|
293071
|
- |
|
jabber
|
exodus
|
Argument injection vulnerability in Exodus 0.10 allows remote attackers to inject arbitrary command line arguments, overwrite arbitrary files, and cause a denial of service via encoded spaces in a pr…
|
CWE-94
Code Injection
|
CVE-2008-6936
|
2017-09-29 10:33 |
2009-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293072
|
- |
|
holger_zimmermann
|
pi3web
|
Pi3Web 2.0.3 before PL2, when installed on Windows as a desktop application and without using the Pi3Web/Conf/Intenet.pi3, allows remote attackers to cause a denial of service (crash or hang) and obt…
|
CWE-20
Improper Input Validation
|
CVE-2008-6938
|
2017-09-29 10:33 |
2009-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293073
|
- |
|
turnkeyforms
|
web_hosting_directory
|
TurnkeyForms Web Hosting Directory allows remote attackers to bypass authentication and (1) gain administrative privileges by setting the adm cookie to 1 or (2) gain privileges as another user by set…
|
CWE-287
Improper Authentication
|
CVE-2008-6939
|
2017-09-29 10:33 |
2009-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293074
|
- |
|
turnkeyforms
|
web_hosting_directory
|
TurnkeyForms Web Hosting Directory stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain a database backup via a direct request to …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6940
|
2017-09-29 10:33 |
2009-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293075
|
- |
|
turnkeyforms
|
web_hosting_directory
|
SQL injection vulnerability in the login functionality in TurnkeyForms Web Hosting Directory allows remote attackers to execute arbitrary SQL commands via the password field.
|
CWE-89
SQL Injection
|
CVE-2008-6941
|
2017-09-29 10:33 |
2009-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293076
|
- |
|
scriptsfeed
|
realtor_classifieds_system
|
Unrestricted file upload vulnerability in ScriptsFeed Realtor Classifieds System (aka Real Estate Classifieds) allows remote authenticated users to execute arbitrary code by uploading a file with an …
|
CWE-20
Improper Input Validation
|
CVE-2008-6942
|
2017-09-29 10:33 |
2009-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293077
|
- |
|
scriptsfeed
|
recipes_listing_portal
|
Unrestricted file upload vulnerability in ScriptsFeed Recipes Listing Portal allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a recipe p…
|
CWE-20
Improper Input Validation
|
CVE-2008-6943
|
2017-09-29 10:33 |
2009-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293078
|
- |
|
scriptsfeed
|
auto_classifieds
|
Unrestricted file upload vulnerability in ScriptsFeed Auto Classifieds allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a profile logo, …
|
CWE-20
Improper Input Validation
|
CVE-2008-6944
|
2017-09-29 10:33 |
2009-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293079
|
- |
|
webhost-panel
|
bankoi_webhosting_control_panel
|
Multiple SQL injection vulnerabilities in login.asp in Bankoi WebHosting Control Panel 1.20 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password field.
|
CWE-89
SQL Injection
|
CVE-2008-6950
|
2017-09-29 10:33 |
2009-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293080
|
- |
|
cms.maury91
|
maurycms
|
MauryCMS 0.53.2 and earlier does not require administrative authentication for Editors/fckeditor/editor/filemanager/browser/default/browser.html, which allows remote attackers to upload arbitrary fil…
|
CWE-287
Improper Authentication
|
CVE-2008-6951
|
2017-09-29 10:33 |
2009-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
