|
285341
|
- |
|
my_little_forum
|
my_little_forum
|
Cross-site scripting (XSS) vulnerability in My Little Forum 1.75 and 2.0 Beta 23 allows remote attackers to inject arbitrary web script or HTML via BBcode IMG tags.
|
CWE-79
Cross-site Scripting
|
CVE-2008-4871
|
2018-10-12 05:53 |
2008-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285342
|
- |
|
philips_electronics
|
voip841_dect_phone
|
The web component in Philips Electronics VOIP841 DECT Phone with firmware 1.0.4.50 and 1.0.4.80 has a back door "service" account with "service" as its password, which makes it easier for remote atta…
|
CWE-255
Credentials Management
|
CVE-2008-4874
|
2018-10-12 05:53 |
2008-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285343
|
- |
|
philips_electronics
|
voip841_dect_phone
|
Directory traversal vulnerability in the web server in Philips Electronics VOIP841 DECT Phone with firmware 1.0.4.50 and 1.0.4.80 allows remote authenticated users to read arbitrary files via a .. (d…
|
CWE-22
Path Traversal
|
CVE-2008-4875
|
2018-10-12 05:53 |
2008-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285344
|
- |
|
philips_electronics
|
voip841_dect_phone
|
Cross-site scripting (XSS) vulnerability in the web server component in Philips Electronics VOIP841 DECT Phone with firmware 1.0.4.50 and 1.0.4.80 allows remote attackers to inject arbitrary web scri…
|
CWE-79
Cross-site Scripting
|
CVE-2008-4876
|
2018-10-12 05:53 |
2008-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285345
|
- |
|
sun
|
java_web_start
|
The BasicService in Sun Java Web Start allows remote attackers to execute arbitrary programs on a client machine via a file:// URL argument to the showDocument method.
|
NVD-CWE-noinfo
CWE-20
Improper Input Validation
|
CVE-2008-4910
|
2018-10-12 05:53 |
2008-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285346
|
- |
|
firmchannel
|
digital_signage
|
Cross-site scripting (XSS) vulnerability in the account module in firmCHANNEL Digital Signage 3.24, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via t…
|
CWE-79
Cross-site Scripting
|
CVE-2008-4931
|
2018-10-12 05:53 |
2008-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285347
|
- |
|
comingchina
|
u-mail_webmail_server
|
webmail/modules/filesystem/edit.php in U-Mail Webmail server 4.91 allows remote attackers to overwrite arbitrary files via an absolute pathname in the path parameter and arbitrary content in the cont…
|
CWE-20
Improper Input Validation
|
CVE-2008-4932
|
2018-10-12 05:53 |
2008-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285348
|
- |
|
enomaly
|
elastic_computing_platform
|
Enomaly Elastic Computing Platform (ECP), formerly Enomalism, before 2.1.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/enomalism2.pid temporary file.
|
CWE-59
Link Following
|
CVE-2008-4990
|
2018-10-12 05:53 |
2009-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285349
|
- |
|
nortel
|
unistim_ip_phone
|
Nortel Networks UNIStim IP Phone 0604DAS allows remote attackers to cause a denial of service (crash) via a long ping packet ("ping of death"). NOTE: this issue could not be reproduced by a third pa…
|
CWE-20
Improper Input Validation
|
CVE-2008-4999
|
2018-10-12 05:53 |
2008-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285350
|
- |
|
linux
|
linux_kernel
|
The __scm_destroy function in net/core/scm.c in the Linux kernel 2.6.27.4, 2.6.26, and earlier makes indirect recursive calls to itself through calls to the fput function, which allows local users to…
|
NVD-CWE-Other
|
CVE-2008-5029
|
2018-10-12 05:53 |
2008-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
