|
285081
|
- |
|
baidu
|
baidu_hi
|
Stack-based buffer overflow in CSTransfer.dll in Baidu Hi IM might allow remote attackers to execute arbitrary code via a crafted packet, probably related to an improper length value.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-6444
|
2018-10-12 05:57 |
2009-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285082
|
- |
|
blogator-script
|
blogator-script
|
_blogadata/include/init_pass2.php in Blogator-script 0.95 allows remote attackers to change the password for arbitrary users via a modified "a" parameter with a "%" wildcard symbol in the b parameter.
|
CWE-255
Credentials Management
|
CVE-2008-6473
|
2018-10-12 05:57 |
2009-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285083
|
- |
|
parallels
|
virtuozzo_containers
|
Cross-site request forgery (CSRF) vulnerability in the file manager in the VZPP web interface for Parallels Virtuozzo 365.6.swsoft (build 4.0.0-365.6.swsoft) and 25.4.swsoft (build 3.0.0-25.4.swsoft)…
|
CWE-352
Origin Validation Error
|
CVE-2008-6478
|
2018-10-12 05:57 |
2009-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285084
|
- |
|
parallels
|
parallels_virtuozzo
|
Cross-site request forgery (CSRF) vulnerability in the "change password" feature in the VZPP web interface for Parallels Virtuozzo 25.4.swsoft (build 3.0.0-25.4.swsoft) allows remote attackers to mod…
|
CWE-352
Origin Validation Error
|
CVE-2008-6479
|
2018-10-12 05:57 |
2009-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285085
|
- |
|
softnews_media_group
|
datalife_engine
|
Cross-site request forgery (CSRF) vulnerability in engine/modules/imagepreview.php in Datalife Engine 6.7 allows remote attackers to hijack the authentication of arbitrary users for requests that use…
|
CWE-352
Origin Validation Error
|
CVE-2008-6480
|
2018-10-12 05:57 |
2009-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285086
|
- |
|
shatm
|
sharedlog
|
PHP remote file inclusion vulnerability in slideshow_uploadvideo.content.php in SharedLog, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the GLO…
|
CWE-94
Code Injection
|
CVE-2008-6486
|
2018-10-12 05:57 |
2009-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285087
|
- |
|
tp
|
neostrada_livebox_adsl_router
|
The Neostrada Livebox ADSL Router allows remote attackers to cause a denial of service (network outage) via multiple HTTP requests for the /- URI.
|
CWE-20
Improper Input Validation
|
CVE-2008-6497
|
2018-10-12 05:57 |
2009-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285088
|
- |
|
prestashop
|
prestashop
|
Multiple cross-site scripting (XSS) vulnerabilities in PrestaShop 1.1.0.3 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) admin/login.php and (2) order.php.
|
CWE-79
Cross-site Scripting
|
CVE-2008-6503
|
2018-10-12 05:57 |
2009-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285089
|
- |
|
igniterealtime
|
openfire
|
Directory traversal vulnerability in the AuthCheck filter in the Admin Console in Openfire 3.6.0a and earlier allows remote attackers to bypass authentication and access the admin interface via a .. …
|
CWE-22
Path Traversal
|
CVE-2008-6508
|
2018-10-12 05:57 |
2009-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285090
|
- |
|
igniterealtime
|
openfire
|
SQL injection vulnerability in CallLogDAO in SIP Plugin in Openfire 3.6.0a and earlier allows remote attackers to execute arbitrary SQL commands via the type parameter to sipark-log-summary.jsp.
|
CWE-89
SQL Injection
|
CVE-2008-6509
|
2018-10-12 05:57 |
2009-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
