|
285031
|
- |
|
juracapecoffee
|
internet_connectivity_kit
|
Multiple buffer overflows in the Jura Internet Connection Kit for the Jura Impressa F90 coffee maker allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code vi…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-7174
|
2018-10-12 05:58 |
2009-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285032
|
- |
|
alex_rabe
|
nextgen_gallery
|
Cross-site scripting (XSS) vulnerability in wp-admin/admin.php in NextGEN Gallery 0.96 and earlier plugin for Wordpress allows remote attackers to inject arbitrary web script or HTML via the picture …
|
CWE-79
Cross-site Scripting
|
CVE-2008-7175
|
2018-10-12 05:58 |
2009-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285033
|
- |
|
diigo
|
diigo_toolbar
diigolet
|
Cross-site scripting (XSS) vulnerability in Diigo Toolbar and Diigolet allows remote attackers to inject arbitrary web script or HTML via a public comment.
|
CWE-79
Cross-site Scripting
|
CVE-2008-7184
|
2018-10-12 05:58 |
2009-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285034
|
- |
|
gnome
|
rhythmbox
|
GNOME Rhythmbox 0.11.5 allows remote attackers to cause a denial of service (segmentation fault and crash) via a playlist (.pls) file with a long Title field, possibly related to the g_hash_table_loo…
|
CWE-20
Improper Input Validation
|
CVE-2008-7185
|
2018-10-12 05:58 |
2009-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285035
|
- |
|
coppermine-gallery
|
coppermine_photo_gallery
|
Coppermine Photo Gallery (CPG) 1.4.14 does not restrict access to update.php, which allows remote attackers to obtain sensitive information such as the database table prefix via a direct request. NOT…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7186
|
2018-10-12 05:58 |
2009-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285036
|
- |
|
coppermine-gallery
|
coppermine_photo_gallery
|
Coppermine Photo Gallery (CPG) 1.4.14 allows remote attackers to obtain sensitive information via a direct request to include/slideshow.inc.php, which leaks the installation path in an error message.
|
CWE-200
Information Exposure
|
CVE-2008-7187
|
2018-10-12 05:58 |
2009-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285037
|
- |
|
woltlab
|
burning_board
|
Cross-site request forgery (CSRF) vulnerability in index.php in WoltLab Burning Board (wBB) 3.0.1, and possibly other 3.x versions, allows remote attackers to hijack the authentication of users for r…
|
CWE-352
Origin Validation Error
|
CVE-2008-7192
|
2018-10-12 05:58 |
2009-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285038
|
- |
|
phpkit
|
phpkit
|
PHPKIT 1.6.4 PL1 includes the session ID in the URL, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks by reading the PHPKITSID parameter from the HTTP Referer and us…
|
CWE-352
Origin Validation Error
|
CVE-2008-7193
|
2018-10-12 05:58 |
2009-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285039
|
- |
|
insane_visions
|
onecms
|
Multiple SQL injection vulnerabilities in OneCMS 2.4, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the (1) username parameter ($usernameb variable) to a_login.ph…
|
CWE-89
SQL Injection
|
CVE-2008-7208
|
2018-10-12 05:58 |
2009-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285040
|
- |
|
insane_visions
|
onecms
|
Unrestricted file upload vulnerability in the add2 action in a_upload.php in OneCMS 2.4, and possibly earlier, allows remote attackers to execute arbitrary code by uploading a file with an executable…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7209
|
2018-10-12 05:58 |
2009-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
