|
299131
|
- |
|
tru-zone
|
nukeet
|
The Journal module in Tru-Zone Nuke ET 3.x allows remote attackers to obtain access to arbitrary user accounts, and alter or delete data, via a modified username in an unspecified cookie.
|
CWE-20
Improper Input Validation
|
CVE-2008-2134
|
2017-08-8 10:30 |
2008-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299132
|
- |
|
rpath
|
appliance_platform_agent
|
The rootpw plugin in rPath Appliance Platform Agent 2 and 3 does not re-validate requests from a browser with a valid administrator session, including requests to change the password, which makes it …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-2139
|
2017-08-8 10:30 |
2008-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299133
|
- |
|
rpath
|
appliance_platform_agent
|
Cross-site request forgery (CSRF) vulnerability in the rootpw plugin in rPath Appliance Platform Agent 2 and 3 allows remote attackers to reset the root password as the administrator via a crafted UR…
|
CWE-352
Origin Validation Error
|
CVE-2008-2140
|
2017-08-8 10:30 |
2008-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299134
|
- |
|
microsoft
|
outlook_web_access
|
Unspecified versions of Microsoft Outlook Web Access (OWA) use the Cache-Control: no-cache HTTP directive instead of no-store, which might cause web browsers that follow RFC-2616 to cache sensitive i…
|
NVD-CWE-Other
|
CVE-2008-2143
|
2017-08-8 10:30 |
2008-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299135
|
- |
|
wordpress
|
wordpress
|
wp-includes/vars.php in Wordpress before 2.2.3 does not properly extract the current path from the PATH_INFO ($PHP_SELF), which allows remote attackers to bypass intended access restrictions for cert…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-2146
|
2017-08-8 10:30 |
2008-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299136
|
- |
|
wordnet
|
wordnet
|
Stack-based buffer overflow in the searchwn function in Wordnet 2.0, 2.1, and 3.0 might allow context-dependent attackers to execute arbitrary code via a long command line option. NOTE: this issue p…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-2149
|
2017-08-8 10:30 |
2008-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299137
|
- |
|
ibm
|
db2
|
IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP2 provides an INSTALL_JAR (aka sqlj.install_jar) procedure, which allows remote authenticated users to create or overwrite arbitrary files via …
|
CWE-16
Configuration
|
CVE-2008-2154
|
2017-08-8 10:30 |
2009-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299138
|
- |
|
emc_corporation
|
alphastor
|
robotd in the Library Manager in EMC AlphaStor 3.1 SP1 for Windows allows remote attackers to execute arbitrary commands via an unspecified string field in a packet to TCP port 3500.
|
CWE-20
Improper Input Validation
|
CVE-2008-2157
|
2017-08-8 10:30 |
2008-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299139
|
- |
|
emc_corporation
|
alphastor
|
Multiple stack-based buffer overflows in the Command Line Interface process in the Server Agent in EMC AlphaStor 3.1 SP1 for Windows allow remote attackers to execute arbitrary code via crafted TCP p…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-2158
|
2017-08-8 10:30 |
2008-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299140
|
- |
|
sonicwall
|
e-mail_security
|
Cross-site scripting (XSS) vulnerability in SonicWall Email Security 6.1.1 allows remote attackers to inject arbitrary web script or HTML via the Host header in a request to a non-existent web page, …
|
CWE-79
Cross-site Scripting
|
CVE-2008-2162
|
2017-08-8 10:30 |
2008-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
