|
293201
|
- |
|
phlatline
|
personal_information_manager
|
Directory traversal vulnerability in upload.php in Phlatline's Personal Information Manager (pPIM) 1.0 allows remote attackers to delete arbitrary files via directory traversal sequences in the file …
|
CWE-22
Path Traversal
|
CVE-2008-4425
|
2017-09-29 10:32 |
2008-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293202
|
- |
|
phlatline
|
personal_information_manager
|
Cross-site scripting (XSS) vulnerability in events.php in Phlatline's Personal Information Manager (pPIM) 1.0 allows remote attackers to inject arbitrary web script or HTML via the date parameter in …
|
CWE-79
Cross-site Scripting
|
CVE-2008-4426
|
2017-09-29 10:32 |
2008-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293203
|
- |
|
phlatline
|
personal_information_manager
|
changepassword.php in Phlatline's Personal Information Manager (pPIM) 1.0 and earlier does not require administrative authentication, which allows remote attackers to change arbitrary passwords.
|
CWE-287
Improper Authentication
|
CVE-2008-4427
|
2017-09-29 10:32 |
2008-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293204
|
- |
|
phlatline
|
personal_information_manager
|
Unrestricted file upload vulnerability in upload.php in Phlatline's Personal Information Manager (pPIM) 1.0 and earlier allows remote attackers to execute arbitrary code by uploading a .php file, the…
|
CWE-20
Improper Input Validation
|
CVE-2008-4428
|
2017-09-29 10:32 |
2008-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293205
|
- |
|
bblog
|
wbblog
|
SQL injection vulnerability in bblog_plugins/builtin.help.php in bBlog 0.7.6 allows remote attackers to execute arbitrary SQL commands via the mod parameter.
|
CWE-89
SQL Injection
|
CVE-2008-4436
|
2017-09-29 10:32 |
2008-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293206
|
- |
|
bblog
|
wbblog
|
bBlog is no longer actively maintained, and there are no plans to carry on with development.
Source: http://www.bblog.com/
|
CWE-89
SQL Injection
|
CVE-2008-4436
|
2017-09-29 10:32 |
2008-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293207
|
- |
|
mirc
|
mirc
|
Stack-based buffer overflow in mIRC 6.34 allows remote attackers to execute arbitrary code via a long hostname in a PRIVMSG message.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-4449
|
2017-09-29 10:32 |
2008-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293208
|
- |
|
eset_software
|
system_analyzer_tool
|
The SysInspector AntiStealth driver (esiasdrv.sys) 3.0.65535.0 in ESET System Analyzer Tool 1.1.1.0 allows local users to execute arbitrary code via a certain METHOD_NEITHER IOCTL request to \Device\…
|
CWE-94
CWE-264
Code Injection
Permissions, Privileges, and Access Controls
|
CVE-2008-4451
|
2017-09-29 10:32 |
2008-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293209
|
- |
|
cambridge_computer_corporation
|
vxftpsrv
|
Buffer overflow in Cambridge Computer Corporation vxFtpSrv 2.0.3 allows remote attackers to cause a denial of service (crash and hang) and possibly execute arbitrary code via a long CWD request.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-4452
|
2017-09-29 10:32 |
2008-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293210
|
- |
|
dspicture
|
light_imaging_toolkit
pro_imaging_sdk
|
The GdPicture (1) Light Imaging Toolkit 4.7.1 GdPicture4S.Imaging ActiveX control (gdpicture4s.ocx) 4.7.0.1 and (2) Pro Imaging SDK 5.7.1 GdPicturePro5S.Imaging ActiveX control (gdpicturepro5s.ocx) 5…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-4453
|
2017-09-29 10:32 |
2008-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
