|
299071
|
- |
|
asterisk
|
asterisk_appliance_developer_kit
asterisk_business_edition
asterisknow
open_source
s800i
|
The IAX2 channel driver (chan_iax2) in Asterisk 1.2 before revision 72630 and 1.4 before revision 65679, when configured to allow unauthenticated calls, sends "early audio" to an unverified source IP…
|
CWE-16
Configuration
|
CVE-2008-1923
|
2017-08-8 10:30 |
2008-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299072
|
- |
|
phpmyadmin
|
phpmyadmin
|
Unspecified vulnerability in phpMyAdmin before 2.11.5.2, when running on shared hosts, allows remote authenticated users with CREATE table permissions to read arbitrary files via a crafted HTTP POST …
|
NVD-CWE-noinfo
CWE-200
Information Exposure
|
CVE-2008-1924
|
2017-08-8 10:30 |
2008-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299073
|
- |
|
imager
|
imager
|
Buffer overflow in Imager 0.42 through 0.63 allows attackers to cause a denial of service (crash) via an image based fill in which the number of input channels is different from the number of output …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-1928
|
2017-08-8 10:30 |
2008-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299074
|
- |
|
moinmoin
|
moinmoin
|
The user form processing (userform.py) in MoinMoin before 1.6.3, when using ACLs or a non-empty superusers list, does not properly manage users, which allows remote attackers to gain privileges.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-1937
|
2017-08-8 10:30 |
2008-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299075
|
- |
|
sony
|
mylo_com_2
|
Sony Mylo COM-2 Japanese model firmware before 1.002 does not properly verify web server SSL certificates, which allows remote attackers to obtain sensitive information and conduct spoofing attacks.
|
CWE-287
Improper Authentication
|
CVE-2008-1938
|
2017-08-8 10:30 |
2008-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299076
|
- |
|
grsecurity
|
grsecurity_kernel_patch
|
The RBAC functionality in grsecurity before 2.1.11-2.6.24.5 and 2.1.11-2.4.36.2 does not enforce user_transition_deny and user_transition_allow rules for the (1) sys_setfsuid and (2) sys_setfsgid cal…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-1940
|
2017-08-8 10:30 |
2008-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299077
|
- |
|
akiva
|
webboard
|
Cross-site scripting (XSS) vulnerability in the profile update feature in Akiva WebBoard 8.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors in the fo…
|
CWE-79
Cross-site Scripting
|
CVE-2008-1941
|
2017-08-8 10:30 |
2008-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299078
|
- |
|
foxit_software
|
reader
|
Foxit Reader 2.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with (1) a malformed ExtGState resource containing a /Font resource, o…
|
CWE-20
Improper Input Validation
|
CVE-2008-1942
|
2017-08-8 10:30 |
2008-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299079
|
- |
|
magnolia
|
site_designer
|
Cross-site scripting (XSS) vulnerability in the Sitedesigner before 1.1.5 search template in Magnolia Enterprise Edition allows remote attackers to inject arbitrary web script or HTML via the query p…
|
CWE-79
Cross-site Scripting
|
CVE-2008-1953
|
2017-08-8 10:30 |
2008-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299080
|
- |
|
toocharger
|
myboard
|
Cross-site scripting (XSS) vulnerability in rep.php in Martin BOUCHER MyBoard 1.0.12 allows remote attackers to inject arbitrary web script or HTML via the id parameter. information.
|
CWE-79
Cross-site Scripting
|
CVE-2008-1955
|
2017-08-8 10:30 |
2008-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
