|
306991
|
- |
|
insoshi
|
insoshi
|
Insoshi before 20080920 does not properly restrict the use of a hash to provide values for a model's attributes, which allows remote attackers to set the ForumPost user_id value via a modified URL, r…
|
CWE-255
Credentials Management
|
CVE-2008-7309
|
2024-11-21 09:58 |
2012-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306992
|
- |
|
apple
|
mac_os_x
|
The nonet and nointernet sandbox profiles in Apple Mac OS X 10.5.x do not propagate restrictions to all created processes, which allows remote attackers to access network resources via a crafted appl…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7303
|
2024-11-21 09:58 |
2011-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306993
|
- |
|
netshinesoftware
|
com_netinvoice
|
SQL injection vulnerability in netinvoice.php in the nBill (com_netinvoice) component 1.2.0 SP1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors involving…
|
CWE-89
SQL Injection
|
CVE-2008-7302
|
2024-11-21 09:58 |
2011-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306994
|
- |
|
sclek
|
jsite
|
SQL injection vulnerability in admin/login.php in jSite 1.0 OE allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: the provenance of this information is unkno…
|
CWE-89
SQL Injection
|
CVE-2008-7301
|
2024-11-21 09:58 |
2011-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306995
|
- |
|
sun
|
opensolaris
sunos
|
The labeled networking implementation in Solaris Trusted Extensions in Sun Solaris 10 and OpenSolaris snv_39 through snv_67, when a labeled zone is in the installed state, allows remote authenticated…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7300
|
2024-11-21 09:58 |
2011-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306996
|
- |
|
ibm
|
tivoli_federated_identity_manager
|
IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2 uses an incomplete SAML 1.x browser-artifact, which allows remote OpenID providers to spoof assertions via vectors related to the Iss…
|
CWE-20
Improper Input Validation
|
CVE-2008-7299
|
2024-11-21 09:58 |
2011-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306997
|
- |
|
google
android
|
android
android_browser
|
The Android browser in Android cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7298
|
2024-11-21 09:58 |
2011-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306998
|
- |
|
opera
|
opera_browser
|
Opera cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7297
|
2024-11-21 09:58 |
2011-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306999
|
- |
|
apple
|
safari
|
Apple Safari cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7296
|
2024-11-21 09:58 |
2011-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307000
|
- |
|
microsoft
|
internet_explorer
|
Microsoft Internet Explorer cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Se…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7295
|
2024-11-21 09:58 |
2011-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
