|
284381
|
- |
|
eticket
|
eticket
|
Cross-site scripting (XSS) vulnerability in index.php in eTicket 1.5.6-RC4 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
|
CWE-79
Cross-site Scripting
|
CVE-2008-0552
|
2018-10-16 07:01 |
2008-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284382
|
- |
|
tcl_tk
|
tcl_tk
|
Stack-based buffer overflow in the ReadImage function in tkImgGIF.c in Tk (Tcl/Tk) before 8.5.1 allows remote attackers to execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-0553
|
2018-10-16 07:01 |
2008-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284383
|
- |
|
apache-ssl
|
apache-ssl
|
The ExpandCert function in Apache-SSL before apache_1.3.41+ssl_1.59 does not properly handle (1) '/' and (2) '=' characters in a Distinguished Name (DN) in a client certificate, which might allow rem…
|
CWE-287
CWE-20
Improper Authentication
Improper Input Validation
|
CVE-2008-0555
|
2018-10-16 07:01 |
2008-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284384
|
- |
|
nilsons_blogger
|
nilsons_blogger
|
Multiple directory traversal vulnerabilities in Nilson's Blogger 0.11 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the permalink parameter in core.php…
|
CWE-22
Path Traversal
|
CVE-2008-0559
|
2018-10-16 07:01 |
2008-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284385
|
- |
|
mailman
|
mailman
|
Multiple cross-site scripting (XSS) vulnerabilities in Mailman before 2.1.10b1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) editing templates a…
|
CWE-79
Cross-site Scripting
|
CVE-2008-0564
|
2018-10-16 07:01 |
2008-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284386
|
- |
|
webspell
|
webspell
|
Cross-site scripting (XSS) vulnerability in index.php in webSPELL 4.01.02 allows remote attackers to inject arbitrary web script or HTML via the sort parameter in a whoisonline action.
|
CWE-79
Cross-site Scripting
|
CVE-2008-0574
|
2018-10-16 07:01 |
2008-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284387
|
- |
|
webspell
|
webspell
|
Cross-site request forgery (CSRF) vulnerability in admin/admincenter.php in webSPELL 4.01.02 allows remote attackers to assign the superadmin privilege level to arbitrary accounts as administrators v…
|
CWE-352
Origin Validation Error
|
CVE-2008-0575
|
2018-10-16 07:01 |
2008-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284388
|
- |
|
tripwire
|
tripwire_enterprise
|
Cross-site scripting (XSS) vulnerability in the web management login page in Tripwire Enterprise 7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2008-0578
|
2018-10-16 07:01 |
2008-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284389
|
- |
|
geert_moernaut
|
lsrunase
supercrypt
|
Geert Moernaut LSrunasE and Supercrypt use an encryption key composed of an SHA1 hash of a fixed string embedded in the executable file, which makes it easier for local users to obtain this key witho…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-0580
|
2018-10-16 07:01 |
2008-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284390
|
- |
|
moernaut
|
lsrunase
supercrypt
|
Geert Moernaut LSrunasE allows local users to gain privileges by obtaining the encrypted password from a batch file, and constructing a modified batch file that specifies this password in the /passwo…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-0581
|
2018-10-16 07:01 |
2008-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
