270521
|
- |
|
d-ic
|
shop_v50 shop_v52
|
Cross-site scripting (XSS) vulnerability in DIC shop_v50 3.0 and earlier and shop_v52 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2008-3935
|
2008-09-6 00:08 |
2008-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270522
|
- |
|
opendb
|
opendb
|
Multiple cross-site scripting (XSS) vulnerabilities in Open Media Collectors Database (OpenDb) 1.0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) user_id parameter in an …
|
CWE-79
Cross-site Scripting
|
CVE-2008-3937
|
2008-09-6 00:08 |
2008-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270523
|
- |
|
opendb
|
opendb
|
Cross-site request forgery (CSRF) vulnerability in user_admin.php in Open Media Collectors Database (OpenDb) 1.0.6 allows remote attackers to change arbitrary passwords via an update_password action.
|
CWE-352
Origin Validation Error
|
CVE-2008-3938
|
2008-09-6 00:08 |
2008-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270524
|
- |
|
avtech
|
pager_enterprise
|
Directory traversal vulnerability in the web interface in AVTECH PageR Enterprise before 5.0.7 allows remote attackers to read arbitrary files via directory traversal sequences in the URI.
|
CWE-22
Path Traversal
|
CVE-2008-3939
|
2008-09-6 00:08 |
2008-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270525
|
- |
|
manageengine
|
servicedesk_plus
|
Cross-site scripting (XSS) vulnerability in SolutionSearch.do in ManageEngine ServiceDesk Plus 7.0.0 Build 7011 for Windows allows remote attackers to inject arbitrary web script or HTML via the sear…
|
CWE-79
Cross-site Scripting
|
CVE-2008-1299
|
2008-09-5 13:00 |
2008-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270526
|
- |
|
oocomments
|
oocomments
|
Multiple PHP remote file inclusion vulnerabilities in ooComments 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the PathToComment parameter for (1) classes/class_admin.php and …
|
CWE-94
Code Injection
|
CVE-2008-1511
|
2008-09-5 13:00 |
2008-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270527
|
- |
|
avici hitachi
|
router gr2000 gr3000 gr4000
|
Unspecified vulnerability in Avici routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue …
|
NVD-CWE-noinfo CWE-20
Improper Input Validation
|
CVE-2008-2169
|
2008-09-5 13:00 |
2008-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270528
|
- |
|
century_software
|
router
|
Unspecified vulnerability in Century routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issu…
|
CWE-20
Improper Input Validation
|
CVE-2008-2170
|
2008-09-5 13:00 |
2008-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270529
|
- |
|
yamaha
|
router
|
Unspecified vulnerability in Yamaha routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue…
|
CWE-20
Improper Input Validation
|
CVE-2008-2173
|
2008-09-5 13:00 |
2008-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270530
|
- |
|
runesoft
|
cerberus_cms
|
Cross-site scripting (XSS) vulnerability in Runesoft Cerberus CMS before 3_1.4_0.9 allows remote attackers to inject arbitrary web script or HTML via a cerberus_user cookie.
|
CWE-79
Cross-site Scripting
|
CVE-2008-3397
|
2008-09-5 13:00 |
2008-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|