271311
|
- |
|
plone
|
plone
|
Cross-site scripting (XSS) vulnerability in the LiveSearch module in Plone before 3.0.4 allows remote attackers to inject arbitrary web script or HTML via the Description field for search results, as…
|
CWE-79
Cross-site Scripting
|
CVE-2008-4571
|
2008-11-15 16:20 |
2008-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271312
|
- |
|
mybb
|
mybb
|
SQL injection vulnerability in misc.php in MyBB (aka MyBulletinBoard) before 1.4.1 allows remote attackers to execute arbitrary SQL commands via a certain editor field.
|
CWE-89
SQL Injection
|
CVE-2008-3965
|
2008-11-15 16:19 |
2008-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271313
|
- |
|
mybb
|
mybb
|
Patch information - http://community.mybboard.net/showthread.php?tid=36022
|
CWE-89
SQL Injection
|
CVE-2008-3965
|
2008-11-15 16:19 |
2008-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271314
|
- |
|
mybb
|
mybb
|
Multiple cross-site scripting (XSS) vulnerabilities in MyBB (aka MyBulletinBoard) before 1.4.1 allow remote attackers to inject arbitrary web script or HTML via (1) a certain referrer field in usercp…
|
CWE-79
Cross-site Scripting
|
CVE-2008-3966
|
2008-11-15 16:19 |
2008-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271315
|
- |
|
mybb
|
mybb
|
Patch information - http://community.mybboard.net/showthread.php?tid=36022
|
CWE-79
Cross-site Scripting
|
CVE-2008-3966
|
2008-11-15 16:19 |
2008-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271316
|
- |
|
mybb
|
mybb
|
moderation.php in MyBB (aka MyBulletinBoard) before 1.4.1 does not properly check for moderator privileges, which has unknown impact and remote attack vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-3967
|
2008-11-15 16:19 |
2008-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271317
|
- |
|
mybb
|
mybb
|
Patch information - http://community.mybboard.net/showthread.php?tid=36022
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-3967
|
2008-11-15 16:19 |
2008-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271318
|
- |
|
phpcredo
|
phcdownload
|
SQL injection vulnerability in search.php in PHCDownload 1.1.0 allows remote attackers to execute arbitrary SQL commands via the string parameter.
|
CWE-89
SQL Injection
|
CVE-2007-6670
|
2008-11-15 16:06 |
2008-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271319
|
- |
|
menalto
|
gallery_publish_xp_module
|
Unspecified vulnerability in the Publish XP module Menalto Gallery before 2.2.4 allows attackers to create albums and upload files via unknown vectors.
|
NVD-CWE-noinfo CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-6685
|
2008-11-15 16:06 |
2008-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271320
|
- |
|
menalto
|
gallery
|
The URL rewrite module in Menalto Gallery before 2.2.4 allows attackers to include and execute arbitrary local files via unknown vectors related to the admin controller.
|
NVD-CWE-noinfo
|
CVE-2007-6686
|
2008-11-15 16:06 |
2008-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|