271221
|
- |
|
adobe
|
flash_media_server
|
Guide for enabling SWF verification = http://kb.adobe.com/selfservice/viewContent.do?externalId=kb405456&sliceId=2
|
CWE-16
Configuration
|
CVE-2008-5109
|
2008-11-26 14:00 |
2008-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271222
|
- |
|
novell
|
iprint
|
Stack-based buffer overflow in the ExecuteRequest method in the Novell iPrint ActiveX control in ienipp.ocx in Novell iPrint Client 5.06 and earlier allows remote attackers to execute arbitrary code …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-5231
|
2008-11-26 14:00 |
2008-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271223
|
- |
|
web-app.org
|
webapp
|
Unspecified vulnerability in web-app.org Web Automated Perl Portal (WebAPP) 0.9.9.4 to 0.9.9.6 allows remote attackers to obtain admin access by modifying cookies and performing "certain consecutive …
|
NVD-CWE-noinfo CWE-352
Origin Validation Error
|
CVE-2007-1489
|
2008-11-23 14:00 |
2007-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271224
|
- |
|
erl_wustl
|
ctn
|
add-accession-numbers in ctn 3.0.6 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/accession temporary file.
|
CWE-59
Link Following
|
CVE-2008-5146
|
2008-11-19 01:00 |
2008-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271225
|
- |
|
abottoms
|
mayavi
|
test_parser.py in mayavi 1.5 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/err.log temporary file.
|
CWE-59
Link Following
|
CVE-2008-5151
|
2008-11-19 01:00 |
2008-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271226
|
- |
|
typo3
|
another_backend_login
|
SQL injection vulnerability in TYPO3 Another Backend Login (wrg_anotherbelogin) extension before 0.0.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2008-5087
|
2008-11-17 23:39 |
2008-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271227
|
- |
|
kkeim
|
kmita_catalogue
|
Cross-site scripting (XSS) vulnerability in search.php in Kmita Catalogue 2.x allows remote attackers to inject arbitrary web script or HTML via the q parameter. NOTE: the provenance of this informa…
|
CWE-79
Cross-site Scripting
|
CVE-2008-5067
|
2008-11-17 14:00 |
2008-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271228
|
- |
|
debian
|
xsabre
|
XRunSabre in sabre (aka xsabre) 0.2.4b relies on the ability to create /tmp/sabre.log, which allows local users to cause a denial of service (application unavailability) by creating a /tmp/sabre.log …
|
NVD-CWE-Other
|
CVE-2008-4407
|
2008-11-15 16:20 |
2008-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271229
|
- |
|
plone
|
plone
|
Cross-site scripting (XSS) vulnerability in the LiveSearch module in Plone before 3.0.4 allows remote attackers to inject arbitrary web script or HTML via the Description field for search results, as…
|
CWE-79
Cross-site Scripting
|
CVE-2008-4571
|
2008-11-15 16:20 |
2008-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271230
|
- |
|
mybb
|
mybb
|
SQL injection vulnerability in misc.php in MyBB (aka MyBulletinBoard) before 1.4.1 allows remote attackers to execute arbitrary SQL commands via a certain editor field.
|
CWE-89
SQL Injection
|
CVE-2008-3965
|
2008-11-15 16:19 |
2008-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|