|
292911
|
- |
|
jaxultrabb
|
jaxultrabb
|
Directory traversal vulnerability in viewprofile.php in JaxUltraBB 2.0 and earlier allows remote attackers to read arbitrary local files via a .. (dot dot) in the user parameter. party information.
|
CWE-22
Path Traversal
|
CVE-2008-2966
|
2017-09-29 10:31 |
2008-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292912
|
- |
|
cistyle
|
ciblog
|
SQL injection vulnerability in links-extern.php in CiBlog 3.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2008-2971
|
2017-09-29 10:31 |
2008-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292913
|
- |
|
mm_chat
|
mm_chat
|
Multiple cross-site scripting (XSS) vulnerabilities in chathead.php in MM Chat 1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) sitename and (2) wmessage parameters.
|
CWE-79
Cross-site Scripting
|
CVE-2008-2973
|
2017-09-29 10:31 |
2008-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292914
|
- |
|
mm_chat
|
mm_chat
|
Directory traversal vulnerability in chatconfig.php in MM Chat 1.5, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequ…
|
CWE-22
Path Traversal
|
CVE-2008-2974
|
2017-09-29 10:31 |
2008-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292915
|
- |
|
tinx_cms
|
tinx_cms
|
Cross-site scripting (XSS) vulnerability in admin/objects/obj_image.php in TinX/cms 1.1 allows remote attackers to inject arbitrary web script or HTML via the language parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-2975
|
2017-09-29 10:31 |
2008-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292916
|
- |
|
tinx_cms
|
tinx_cms
|
Multiple directory traversal vulnerabilities in TinX/cms 1.1, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences i…
|
CWE-22
Path Traversal
|
CVE-2008-2976
|
2017-09-29 10:31 |
2008-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292917
|
- |
|
ourvideo_cms
|
ourvideo_cms
|
Multiple PHP remote file inclusion vulnerabilities in Ourvideo CMS 9.5 allow remote attackers to execute arbitrary PHP code via a URL in the include_connection parameter to (1) edit_top_feature.php a…
|
CWE-94
Code Injection
|
CVE-2008-2977
|
2017-09-29 10:31 |
2008-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292918
|
- |
|
ourvideocms
|
ourvideo_cms
|
Directory traversal vulnerability in phpi/rss.php in Ourvideo CMS 9.5, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal s…
|
CWE-22
Path Traversal
|
CVE-2008-2978
|
2017-09-29 10:31 |
2008-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292919
|
- |
|
ourvideo_cms
|
ourvideo_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in phpi/login.php in Ourvideo CMS 9.5 allow remote attackers to inject arbitrary web script or HTML via the (1) top_page and (2) end_page parameter…
|
CWE-79
Cross-site Scripting
|
CVE-2008-2979
|
2017-09-29 10:31 |
2008-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292920
|
- |
|
homeph_design
|
homeph_design
|
Multiple cross-site scripting (XSS) vulnerabilities in HomePH Design 2.10 RC2 allow remote attackers to inject arbitrary web script or HTML via the (1) error_meldung parameter to admin/features/regis…
|
CWE-79
Cross-site Scripting
|
CVE-2008-2980
|
2017-09-29 10:31 |
2008-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
