268381
|
- |
|
calendarix
|
basic
|
Multiple SQL injection vulnerabilities in Calendarix Basic 0.8.20071118 allow remote attackers to execute arbitrary SQL commands via (1) the catsearch parameter to cal_search.php or (2) the catview p…
|
CWE-89
SQL Injection
|
CVE-2008-2429
|
2008-11-26 14:00 |
2008-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268382
|
- |
|
novell
|
iprint
|
Insecure method vulnerability in the GetFileList method in an unspecified ActiveX control in Novell iPrint Client before 5.06 allows remote attackers to list the image files in an arbitrary directory…
|
CWE-200
Information Exposure
|
CVE-2008-2432
|
2008-11-26 14:00 |
2008-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268383
|
- |
|
adobe
|
flash_media_server
|
The default configuration of Adobe Flash Media Server (FMS) 3.0 does not enable SWF Verification for (1) RTMPE and (2) RTMPTE sessions, which makes it easier for remote attackers to make copies of vi…
|
CWE-16
Configuration
|
CVE-2008-5109
|
2008-11-26 14:00 |
2008-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268384
|
- |
|
adobe
|
flash_media_server
|
Guide for enabling SWF verification = http://kb.adobe.com/selfservice/viewContent.do?externalId=kb405456&sliceId=2
|
CWE-16
Configuration
|
CVE-2008-5109
|
2008-11-26 14:00 |
2008-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268385
|
- |
|
novell
|
iprint
|
Stack-based buffer overflow in the ExecuteRequest method in the Novell iPrint ActiveX control in ienipp.ocx in Novell iPrint Client 5.06 and earlier allows remote attackers to execute arbitrary code …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-5231
|
2008-11-26 14:00 |
2008-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268386
|
- |
|
web-app.org
|
webapp
|
Unspecified vulnerability in web-app.org Web Automated Perl Portal (WebAPP) 0.9.9.4 to 0.9.9.6 allows remote attackers to obtain admin access by modifying cookies and performing "certain consecutive …
|
NVD-CWE-noinfo CWE-352
Origin Validation Error
|
CVE-2007-1489
|
2008-11-23 14:00 |
2007-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268387
|
- |
|
erl_wustl
|
ctn
|
add-accession-numbers in ctn 3.0.6 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/accession temporary file.
|
CWE-59
Link Following
|
CVE-2008-5146
|
2008-11-19 01:00 |
2008-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268388
|
- |
|
abottoms
|
mayavi
|
test_parser.py in mayavi 1.5 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/err.log temporary file.
|
CWE-59
Link Following
|
CVE-2008-5151
|
2008-11-19 01:00 |
2008-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268389
|
- |
|
typo3
|
another_backend_login
|
SQL injection vulnerability in TYPO3 Another Backend Login (wrg_anotherbelogin) extension before 0.0.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2008-5087
|
2008-11-17 23:39 |
2008-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268390
|
- |
|
kkeim
|
kmita_catalogue
|
Cross-site scripting (XSS) vulnerability in search.php in Kmita Catalogue 2.x allows remote attackers to inject arbitrary web script or HTML via the q parameter. NOTE: the provenance of this informa…
|
CWE-79
Cross-site Scripting
|
CVE-2008-5067
|
2008-11-17 14:00 |
2008-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|