|
293591
|
- |
|
myknowledgequest
|
knowledgequest
|
Multiple SQL injection vulnerabilities in KnowledgeQuest 2.6, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) kqid parameter to (a) articletext…
|
CWE-89
SQL Injection
|
CVE-2008-1726
|
2017-09-29 10:30 |
2008-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293592
|
- |
|
myknowledgequest
|
knowledgequest
|
KnowledgeQuest 2.5 and 2.6 does not require authentication for access to admincheck.php, which allows remote attackers to create arbitrary admin accounts.
|
CWE-287
Improper Authentication
|
CVE-2008-1727
|
2017-09-29 10:30 |
2008-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293593
|
- |
|
predictionfootball
|
predictionfootball
|
SQL injection vulnerability in showpredictionsformatch.php in Prediction Football 1.x allows remote attackers to execute arbitrary SQL commands via the matchid parameter in a dupa action.
|
CWE-89
SQL Injection
|
CVE-2008-1732
|
2017-09-29 10:30 |
2008-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293594
|
- |
|
livecart
|
livecart
|
SQL injection vulnerability in Integry Systems LiveCart 1.1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter to the /category URI.
|
CWE-89
SQL Injection
|
CVE-2008-1750
|
2017-09-29 10:30 |
2008-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293595
|
- |
|
ksemail
|
ksemail
|
Multiple directory traversal vulnerabilities in index.php in Ksemail allow remote attackers to read arbitrary local files via a .. (dot dot) in the (1) language and (2) lang parameters.
|
CWE-22
Path Traversal
|
CVE-2008-1751
|
2017-09-29 10:30 |
2008-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293596
|
- |
|
zekewalker
|
world_of_phaos
|
Directory traversal vulnerability in the showSource function in showSource.php in World of Phaos 4.0.1 allows remote attackers to read arbitrary files via directory traversal sequences in the file pa…
|
CWE-22
Path Traversal
|
CVE-2008-1755
|
2017-09-29 10:30 |
2008-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293597
|
- |
|
kwsphp
|
kwsphp
|
SQL injection vulnerability in the ConcoursPhoto module for KwsPHP allows remote attackers to execute arbitrary SQL commands via the C_ID parameter to index.php.
|
CWE-89
SQL Injection
|
CVE-2008-1758
|
2017-09-29 10:30 |
2008-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293598
|
- |
|
jeuxflash
kwsphp
|
jeuxflash_module
kwsphp
|
SQL injection vulnerability in the jeuxflash module for KwsPHP allows remote attackers to execute arbitrary SQL commands via the cat parameter to index.php, a different vector than CVE-2007-4922.
|
CWE-89
SQL Injection
|
CVE-2008-1759
|
2017-09-29 10:30 |
2008-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293599
|
- |
|
adobe
|
photoshop
|
Buffer overflow in Adobe Photoshop Album Starter Edition 3.2, and possibly After Effects CS3, allows user-assisted remote attackers and physically proximate attackers to execute arbitrary code via a …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-1765
|
2017-09-29 10:30 |
2008-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293600
|
- |
|
redhat
|
desktop
enterprise_linux
enterprise_linux_desktop
enterprise_linux_desktop_workstation
linux_advanced_workstation
|
Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a lo…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-1767
|
2017-09-29 10:30 |
2008-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
