|
284451
|
- |
|
nec
|
sockscap
|
Stack-based buffer overflow in SocksCap 2.40-051231 and earlier, when "Resolve all names remotely" is enabled, allows remote attackers to cause a denial of service (crash) and possibly execute arbitr…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-0378
|
2018-10-16 06:59 |
2008-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284452
|
- |
|
mybulletinboard
|
mybulletinboard
|
Multiple eval injection vulnerabilities in MyBB 1.2.10 and earlier allow remote attackers to execute arbitrary code via the sortby parameter to (1) forumdisplay.php or (2) a results action in search.…
|
CWE-94
Code Injection
|
CVE-2008-0382
|
2018-10-16 06:59 |
2008-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284453
|
- |
|
mybb
|
mybb
|
Multiple SQL injection vulnerabilities in MyBB 1.2.10 and earlier allow remote moderators and administrators to execute arbitrary SQL commands via (1) the mergepost parameter in a do_mergeposts actio…
|
CWE-89
SQL Injection
|
CVE-2008-0383
|
2018-10-16 06:59 |
2008-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284454
|
- |
|
urulu
|
urulu
|
SQL injection vulnerability in server/widgetallocator.php in Urulu 2.1 allows remote attackers to execute arbitrary SQL commands via the connectionId parameter to index.php with (1) statprt/js/reques…
|
CWE-89
SQL Injection
|
CVE-2008-0385
|
2018-10-16 06:59 |
2008-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284455
|
- |
|
kayako
|
supportsuite
|
Kayako SupportSuite 3.11.01 allows remote attackers to obtain server configuration information via a direct request to syncml/index.php, which prints the contents of the $_SERVER superglobal.
|
CWE-200
Information Exposure
|
CVE-2008-0395
|
2018-10-16 06:59 |
2008-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284456
|
- |
|
bitdefender
|
update_server
|
Directory traversal vulnerability in BitDefender Update Server (http.exe), as used in BitDefender products including Security for Fileservers and Enterprise Manager (BDEM), allows remote attackers to…
|
CWE-22
Path Traversal
|
CVE-2008-0396
|
2018-10-16 06:59 |
2008-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284457
|
- |
|
belkin
|
f5d9230-4
|
The web server in Belkin Wireless G Plus MIMO Router F5D9230-4 does not require authentication for SaveCfgFile.cgi, which allows remote attackers to read and modify configuration via a direct request…
|
CWE-287
Improper Authentication
|
CVE-2008-0403
|
2018-10-16 06:59 |
2008-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284458
|
- |
|
hfs
|
http_file_server
|
Multiple directory traversal vulnerabilities in HTTP File Server (HFS) before 2.2c, when account names are used as log filenames, allow remote attackers to create arbitrary (1) files and (2) director…
|
CWE-22
Path Traversal
|
CVE-2008-0405
|
2018-10-16 06:59 |
2008-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284459
|
- |
|
hfs
|
http_file_server
|
HTTP File Server (HFS) before 2.2c, when account names are used as log filenames, allows remote attackers to cause a denial of service (daemon crash) via a long account name.
|
CWE-20
Improper Input Validation
|
CVE-2008-0406
|
2018-10-16 06:59 |
2008-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284460
|
- |
|
hfs
|
http_file_server
|
HTTP File Server (HFS) before 2.2c tags HTTP request log entries with the username sent during HTTP Basic Authentication, regardless of whether authentication succeeded, which might make it more diff…
|
CWE-287
Improper Authentication
|
CVE-2008-0407
|
2018-10-16 06:59 |
2008-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
