|
298511
|
- |
|
atarone
|
atarone
|
SQL injection vulnerability in ap-save.php in Atarone CMS 1.2.0 allows remote attackers to execute arbitrary SQL commands via the (1) site_name, (2) email, (3) theme_chosen, (4) hp, (5) c_meta, (6) i…
|
CWE-89
SQL Injection
|
CVE-2008-4487
|
2017-08-8 10:32 |
2008-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298512
|
- |
|
atarone
|
atarone
|
Cross-site scripting (XSS) vulnerability in ap-pages.php in Atarone CMS 1.2.0 allows remote attackers to inject arbitrary web script or HTML via the (1) name and (2) id parameters. NOTE: the provena…
|
CWE-79
Cross-site Scripting
|
CVE-2008-4488
|
2017-08-8 10:32 |
2008-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298513
|
- |
|
atarone
|
atarone
|
Directory traversal vulnerability in ap-save.php in Atarone CMS 1.2.0 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the theme_chosen parame…
|
CWE-22
Path Traversal
|
CVE-2008-4489
|
2017-08-8 10:32 |
2008-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298514
|
- |
|
php_web_explorer
|
php_web_explorer_lite
|
Multiple directory traversal vulnerabilities in PHP Web Explorer 0.99b and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) refer parameter to…
|
CWE-22
Path Traversal
|
CVE-2008-4499
|
2017-08-8 10:32 |
2008-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298515
|
- |
|
herosoft
|
hero_dvd_player
|
Heap-based buffer overflow in Mplayer.exe in Herosoft Inc. Hero DVD Player 3.0.8 allows user-assisted remote attackers to execute arbitrary code via an M3u file with a "long entry." NOTE: the provena…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-4504
|
2017-08-8 10:32 |
2008-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298516
|
- |
|
ibm
|
lotus_quickr
|
Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 (8.1.0.1) might allow attackers to cause a denial of service (system crash) via a "nonstandard URL argument" to the OpenDocument co…
|
CWE-20
Improper Input Validation
|
CVE-2008-4505
|
2017-08-8 10:32 |
2008-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298517
|
- |
|
ibm
|
lotus_quickr
|
Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 (8.1.0.1) allows a place manager to "demote or delete a place superuser group" via unknown vectors.
|
NVD-CWE-noinfo
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-4506
|
2017-08-8 10:32 |
2008-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298518
|
- |
|
ibm
|
lotus_quickr
|
Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 (8.1.0.1) allows editors to delete pages that were created by a different author via unknown vectors.
|
NVD-CWE-noinfo
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-4507
|
2017-08-8 10:32 |
2008-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298519
|
- |
|
tonec_inc.
|
internet_download_manager
|
Stack-based buffer overflow in the file parsing function in Tonec Internet Download Manager, possibly 5.14 and earlier, allows remote attackers to cause a denial of service (crash) and possibly execu…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-4508
|
2017-08-8 10:32 |
2008-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298520
|
- |
|
blue_coat_systems
|
k9_web_protection
|
Blue Coat K9 Web Protection 4.0.230 Beta relies on client-side JavaScript as a protection mechanism, which allows remote attackers to bypass authentication and access the (1) summary, (2) detail, (3)…
|
CWE-287
Improper Authentication
|
CVE-2008-4515
|
2017-08-8 10:32 |
2008-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
