|
303401
|
- |
|
openssl
|
openssl
|
OpenSSL before 0.9.8j, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the use o…
|
CWE-310
Cryptographic Issues
|
CVE-2008-7270
|
2024-11-21 09:58 |
2010-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303402
|
- |
|
boka
|
siteengine
|
Open redirect vulnerability in api.php in SiteEngine 5.x allows user-assisted remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the forward parameter…
|
CWE-20
Improper Input Validation
|
CVE-2008-7269
|
2024-11-21 09:58 |
2010-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303403
|
- |
|
boka
|
siteengine
|
The phpinfo function in SiteEngine 5.x allows remote attackers to obtain system information by setting the action parameter to php_info in misc.php.
|
CWE-200
Information Exposure
|
CVE-2008-7268
|
2024-11-21 09:58 |
2010-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303404
|
- |
|
boka
|
siteengine
|
SQL injection vulnerability in announcements.php in SiteEngine 5.x allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2008-7267
|
2024-11-21 09:58 |
2010-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303405
|
- |
|
rsa
|
adaptive_authentication
|
Cross-site scripting (XSS) vulnerability in an unspecified Shockwave Flash file in RSA Adaptive Authentication 2.x and 5.7.x allows remote attackers to inject arbitrary web script or HTML via unknown…
|
CWE-79
Cross-site Scripting
|
CVE-2008-7266
|
2024-11-21 09:58 |
2010-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303406
|
- |
|
proftpd
|
proftpd
|
The pr_data_xfer function in ProFTPD before 1.3.2rc3 allows remote authenticated users to cause a denial of service (CPU consumption) via an ABOR command during a data transfer.
|
CWE-399
Resource Management Errors
|
CVE-2008-7265
|
2024-11-21 09:58 |
2010-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303407
|
- |
|
g.rodola
|
pyftpdlib
|
The ftp_QUIT function in ftpserver.py in pyftpdlib before 0.5.0 allows remote authenticated users to cause a denial of service (file descriptor exhaustion and daemon outage) by sending a QUIT command…
|
CWE-20
Improper Input Validation
|
CVE-2008-7264
|
2024-11-21 09:58 |
2010-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303408
|
- |
|
g.rodola
|
pyftpdlib
|
ftpserver.py in pyftpdlib before 0.5.0 does not delay its response after receiving an invalid login attempt, which makes it easier for remote attackers to obtain access via a brute-force attack.
|
CWE-287
Improper Authentication
|
CVE-2008-7263
|
2024-11-21 09:58 |
2010-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303409
|
- |
|
g.rodola
|
pyftpdlib
|
Multiple directory traversal vulnerabilities in FTPServer.py in pyftpdlib before 0.3.0 allow remote authenticated users to access arbitrary files and directories via vectors involving a symlink in a …
|
CWE-22
Path Traversal
|
CVE-2008-7262
|
2024-11-21 09:58 |
2010-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303410
|
- |
|
ibm
|
filenet_p8_application_engine
|
The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-010 records DEBUG messages containing user credentials in the log4j.xml file, which might allow local u…
|
CWE-255
Credentials Management
|
CVE-2008-7261
|
2024-11-21 09:58 |
2010-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
