|
285021
|
- |
|
eye.fi
|
eye-fi_manager
|
WS-Proxy in Eye-Fi 1.1.2 allows remote attackers to cause a denial of service (crash) via an empty query string to port 59278 and other unspecified vectors.
|
NVD-CWE-Other
|
CVE-2008-7137
|
2018-10-12 05:58 |
2009-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285022
|
- |
|
eye.fi
|
eye-fi_manager
|
The Manager in Eye-Fi 1.1.2 generates predictable snonce values based on the time of day, which allows remote attackers to bypass authentication and upload arbitrary images by guessing the snonce.
|
CWE-310
Cryptographic Issues
|
CVE-2008-7138
|
2018-10-12 05:58 |
2009-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285023
|
- |
|
eye.fi
|
eye-fi_manager
|
Multiple cross-site request forgery (CSRF) vulnerabilities in WS-Proxy in Eye-Fi 1.1.2 allow remote attackers to hijack the authentication of users for requests that modify configuration via a SOAPAc…
|
CWE-352
Origin Validation Error
|
CVE-2008-7139
|
2018-10-12 05:58 |
2009-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285024
|
- |
|
cpanel
|
cpanel
|
Absolute path traversal vulnerability in the Disk Usage module (frontend/x/diskusage/index.html) in cPanel 11.18.3 allows remote attackers to list arbitrary directories via the showtree parameter.
|
CWE-22
Path Traversal
|
CVE-2008-7142
|
2018-10-12 05:58 |
2009-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285025
|
- |
|
phpbb
|
phpbb
|
phpBB 2.0.23 includes the session ID in a request to modcp.php when the moderator or administrator closes a thread, which allows remote attackers to hijack the session via a post in the thread contai…
|
CWE-200
Information Exposure
|
CVE-2008-7143
|
2018-10-12 05:58 |
2009-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285026
|
- |
|
coronamatrix
|
phpaddressbook
|
Multiple SQL injection vulnerabilities in index.php in CoronaMatrix phpAddressBook 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) parameters.
|
CWE-89
SQL Injection
|
CVE-2008-7145
|
2018-10-12 05:58 |
2009-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285027
|
- |
|
fortinet
|
fortigate-1000
|
Fortinet FortiGuard Fortinet FortiGate-1000 3.00 build 040075,070111 allows remote attackers to bypass URL filtering via fragmented GET or POST requests that use HTTP/1.0 without the Host header. NO…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7161
|
2018-10-12 05:58 |
2009-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285028
|
- |
|
alice
|
gate2_plus_wi-fi
|
Cross-site request forgery in cp06_wifi_m_nocifr.cgi in the administrator panel in TELECOM ITALIA Alice Gate2 Plus Wi-Fi allows remote attackers to hijack the authentication of administrators for req…
|
CWE-352
Origin Validation Error
|
CVE-2008-7165
|
2018-10-12 05:58 |
2009-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285029
|
- |
|
gameservers
|
gsc
|
GSC build 2067 and earlier relies on the client to enforce administrator privileges, which allows remote attackers to execute arbitrary administrator commands via a crafted packet.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7170
|
2018-10-12 05:58 |
2009-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285030
|
- |
|
juracapecoffee
|
internet_connectivity_kit
|
The Jura Internet Connection Kit for the Jura Impressa F90 coffee maker does not properly restrict access to privileged functions, which allows remote attackers to cause a denial of service (physical…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7173
|
2018-10-12 05:58 |
2009-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
