|
298201
|
- |
|
editeurscripts
|
esfaq
|
SQL injection vulnerability in questions.php in EsFaq 2.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter, a different vector than CVE-2008-3952. NOTE: the provenance…
|
CWE-89
SQL Injection
|
CVE-2008-6016
|
2017-08-8 10:33 |
2009-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298202
|
- |
|
do-cms
|
do-cms
|
SQL injection vulnerability in index.php in EACOMM DO-CMS 3.0 allows remote attackers to execute arbitrary SQL commands via the p parameter. NOTE: the provenance of this information is unknown; the …
|
CWE-89
SQL Injection
|
CVE-2008-6019
|
2017-08-8 10:33 |
2009-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298203
|
- |
|
drupal
|
views
|
SQL injection vulnerability in the Views module 6.x before 6.x-2.2 for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to "an exposed filter on CCK te…
|
CWE-89
SQL Injection
|
CVE-2008-6020
|
2017-08-8 10:33 |
2009-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298204
|
- |
|
attachmate
|
reflection_for_secure_it
|
Multiple unspecified vulnerabilities in Attachmate Reflection for Secure IT UNIX Client and Server before 7.0 SP1 have unknown impact and attack vectors, aka "security vulnerabilities found by 3rd pa…
|
NVD-CWE-noinfo
|
CVE-2008-6021
|
2017-08-8 10:33 |
2009-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298205
|
- |
|
sun
|
opensolaris
solaris
|
Unspecified vulnerability in the NFSv4 client module in the kernel on Sun Solaris 10 and OpenSolaris before snv_37, when automountd is used, allows user-assisted remote attackers to cause a denial of…
|
CWE-399
Resource Management Errors
|
CVE-2008-6024
|
2017-08-8 10:33 |
2009-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298206
|
- |
|
bluecube
|
bluecube_cms
|
SQL injection vulnerability in tienda.php in BlueCUBE CMS allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2008-6026
|
2017-08-8 10:33 |
2009-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298207
|
- |
|
achievo
|
achievo
|
Cross-site scripting (XSS) vulnerability in dispatch.php in Achievo 1.3.2 allows remote attackers to inject arbitrary web script or HTML via the atkaction parameter. NOTE: the provenance of this inf…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6034
|
2017-08-8 10:33 |
2009-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298208
|
- |
|
achievo
|
achievo
|
Cross-site scripting (XSS) vulnerability in dispatch.php in Achievo 1.3.2-STABLE allows remote attackers to inject arbitrary web script or HTML via the atknodetype parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-6035
|
2017-08-8 10:33 |
2009-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298209
|
- |
|
preprojects
|
pre_e-learning_portal
|
PreProjects Pre E-Learning Portal stores db_elearning.mdb under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6052
|
2017-08-8 10:33 |
2009-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298210
|
- |
|
preprojects
|
pre_resume_submitter
|
PreProjects Pre Resume Submitter stores onlineresume.mdb under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6053
|
2017-08-8 10:33 |
2009-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
