|
285211
|
- |
|
textpattern
|
textpattern
|
Cross-site scripting (XSS) vulnerability in textarea/index.php in Textpattern (aka Txp CMS) 4.0.6 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the Body par…
|
CWE-79
Cross-site Scripting
|
CVE-2008-5757
|
2018-10-12 05:56 |
2008-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285212
|
- |
|
arabportal
|
arab_portal
|
Directory traversal vulnerability in mod.php in Arab Portal 2.1 on Windows allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, in conjunction with a show action.
|
CWE-22
Path Traversal
|
CVE-2008-5787
|
2018-10-12 05:56 |
2008-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285213
|
- |
|
indisguise
|
indiscripts_enthusiast
|
PHP remote file inclusion vulnerability in show_joined.php in Indiscripts Enthusiast 3.1.4, and possibly earlier, allows remote attackers to execute arbitrary PHP code via a URL in the path parameter…
|
CWE-94
Code Injection
|
CVE-2008-5792
|
2018-10-12 05:56 |
2008-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285214
|
- |
|
fujitsu-siemens
|
webtransactions
|
WBPublish (aka WBPublish.exe) in Fujitsu-Siemens WebTransactions 7.0, 7.1, and possibly other versions allows remote attackers to execute arbitrary commands via shell metacharacters in input that is …
|
CWE-20
Improper Input Validation
|
CVE-2008-5810
|
2018-10-12 05:56 |
2009-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285215
|
- |
|
fujitsu-siemens
|
webtransactions
|
A patch and vendor advisory for this vulnerability is available at:
http://bs2www.fujitsu-siemens.de/update/securitypatch.htm
|
CWE-20
Improper Input Validation
|
CVE-2008-5810
|
2018-10-12 05:56 |
2009-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285216
|
- |
|
microsoft
|
windows_live_messenger
|
Microsoft Windows Live Messenger Client 8.5.1 and earlier, when MSN Protocol Version 15 (MSNP15) is used over a NAT session, allows remote attackers to discover intranet IP addresses and port numbers…
|
CWE-200
Information Exposure
|
CVE-2008-5828
|
2018-10-12 05:56 |
2009-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285217
|
- |
|
chicomas
|
chicomas
|
Chilek Content Management System (aka ChiCoMaS) 2.0.4 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to (1) obtain databas…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-5853
|
2018-10-12 05:56 |
2009-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285218
|
- |
|
proxim
|
tsunami_mp.11_2411
|
The Proxim Wireless Tsunami MP.11 2411 with firmware 3.0.3 has public as its default SNMP read/write community, which makes it easier for remote attackers to obtain sensitive information or modify SN…
|
CWE-94
Code Injection
|
CVE-2008-5866
|
2018-10-12 05:56 |
2009-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285219
|
- |
|
proxim
|
tsunami_mp.11_2411
|
Cross-site scripting (XSS) vulnerability in the Proxim Wireless Tsunami MP.11 2411 with firmware 3.0.3 allows remote authenticated users to inject arbitrary web script or HTML via the system.sysName.…
|
CWE-79
Cross-site Scripting
|
CVE-2008-5869
|
2018-10-12 05:56 |
2009-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285220
|
- |
|
faststone
|
image_viewer
|
FastStone Image Viewer 3.6 allows user-assisted attackers to cause a denial of service (application crash) via a malformed BMP image with large width and height values, possibly a related issue to CV…
|
CWE-20
Improper Input Validation
|
CVE-2008-5870
|
2018-10-12 05:56 |
2009-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
