|
267971
|
- |
|
dotnetnuke
|
dotnetnuke
|
Unrestricted file upload vulnerability in the file manager module in DotNetNuke before 4.8.2 allows remote administrators to upload arbitrary files and gain privileges to the server via unspecified v…
|
CWE-20
Improper Input Validation
|
CVE-2008-6541
|
2009-08-19 14:24 |
2009-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267972
|
- |
|
thomas_waggershauser
|
air_filemanager
|
Unspecified vulnerability in Frontend Filemanager (air_filemanager) 0.6.1 and earlier extension for TYPO3 allows remote attackers to execute arbitrary commands via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2008-6685
|
2009-08-19 14:24 |
2009-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267973
|
- |
|
sophos
|
anti-virus
anti-virus7.6.3
|
Sophos Anti-Virus for Windows before 7.6.3, Anti-Virus for Windows NT/9x before 4.7.18, Anti-Virus for OS X before 4.9.18, Anti-Virus for Linux before 6.4.5, Anti-Virus for UNIX before 7.0.5, Anti-Vi…
|
CWE-399
Resource Management Errors
|
CVE-2008-6903
|
2009-08-19 14:24 |
2009-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267974
|
- |
|
ezphotogallery
|
ezphotogallery
|
SQL injection vulnerability in gallery.php in Easy Photo Gallery (aka Ezphotogallery) 2.1 allows remote attackers to execute arbitrary SQL commands via the password parameter. NOTE: the provenance o…
|
CWE-89
SQL Injection
|
CVE-2008-6990
|
2009-08-19 14:24 |
2009-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267975
|
- |
|
php
|
php
|
PHP 5.2.5 does not enforce (a) open_basedir and (b) safe_mode_exec_dir restrictions for certain functions, which might allow local users to bypass intended access restrictions and call programs outsi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7002
|
2009-08-19 14:24 |
2009-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267976
|
- |
|
fr.simon_rundell
|
pd_churchsearch
|
SQL injection vulnerability in the Diocese of Portsmouth Church Search (pd_churchsearch) extension before 0.1.1, and 0.2.10 and earlier 0.2.x versions, an extension for TYPO3, allows remote attackers…
|
CWE-89
SQL Injection
|
CVE-2008-6463
|
2009-08-19 14:23 |
2009-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267977
|
- |
|
apache
|
struts
|
Multiple directory traversal vulnerabilities in Apache Struts 2.0.x before 2.0.12 and 2.1.x before 2.1.3 allow remote attackers to read arbitrary files via a ..%252f (encoded dot dot slash) in a URI …
|
CWE-22
Path Traversal
|
CVE-2008-6505
|
2009-08-19 14:23 |
2009-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267978
|
- |
|
gpsdrive
|
gpsdrive
|
gpsdrive (aka gpsdrive-scripts) 2.10~pre4 allows local users to overwrite arbitrary files via a symlink attack on the (a) /tmp/.smswatch or (b) /tmp/gpsdrivepos temporary file, related to (1) example…
|
CWE-59
Link Following
|
CVE-2008-5703
|
2009-08-19 14:22 |
2008-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267979
|
- |
|
agares_media
|
arcadem_pro
|
SQL injection vulnerability in index.php in Arcadem Pro 2.700 through 2.802 allows remote attackers to execute arbitrary SQL commands via the articlecat parameter, probably related to includes/articl…
|
CWE-89
SQL Injection
|
CVE-2008-6040
|
2009-08-19 14:22 |
2009-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267980
|
- |
|
gpsdrive
|
gpsdrive
|
gpsdrive (aka gpsdrive-scripts) 2.09 allows local users to overwrite arbitrary files via a symlink attack on an (a) /tmp/geo#####, a (b) /tmp/geocaching.loc, a (c) /tmp/geo#####.*, or a (d) /tmp/geo.…
|
CWE-59
Link Following
|
CVE-2008-5380
|
2009-08-19 14:21 |
2008-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
