|
267081
|
- |
|
minibb
|
minibb
|
Multiple PHP remote file inclusion vulnerabilities in miniBB 2.0.2 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the pathToFiles par…
|
NVD-CWE-Other
|
CVE-2006-5674
|
2008-11-13 15:25 |
2006-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267082
|
- |
|
elkagroup
|
image_gallery
|
SQL injection vulnerability in view.php in ElkaGroup Image Gallery 1.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter.
|
CWE-89
SQL Injection
|
CVE-2008-5037
|
2008-11-13 14:00 |
2008-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267083
|
- |
|
mozilla
|
firefox
|
Unspecified vulnerability in Mozilla Firefox allows remote attackers to execute arbitrary code via unspecified vectors involving Javascript errors. NOTE: this might be the same issue as CVE-2007-217…
|
NVD-CWE-noinfo
|
CVE-2007-2176
|
2008-11-13 14:00 |
2007-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267084
|
- |
|
suse
xfsdump
|
suse_linux
suse_linux_openexchange_server
suse_linux_school_server
suse_linux_standard_server
suse_open_enterprise_server
xfsdump
opensuse
|
xfs_fsr in xfsdump creates a .fsr temporary directory with insecure permissions, which allows local users to read or overwrite arbitrary files on xfs filesystems.
|
CWE-362
Race Condition
|
CVE-2007-2654
|
2008-11-13 14:00 |
2007-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267085
|
- |
|
debian
|
feta
|
The to-upgrade plugin in feta 1.4.16 allows local users to overwrite arbitrary files via a symlink on the (1) /tmp/feta.install.$USER and (2) /tmp/feta.avail.$USER temporary files.
|
CWE-59
Link Following
|
CVE-2008-4440
|
2008-11-11 16:12 |
2008-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267086
|
- |
|
cybozu
|
collaborex
cybozu_ag
cybozu_pocket
garoon_1
mailwise
|
Directory traversal vulnerability in Cybozu Collaborex, AG before 1.2(1.5), AG Pocket before 5.2(0.8), Mailwise before 3.0(0.3), and Garoon 1 before 1.5(4.1) allows remote authenticated users to read…
|
NVD-CWE-Other
|
CVE-2006-4491
|
2008-11-11 15:28 |
2006-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267087
|
- |
|
cybozu
|
cybozu_office
|
Unspecified vulnerability in Cybozu Office 6.5 Build 1.2 for Windows allows remote attackers to obtain sensitive information, including users and groups, via unspecified vectors.
|
NVD-CWE-Other
|
CVE-2006-4492
|
2008-11-11 15:28 |
2006-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267088
|
- |
|
hyper_estraier
|
hyper_estraier
|
estcmd in Hyper Estraier 1.0.1 on Windows systems allows remote attackers to read unauthorized files via a crafted search request for a filename that contains Unicode characters.
|
NVD-CWE-Other
|
CVE-2005-3421
|
2008-11-11 14:55 |
2005-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267089
|
- |
|
hiki
|
hiki
|
Cross-site scripting (XSS) vulnerability in Hiki 0.8.1 to 0.8.2 allows remote attackers to inject arbitrary web script or HTML via a page name in a Login link, a different vulnerability than CVE-2005…
|
NVD-CWE-Other
|
CVE-2005-2803
|
2008-11-11 14:53 |
2005-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267090
|
- |
|
hiki
|
hiki
|
Cross-site scripting (XSS) vulnerability in Hiki 0.8.0 to 0.8.2 allows remote attackers to inject arbitrary web script or HTML via "missing pages" in which the page name is not properly escaped, a di…
|
NVD-CWE-Other
|
CVE-2005-2336
|
2008-11-11 14:51 |
2005-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
