|
299151
|
- |
|
php-fusion
|
forum_rank_system
|
Multiple directory traversal vulnerabilities in PHP-Fusion Forum Rank System 6 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the settings[locale] parameter…
|
CWE-22
Path Traversal
|
CVE-2008-2227
|
2017-08-8 10:30 |
2008-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299152
|
- |
|
reportbug-ng
|
reportbug
reportbug-ng
|
Untrusted search path vulnerability in (1) reportbug 3.8 and 3.31, and (2) reportbug-ng before 0.2008.06.04, allows local users to execute arbitrary code via a malicious module file in the current wo…
|
CWE-94
Code Injection
|
CVE-2008-2230
|
2017-08-8 10:30 |
2008-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299153
|
- |
|
slashcode.com
|
slash
|
SQL injection vulnerability in Slashdot Like Automated Storytelling Homepage (Slash) (aka Slashcode) R_2_5_0_94 and earlier allows remote attackers to execute SQL commands and read table information …
|
CWE-89
SQL Injection
|
CVE-2008-2231
|
2017-08-8 10:30 |
2008-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299154
|
- |
|
afuse
|
afuse
|
The expand_template function in afuse.c in afuse 0.2 allows local users to gain privileges via shell metacharacters in a pathname.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-2232
|
2017-08-8 10:30 |
2008-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299155
|
- |
|
opensc-project
|
opensc
|
OpenSC before 0.11.5 uses weak permissions (ADMIN file control information of 00) for the 5015 directory on smart cards and USB crypto tokens running Siemens CardOS M4, which allows physically proxim…
|
CWE-310
Cryptographic Issues
|
CVE-2008-2235
|
2017-08-8 10:30 |
2008-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299156
|
- |
|
blosxom
|
blosxom
|
Cross-site scripting (XSS) vulnerability in blosxom.cgi in Blosxom before 2.1.2 allows remote attackers to inject arbitrary web script or HTML via the flav parameter (flavour variable). NOTE: some o…
|
CWE-79
Cross-site Scripting
|
CVE-2008-2236
|
2017-08-8 10:30 |
2008-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299157
|
- |
|
ibm
|
lotus_domino
|
Stack-based buffer overflow in the Web Server service in IBM Lotus Domino before 7.0.3 FP1, and 8.x before 8.0.1, allows remote attackers to cause a denial of service (daemon crash) or possibly execu…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-2240
|
2017-08-8 10:30 |
2008-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299158
|
- |
|
oued
|
cyrixmed
|
Cross-site scripting (XSS) vulnerability in index.php in CyrixMED 1.4 allows remote attackers to inject arbitrary web script or HTML via the msg_erreur parameter. NOTE: the provenance of this inform…
|
CWE-79
Cross-site Scripting
|
CVE-2008-2264
|
2017-08-8 10:30 |
2008-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299159
|
- |
|
nzbget
uudeview
|
nzbget
uudeview
|
uulib/uunconc.c in UUDeview 0.5.20, as used in nzbget before 0.3.0 and possibly other products, allows local users to overwrite arbitrary files via a symlink attack on a temporary filename generated …
|
CWE-59
Link Following
|
CVE-2008-2266
|
2017-08-8 10:30 |
2008-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299160
|
- |
|
typo3
|
sr_feuser_register_extension
|
Cross-site scripting (XSS) vulnerability in the sr_feuser_register 1.4.0, 1.6.0, 2.2.1 to 2.2.7, 2.3.0 to 2.3.6, 2.4.0, and 2.5.0 to 2.5.9 extension for TYPO3 allows remote attackers to inject arbitr…
|
CWE-79
Cross-site Scripting
|
CVE-2008-2274
|
2017-08-8 10:30 |
2008-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
