|
293851
|
- |
|
pbcs
|
project-based_calendaring__system
|
Unrestricted file upload vulnerability in src/yopy_upload.php in Project-Based Calendaring System (PBCS) 0.7.1 allows remote authenticated users to upload arbitrary files to tmp/uploads.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-2216
|
2017-09-29 10:31 |
2008-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293852
|
- |
|
mario_valdez
|
content_management_system
|
Directory traversal vulnerability in cm/graphie.php in Content Management System 0.6.1 for Phprojekt allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cm_…
|
CWE-22
Path Traversal
|
CVE-2008-2217
|
2017-09-29 10:31 |
2008-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293853
|
- |
|
interact
|
interact
|
Multiple PHP remote file inclusion vulnerabilities in Interact Learning Community Environment Interact 2.4.1, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code vi…
|
CWE-94
Code Injection
|
CVE-2008-2220
|
2017-09-29 10:31 |
2008-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293854
|
- |
|
eqdkp
|
eqdkp
|
SQL injection vulnerability in login.php in EQdkp 1.3.2f allows remote attackers to bypass EQdkp user authentication via the user_id parameter.
|
CWE-89
SQL Injection
|
CVE-2008-2222
|
2017-09-29 10:31 |
2008-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293855
|
- |
|
buyscripts
|
vshare_youtube_clone
|
SQL injection vulnerability in group_posts.php in vShare YouTube Clone 2.6 allows remote attackers to execute arbitrary SQL commands via the tid parameter.
|
CWE-89
SQL Injection
|
CVE-2008-2223
|
2017-09-29 10:31 |
2008-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293856
|
- |
|
sazcart
|
sazcart
|
Multiple PHP remote file inclusion vulnerabilities in SazCart 1.5.1, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) _saz[settings][site_di…
|
CWE-94
Code Injection
|
CVE-2008-2224
|
2017-09-29 10:31 |
2008-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293857
|
- |
|
gamecms
|
gamecms_lite
|
SQL injection vulnerability in index.php in gameCMS Lite 1.0 allows remote attackers to execute arbitrary SQL commands via the systemId parameter.
|
CWE-89
SQL Injection
|
CVE-2008-2225
|
2017-09-29 10:31 |
2008-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293858
|
- |
|
cyberfolio
|
cyberfolio
|
PHP remote file inclusion vulnerability in portfolio/commentaires/derniers_commentaires.php in Cyberfolio 7.12, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code…
|
CWE-94
Code Injection
|
CVE-2008-2228
|
2017-09-29 10:31 |
2008-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293859
|
- |
|
openoffice
|
openoffice.org
|
Heap-based buffer overflow in OpenOffice.org (OOo) 2.x before 2.4.2 allows remote attackers to execute arbitrary code via a crafted WMF file associated with a StarOffice/StarSuite document.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-2237
|
2017-09-29 10:31 |
2008-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293860
|
- |
|
openoffice
|
openoffice.org
|
Multiple integer overflows in OpenOffice.org (OOo) 2.x before 2.4.2 allow remote attackers to execute arbitrary code via crafted EMR records in an EMF file associated with a StarOffice/StarSuite docu…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-2238
|
2017-09-29 10:31 |
2008-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
