|
291751
|
- |
|
instinct
|
e-commerce_plugin
|
Unrestricted file upload vulnerability in image_processing.php in the e-Commerce Plugin 3.4 and earlier for Wordpress allows remote attackers to execute arbitrary code by uploading a file with an exe…
|
NVD-CWE-Other
|
CVE-2008-6811
|
2017-09-29 10:33 |
2009-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291752
|
- |
|
surat_kabar
|
phpwebnews
|
SQL injection vulnerability in bukutamu.php in phpWebNews 0.2 MySQL Edition allows remote attackers to execute arbitrary SQL commands via the det parameter.
|
CWE-89
SQL Injection
|
CVE-2008-6812
|
2017-09-29 10:33 |
2009-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291753
|
- |
|
surat_kabar
|
phpwebnews
|
SQL injection vulnerability in index.php in phpWebNews 0.2 MySQL Edition allows remote attackers to execute arbitrary SQL commands via the id_kat parameter.
|
CWE-89
SQL Injection
|
CVE-2008-6813
|
2017-09-29 10:33 |
2009-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291754
|
- |
|
jan_de_graaff
|
com_simpleboard
|
Unrestricted file upload vulnerability in image_upload.php in the SimpleBoard (com_simpleboard) component 1.0.1 and earlier for Mambo allows remote attackers to execute arbitrary code by uploading a …
|
CWE-20
Improper Input Validation
|
CVE-2008-6814
|
2017-09-29 10:33 |
2009-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291755
|
- |
|
myktools
|
myktools
|
mykdownload.php in MyKtools 2.4 does not require administrative authentication, which allows remote attackers to read a database backup by making a direct request, and then sending an unspecified req…
|
CWE-287
Improper Authentication
|
CVE-2008-6815
|
2017-09-29 10:33 |
2009-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291756
|
- |
|
newearthpt
|
imgupload
|
Unrestricted file upload vulnerability in uploadp.php in New Earth Programming Team (NEPT) imgupload (aka Image Uploader) 1.0 allows remote attackers to execute arbitrary code by uploading a file wit…
|
NVD-CWE-Other
|
CVE-2008-6822
|
2017-09-29 10:33 |
2009-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291757
|
- |
|
trixbox
|
trixbox
|
Directory traversal vulnerability in user/index.php in Fonality trixbox CE 2.6.1 and earlier allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the langChoice parame…
|
CWE-22
Path Traversal
|
CVE-2008-6825
|
2017-09-29 10:33 |
2009-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291758
|
- |
|
mhfmedia
|
ads_pro
|
dhtml.pl in MHF Media Pro allows remote attackers to execute arbitrary commands via shell metacharacters in the page parameter, as demonstrated using the (1) advert_top.htm or (2) advert_login.htm pa…
|
CWE-20
Improper Input Validation
|
CVE-2008-6826
|
2017-09-29 10:33 |
2009-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291759
|
- |
|
vicftps
|
vicftps
|
VicFTPS 5.0 allows remote attackers to cause a denial of service (crash) via a LIST command that starts with a "/\/" (forward slash, backward slash, forward slash). NOTE: this might be the same issu…
|
CWE-20
Improper Input Validation
|
CVE-2008-6829
|
2017-09-29 10:33 |
2009-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291760
|
- |
|
fuzzylime
|
fuzzylime_\(cms\)
|
Directory traversal vulnerability in commsrss.php in fuzzylime (cms) before 3.01b allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in a files array element for …
|
CWE-22
Path Traversal
|
CVE-2008-6833
|
2017-09-29 10:33 |
2009-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
