
Improper Authentication
|
CVE-2008-0408
|
2018-10-16 06:59 |
2008-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284462
|
- |
|
hfs
|
http_file_server
|
Cross-site scripting (XSS) vulnerability in HTTP File Server (HFS) before 2.2c allows remote attackers to inject arbitrary web script or HTML via the userinfo subcomponent of a URL.
|
CWE-79
Cross-site Scripting
|
CVE-2008-0409
|
2018-10-16 06:59 |
2008-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284463
|
- |
|
hfs
|
http_file_server
|
HTTP File Server (HFS) before 2.2c allows remote attackers to obtain configuration and usage details by using an id element such as <id>%version%</id> in HTTP Basic Authentication instead of a userna…
|
CWE-287
Improper Authentication
|
CVE-2008-0410
|
2018-10-16 06:59 |
2008-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284464
|
- |
|
moodle
|
moodle
|
Cross-site scripting (XSS) vulnerability in install.php for Moodle 1.8.3, and possibly other versions before 1.8.4, allows remote attackers to inject arbitrary web script or HTML via the dbname param…
|
CWE-79
Cross-site Scripting
|
CVE-2008-0123
|
2018-10-16 06:58 |
2008-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284465
|
- |
|
phpstats
|
phpstats
|
Cross-site scripting (XSS) vulnerability in phpstats.php in Michael Wagner phpstats 0.1 alpha allows remote attackers to inject arbitrary web script or HTML via the baseDir parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-0125
|
2018-10-16 06:58 |
2008-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284466
|
- |
|
mcafee
|
e-business_server
|
The administration interface in McAfee E-Business Server 8.5.2 and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a long initial authentication pa…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-0127
|
2018-10-16 06:58 |
2008-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284467
|
- |
|
snitz_communications
|
snitz_forums_2000
|
Cross-site scripting (XSS) vulnerability in Forums/setup.asp in Snitz Forums 2000 3.4.06 and earlier allows remote attackers to inject arbitrary web script or HTML via the MAIL parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-0134
|
2018-10-16 06:58 |
2008-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284468
|
- |
|
snitz_communications
|
snitz_forums_2000
|
Snitz Forums 2000 3.4.06 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for fo…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-0135
|
2018-10-16 06:58 |
2008-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284469
|
- |
|
snitz_communications
|
snitz_forums_2000
|
Snitz Forums 2000 3.4.05 allows remote attackers to obtain sensitive information via a direct request to forum/whereami.asp, which reveals the database path.
|
CWE-200
Information Exposure
|
CVE-2008-0136
|
2018-10-16 06:58 |
2008-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284470
|
- |
|
hughes_technologies
|
w3-msql
|
Cross-site scripting (XSS) vulnerability in the error page in W3-mSQL allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the top-level URI.
|
CWE-79
Cross-site Scripting
|
CVE-2008-0146
|
2018-10-16 06:58 |
2008-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
