|
292131
|
- |
|
lnblog
|
lnblog
|
Directory traversal vulnerability in pages/showblog.php in LnBlog 0.9.0 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (…
|
CWE-22
Path Traversal
|
CVE-2008-4712
|
2017-09-29 10:32 |
2008-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292132
|
- |
|
212cafe
|
212cafeboard
|
SQL injection vulnerability in view.php in 212cafe Board 0.07 allows remote attackers to execute arbitrary SQL commands via the qID parameter.
|
CWE-89
SQL Injection
|
CVE-2008-4713
|
2017-09-29 10:32 |
2008-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292133
|
- |
|
atomic_photo_album
|
atomic_photo_album
|
Atomic Photo Album 1.1.0 pre4 does not properly handle the apa_cookie_login and apa_cookie_password cookies, which probably allows remote attackers to bypass authentication and gain administrative ac…
|
CWE-287
Improper Authentication
|
CVE-2008-4714
|
2017-09-29 10:32 |
2008-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292134
|
- |
|
scriptdemo
|
php-lance
|
SQL injection vulnerability in show.php in BitmixSoft PHP-Lance 1.52 allows remote attackers to execute arbitrary SQL commands via the catid parameter.
|
CWE-89
SQL Injection
|
CVE-2008-4716
|
2017-09-29 10:32 |
2008-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292135
|
- |
|
zeeways
|
zeelyrics
|
SQL injection vulnerability in bannerclick.php in ZEELYRICS 2.0 allows remote attackers to execute arbitrary SQL commands via the adid parameter.
|
CWE-89
SQL Injection
|
CVE-2008-4717
|
2017-09-29 10:32 |
2008-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292136
|
- |
|
x7_group
|
x7_chat
|
Directory traversal vulnerability in help/mini.php in X7 Chat 2.0.1 A1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the help_f…
|
CWE-22
Path Traversal
|
CVE-2008-4718
|
2017-09-29 10:32 |
2008-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292137
|
- |
|
openengine
|
openengine
|
PHP remote file inclusion vulnerability in cms/classes/openengine/filepool.php in openEngine 2.0 beta2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a U…
|
CWE-94
Code Injection
|
CVE-2008-4719
|
2017-09-29 10:32 |
2008-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292138
|
- |
|
arzdev
|
gemini_portal
|
Multiple PHP remote file inclusion vulnerabilities in The Gemini Portal 4.7 allow remote attackers to execute arbitrary PHP code via a URL in the lang parameter to (1) page/forums/bottom.php and (2) …
|
CWE-94
Code Injection
|
CVE-2008-4720
|
2017-09-29 10:32 |
2008-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292139
|
- |
|
php_jabbers
|
post_comment
|
PHP Jabbers Post Comment 3.0 allows remote attackers to bypass authentication and gain administrative access by setting the PostCommentsAdmin cookie to "logged."
|
NVD-CWE-noinfo
CWE-287
CWE-200
Improper Authentication
Information Exposure
|
CVE-2008-4721
|
2017-09-29 10:32 |
2008-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292140
|
- |
|
hummingbird
|
exceed
exceed_powersuite
|
Stack-based buffer overflow in Hummingbird.XWebHostCtrl.1 ActiveX control (hclxweb.dll) in Hummingbird Xweb ActiveX Control 13.0 and earlier allows remote attackers to execute arbitrary code via a lo…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-4729
|
2017-09-29 10:32 |
2008-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
