270001
|
- |
|
pedro_santana_codice
|
cms
|
SQL injection vulnerability in login.php in Pedro Santana Codice CMS allows remote attackers to execute arbitrary SQL commands via the username field. NOTE: the provenance of this information is unk…
|
CWE-89
SQL Injection
|
CVE-2008-0651
|
2008-09-6 06:35 |
2008-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270002
|
- |
|
website_meta_language
|
website_meta_language
|
wml_backend/p1_ipp/ipp.src in Website META Language (WML) 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on the ipp.$$.tmp temporary file.
|
CWE-59
Link Following
|
CVE-2008-0665
|
2008-09-6 06:35 |
2008-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270003
|
- |
|
website_meta_language
|
website_meta_language
|
Website META Language (WML) 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on (1) the /tmp/pe.tmp.$$ temporary file used by wml_contrib/wmg.cgi and (2) temporary files us…
|
CWE-59
Link Following
|
CVE-2008-0666
|
2008-09-6 06:35 |
2008-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270004
|
- |
|
sift
|
unity
|
Cross-site scripting (XSS) vulnerability in search.cgi in Sift Unity allows remote attackers to inject arbitrary web script or HTML via the qt parameter. NOTE: the provenance of this information is …
|
CWE-79
Cross-site Scripting
|
CVE-2008-0669
|
2008-09-6 06:35 |
2008-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270005
|
- |
|
itechscripts
|
itechclassifieds
|
Cross-site scripting (XSS) vulnerability in ViewCat.php in iTechClassifieds 3.0 allows remote attackers to inject arbitrary web script or HTML via the CatID parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-0684
|
2008-09-6 06:35 |
2008-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270006
|
- |
|
itechscripts
|
itechclassifieds
|
SQL injection vulnerability in ViewCat.php in iTechClassifieds 3.0 allows remote attackers to execute arbitrary SQL commands via the CatID parameter.
|
CWE-89
SQL Injection
|
CVE-2008-0685
|
2008-09-6 06:35 |
2008-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270007
|
- |
|
crux_software
|
cruxcms
|
Cross-site scripting (XSS) vulnerability in search.php in Crux Software CruxCMS 3.0 allows remote attackers to inject arbitrary web script or HTML via the search parameter. NOTE: the provenance of t…
|
CWE-79
Cross-site Scripting
|
CVE-2008-0700
|
2008-09-6 06:35 |
2008-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270008
|
- |
|
planetluc
|
mynews
|
Cross-site scripting (XSS) vulnerability in mynews.inc.php in MyNews 1.6.4, and other earlier 1.6.x versions, allows remote attackers to inject arbitrary web script or HTML via the hash parameter in …
|
CWE-79
Cross-site Scripting
|
CVE-2008-0723
|
2008-09-6 06:35 |
2008-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270009
|
- |
|
titan
|
ftp_server
|
Multiple heap-based buffer overflows in the (1) FTP service and (2) administration service in Titan FTP Server 6.0.5.549 allow remote attackers to cause a denial of service (daemon hang) and possibly…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-0725
|
2008-09-6 06:35 |
2008-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270010
|
- |
|
novell
|
apparmor
|
The Linux kernel before 2.6.18.8-0.8 in SUSE openSUSE 10.2 does not properly handle failure of an AppArmor change_hat system call, which might allow attackers to trigger the unconfining of an apparmo…
|
NVD-CWE-noinfo CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-0731
|
2008-09-6 06:35 |
2008-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|