|
293111
|
- |
|
vacation_rentals
|
vacation_rental_script
|
SQL injection vulnerability in index.php in Vacation Rental Script 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a sections action.
|
CWE-89
SQL Injection
|
CVE-2008-3603
|
2017-09-29 10:31 |
2008-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293112
|
- |
|
articlefriendly
|
article_friendly
|
SQL injection vulnerability in categorydetail.php in Article Friendly Standard allows remote attackers to execute arbitrary SQL commands via the Cat parameter.
|
CWE-89
SQL Injection
|
CVE-2008-3649
|
2017-09-29 10:31 |
2008-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293113
|
- |
|
articlefriendly
|
article_friendly
|
Regarding Access Complexity:
http://secunia.com/advisories/31292:
"Input passed to the "autid" parameter in authordetail.php and to the "Cat" parameter in categorydetail.php is not properly san…
|
CWE-89
SQL Injection
|
CVE-2008-3649
|
2017-09-29 10:31 |
2008-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293114
|
- |
|
zeescripts
|
zeereviews
|
SQL injection vulnerability in comments.php in ZeeScripts Reviews Opinions Rating Posting Engine Web-Site PHP Script (aka ZeeReviews) allows remote attackers to execute arbitrary SQL commands via the…
|
CWE-89
SQL Injection
|
CVE-2008-3669
|
2017-09-29 10:31 |
2008-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293115
|
- |
|
articlefriendly
|
article_friendly
|
SQL injection vulnerability in authordetail.php in Article Friendly Pro allows remote attackers to execute arbitrary SQL commands via the autid parameter.
|
CWE-89
SQL Injection
|
CVE-2008-3670
|
2017-09-29 10:31 |
2008-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293116
|
- |
|
pozscripts
|
classified_ads
|
SQL injection vulnerability in browsecats.php in PozScripts Classified Ads allows remote attackers to execute arbitrary SQL commands via the cid parameter, a different vector than CVE-2008-3672.
|
CWE-89
SQL Injection
|
CVE-2008-3673
|
2017-09-29 10:31 |
2008-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293117
|
- |
|
pozscripts
|
tubeguru_video_sharing_script
|
SQL injection vulnerability in ugroups.php in PozScripts TubeGuru Video Sharing Script allows remote attackers to execute arbitrary SQL commands via the UID parameter.
|
CWE-89
SQL Injection
|
CVE-2008-3674
|
2017-09-29 10:31 |
2008-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293118
|
- |
|
gelatocms
|
gelatocms
|
Directory traversal vulnerability in classes/imgsize.php in Gelato 0.95 allows remote attackers to read arbitrary files via (1) a .. (dot dot) and possibly (2) a full pathname in the img parameter. …
|
CWE-22
Path Traversal
|
CVE-2008-3675
|
2017-09-29 10:31 |
2008-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293119
|
- |
|
joomla
|
com_user
|
components/com_user/models/reset.php in Joomla! 1.5 through 1.5.5 does not properly validate reset tokens, which allows remote attackers to reset the "first enabled user (lowest id)" password, typica…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-3681
|
2017-09-29 10:31 |
2008-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293120
|
- |
|
jcomsoft
speedbit
|
anigif
download_accelerator_plus
|
Multiple stack-based buffer overflows in the Animation GIF ActiveX control in JComSoft AniGIF.ocx 1.12 and 2.47, as used in products such as SpeedBit Download Accelerator Plus (DAP) 8.6, allow remote…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-3702
|
2017-09-29 10:31 |
2008-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
