|
293231
|
- |
|
shop-script
|
shop-script
|
Directory traversal vulnerability in index.php in Shop-Script 2.0 and possibly other versions allows remote attackers to read arbitrary files via a .. (dot dot) in the aux_page parameter.
|
CWE-22
Path Traversal
|
CVE-2008-0158
|
2017-09-29 10:30 |
2008-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293232
|
- |
|
eggblog
|
eggblog
|
SQL injection vulnerability in index.php in eggBlog 3.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the eggblogpassword parameter in a cookie.
|
CWE-89
SQL Injection
|
CVE-2008-0159
|
2017-09-29 10:30 |
2008-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293233
|
- |
|
spacial_audio_solutions
|
samphpweb
|
SQL injection vulnerability in songinfo.php in SAM Broadcaster samPHPweb, possibly 4.2.2 and earlier, allows remote attackers to execute arbitrary SQL commands via the songid parameter.
|
CWE-89
SQL Injection
|
CVE-2008-0187
|
2017-09-29 10:30 |
2008-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293234
|
- |
|
uebimiau
|
webmail
|
Uebimiau Webmail 2.7.10 and 2.7.2 does not protect authentication state variables from being set through HTTP requests, which allows remote attackers to bypass authentication via a sess[auth]=1 param…
|
CWE-287
Improper Authentication
|
CVE-2008-0210
|
2017-09-29 10:30 |
2008-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293235
|
- |
|
php_webquest
|
php_webquest
|
SQL injection vulnerability in soporte_horizontal_w.php in PHP Webquest 2.6 allows remote attackers to execute arbitrary SQL commands via the id_actividad parameter, a different vector than CVE-2007-…
|
CWE-89
SQL Injection
|
CVE-2008-0219
|
2017-09-29 10:30 |
2008-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293236
|
- |
|
gateway
|
cweblaunchctl_activex_control
weblaunch
|
Multiple stack-based buffer overflows in the WebLaunch.WeblaunchCtl.1 (aka CWebLaunchCtl) ActiveX control in weblaunch.ocx 1.0.0.1 in Gateway Weblaunch allow remote attackers to execute arbitrary cod…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-0220
|
2017-09-29 10:30 |
2008-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293237
|
- |
|
gateway
|
weblaunch
|
Directory traversal vulnerability in the WebLaunch.WeblaunchCtl.1 (aka CWebLaunchCtl) ActiveX control in weblaunch.ocx 1.0.0.1 in Gateway Weblaunch allows remote attackers to execute arbitrary progra…
|
CWE-22
Path Traversal
|
CVE-2008-0221
|
2017-09-29 10:30 |
2008-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293238
|
- |
|
wordpress
|
filemanager
|
Unrestricted file upload vulnerability in ajaxfilemanager.php in the Wp-FileManager 1.2 plugin for WordPress allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors.
|
CWE-94
Code Injection
|
CVE-2008-0222
|
2017-09-29 10:30 |
2008-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293239
|
- |
|
osdate
|
osdate
|
PHP remote file inclusion vulnerability in php121db.php in osDate 2.0.8 and possibly earlier versions allows remote attackers to execute arbitrary PHP code via a URL in the php121dir parameter.
|
CWE-94
Code Injection
|
CVE-2008-0230
|
2017-09-29 10:30 |
2008-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293240
|
- |
|
zero_cms
|
zero_cms
|
Multiple SQL injection vulnerabilities in Zero CMS 1.0 Alpha allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to index.php, or the (2) f or t parameters to forums/ind…
|
CWE-89
SQL Injection
|
CVE-2008-0232
|
2017-09-29 10:30 |
2008-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
