|
310931
|
- |
|
boka
|
siteengine
|
SQL injection vulnerability in announcements.php in SiteEngine 5.x allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2008-7267
|
2024-11-21 09:58 |
2010-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310932
|
- |
|
rsa
|
adaptive_authentication
|
Cross-site scripting (XSS) vulnerability in an unspecified Shockwave Flash file in RSA Adaptive Authentication 2.x and 5.7.x allows remote attackers to inject arbitrary web script or HTML via unknown…
|
CWE-79
Cross-site Scripting
|
CVE-2008-7266
|
2024-11-21 09:58 |
2010-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310933
|
- |
|
proftpd
|
proftpd
|
The pr_data_xfer function in ProFTPD before 1.3.2rc3 allows remote authenticated users to cause a denial of service (CPU consumption) via an ABOR command during a data transfer.
|
CWE-399
Resource Management Errors
|
CVE-2008-7265
|
2024-11-21 09:58 |
2010-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310934
|
- |
|
g.rodola
|
pyftpdlib
|
The ftp_QUIT function in ftpserver.py in pyftpdlib before 0.5.0 allows remote authenticated users to cause a denial of service (file descriptor exhaustion and daemon outage) by sending a QUIT command…
|
CWE-20
Improper Input Validation
|
CVE-2008-7264
|
2024-11-21 09:58 |
2010-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310935
|
- |
|
g.rodola
|
pyftpdlib
|
ftpserver.py in pyftpdlib before 0.5.0 does not delay its response after receiving an invalid login attempt, which makes it easier for remote attackers to obtain access via a brute-force attack.
|
CWE-287
Improper Authentication
|
CVE-2008-7263
|
2024-11-21 09:58 |
2010-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310936
|
- |
|
g.rodola
|
pyftpdlib
|
Multiple directory traversal vulnerabilities in FTPServer.py in pyftpdlib before 0.3.0 allow remote authenticated users to access arbitrary files and directories via vectors involving a symlink in a …
|
CWE-22
Path Traversal
|
CVE-2008-7262
|
2024-11-21 09:58 |
2010-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310937
|
- |
|
ibm
|
filenet_p8_application_engine
|
The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-010 records DEBUG messages containing user credentials in the log4j.xml file, which might allow local u…
|
CWE-255
Credentials Management
|
CVE-2008-7261
|
2024-11-21 09:58 |
2010-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310938
|
- |
|
anibal_monsalve_salaz
|
ssmtp
|
The standardise function in Anibal Monsalve Salazar sSMTP 2.61 and 2.62 allows local users to cause a denial of service (application exit) via an e-mail message containing a long line that begins wit…
|
CWE-20
Improper Input Validation
|
CVE-2008-7258
|
2024-11-21 09:58 |
2010-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310939
|
- |
|
cisco
|
asa_5580
|
CRLF injection vulnerability in +webvpn+/index.html in WebVPN on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to inject arbitrary H…
|
CWE-20
Improper Input Validation
|
CVE-2008-7257
|
2024-11-21 09:58 |
2010-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310940
|
6.5 |
MEDIUM
Network
|
redhat
|
jboss_operations_network
|
In JON 2.1.x before 2.1.2 SP1, users can obtain unauthorized security information about private resources managed by JBoss ON.
|
CWE-200
Information Exposure
|
CVE-2008-5083
|
2024-11-21 09:53 |
2019-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
