|
291781
|
- |
|
scripts_for_sites
|
ez_career
|
SQL injection vulnerability in content.php in Scripts For Sites (SFS) EZ Career allows remote attackers to execute arbitrary SQL commands via the topic parameter.
|
CWE-89
SQL Injection
|
CVE-2008-6867
|
2017-09-29 10:33 |
2009-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291782
|
- |
|
oramon
|
oramon
|
Oramon Oracle Database Monitoring Tool 2.0.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing credenti…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6869
|
2017-09-29 10:33 |
2009-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291783
|
- |
|
merlix
|
educate_server
|
Merlix Educate Server allows remote attackers to bypass intended security restrictions and obtain sensitive information via a direct request to (1) config.asp and (2) users.asp.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6870
|
2017-09-29 10:33 |
2009-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291784
|
- |
|
merlix
|
educate_server
|
Merlix Educate Server stores db.mdb under the web root with insufficient access control, which allows remote attackers to obtain unspecified sensitive information via a direct request.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6871
|
2017-09-29 10:33 |
2009-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291785
|
- |
|
aspthai.net
|
aspthai_forums
|
ASPThai.NET ASPThai Forums 8.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for database…
|
CWE-200
Information Exposure
|
CVE-2008-6872
|
2017-09-29 10:33 |
2009-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291786
|
- |
|
activewebsoftwares
|
active_web_mail
|
SQL injection vulnerability in Active Web Mail 4.0 allows remote attackers to execute arbitrary SQL commands via the TabOpenQuickTab1 parameter to (1) popaccounts.aspx, (2) addressbook.aspx, and (3) …
|
CWE-89
SQL Injection
|
CVE-2008-6873
|
2017-09-29 10:33 |
2009-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291787
|
- |
|
aspsiteware
|
autodealer
|
Multiple SQL injection vulnerabilities in ASP SiteWare autoDealer 1 and 2 allow remote attackers to execute arbitrary SQL commands via the iType parameter in (1) Auto1/type.asp or (2) auto2/type.asp.
|
CWE-89
SQL Injection
|
CVE-2008-6874
|
2017-09-29 10:33 |
2009-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291788
|
- |
|
joompolitan
|
com_livechat
|
Multiple SQL injection vulnerabilities in the Live Chat (com_livechat) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the last parameter to (1) getChat.php, (2…
|
CWE-89
SQL Injection
|
CVE-2008-6881
|
2017-09-29 10:33 |
2009-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291789
|
- |
|
joompolitan
|
com_livechat
|
Live Chat (com_livechat) component 1.0 for Joomla! allows remote attackers to use the xmlhttp.php script as an open HTTP proxy to hide network scanning activities or scan internal networks via a GET …
|
CWE-20
Improper Input Validation
|
CVE-2008-6882
|
2017-09-29 10:33 |
2009-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291790
|
- |
|
joompolitan
|
com_livechat
|
SQL injection vulnerability in the Live Chat (com_livechat) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the last parameter to getChatRoom.php. NOTE: the p…
|
CWE-89
SQL Injection
|
CVE-2008-6883
|
2017-09-29 10:33 |
2009-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
