|
285071
|
- |
|
cs-cart
|
cs-cart
|
SQL injection vulnerability in core/user.php in CS-Cart 1.3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the cs_cookies[customer_user_id] cookie parameter.
|
CWE-89
SQL Injection
|
CVE-2008-6394
|
2018-10-12 05:57 |
2009-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285072
|
- |
|
datalifecms
|
datalife_engine
|
Cross-site scripting (XSS) vulnerability in admin.php in DataLife Engine (DLE) 7.2 allows remote attackers to inject arbitrary web script or HTML via the query string.
|
CWE-79
Cross-site Scripting
|
CVE-2008-6406
|
2018-10-12 05:57 |
2009-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285073
|
- |
|
torrenttrader
|
torrenttrader
|
SQL injection vulnerability in scrape.php in TorrentTrader before 2008-05-13 allows remote attackers to execute arbitrary SQL commands via the info_hash parameter.
|
CWE-89
SQL Injection
|
CVE-2008-6418
|
2018-10-12 05:57 |
2009-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285074
|
- |
|
hivemaker
|
hivemaker
|
SQL injection vulnerability in index.php in Hivemaker Professional 1.0.2 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cid paramete…
|
CWE-89
SQL Injection
|
CVE-2008-6427
|
2018-10-12 05:57 |
2009-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285075
|
- |
|
bmforum
|
bmforum
|
Multiple cross-site scripting (XSS) vulnerabilities in BMForum 5.6 allow remote attackers to inject arbitrary web script or HTML via the (1) outpused parameter to index.php, the (2) footer_copyright …
|
CWE-79
Cross-site Scripting
|
CVE-2008-6431
|
2018-10-12 05:57 |
2009-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285076
|
- |
|
phpsqlitecms
|
phpsqlitecms
|
Multiple cross-site scripting (XSS) vulnerabilities in phpSQLiteCMS 1 RC2 allow remote attackers to inject arbitrary web script or HTML via the (1) lang[home], (2) lang[admin_menu], and (3) lang[admi…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6435
|
2018-10-12 05:57 |
2009-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285077
|
- |
|
lukas_waldauf
|
phpfreeforum
|
Multiple cross-site scripting (XSS) vulnerabilities in PHPFreeForum 1.0 RC2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) message parameter to error.php, and t…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6437
|
2018-10-12 05:57 |
2009-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285078
|
- |
|
e107coders
|
macguru_blog_engine_plugin
|
SQL injection vulnerability in macgurublog_menu/macgurublog.php in the MacGuru BLOG Engine plugin 2.2 for e107 allows remote attackers to execute arbitrary SQL commands via the uid parameter, a diffe…
|
CWE-89
SQL Injection
|
CVE-2008-6438
|
2018-10-12 05:57 |
2009-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285079
|
- |
|
abledating
|
abledating
|
Cross-site scripting (XSS) vulnerability in search_results.php in ABK-Soft AbleDating 2.4 allows remote attackers to inject arbitrary web script or HTML via the keyword parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-6439
|
2018-10-12 05:57 |
2009-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285080
|
- |
|
epicgames
|
unreal_engine
|
Format string vulnerability in the Epic Games Unreal engine client, as used in multiple games, allows remote servers to execute arbitrary code via (1) the CLASS parameter in a DLMGR command, (2) a ma…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2008-6441
|
2018-10-12 05:57 |
2009-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
