|
268121
|
- |
|
webgui
|
webgui
|
Cross-site scripting (XSS) vulnerability in Plain Black WebGUI before 7.4.24 allows remote attackers to inject arbitrary web script or HTML when creating a username, a different vulnerability than CV…
|
CWE-79
Cross-site Scripting
|
CVE-2008-0940
|
2008-09-6 06:36 |
2008-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268122
|
- |
|
matts_whois
|
matts_whois
|
Cross-site scripting (XSS) vulnerability in mwhois.php in Matt Wilson Matt's Whois (MWhois) allows remote attackers to inject arbitrary web script or HTML via the domain parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-1041
|
2008-09-6 06:36 |
2008-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268123
|
- |
|
intervideo
|
windvd_media_center
|
InterVideo IMC Server (aka IMCSvr.exe) and InterVideo Home Theater (aka IHT.exe) in InterVideo WinDVD Media Center 2.11.15.0 allow remote attackers to cause a denial of service (NULL dereference and …
|
CWE-20
Improper Input Validation
|
CVE-2008-1062
|
2008-09-6 06:36 |
2008-02-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268124
|
- |
|
xoops
|
xm_memberstats
|
Multiple SQL injection vulnerabilities in index.php in the XM-Memberstats (xmmemberstats) 2.0e module for XOOPS allow remote attackers to execute arbitrary SQL commands via the (1) letter or (2) sort…
|
CWE-89
SQL Injection
|
CVE-2008-1065
|
2008-09-6 06:36 |
2008-02-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268125
|
- |
|
maianscriptworld
|
maian_cart
|
Cross-site scripting (XSS) vulnerability in index.php in Maian Cart 1.1 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter in a search command. NOTE: the prove…
|
CWE-79
Cross-site Scripting
|
CVE-2008-1075
|
2008-09-6 06:36 |
2008-02-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268126
|
- |
|
vocera_communications
|
vocera_communications_badge
|
Cisco Unified Wireless IP Phone 7921, when using Protected Extensible Authentication Protocol (PEAP), does not validate server certificates, which allows remote wireless access points to steal hashed…
|
CWE-200
Information Exposure
|
CVE-2008-1113
|
2008-09-6 06:36 |
2008-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268127
|
- |
|
drupal
|
drupal
|
Cross-site scripting (XSS) vulnerability in Drupal 6.0 allows remote authenticated users to inject arbitrary web script or HTML via titles in content edit forms.
|
CWE-79
Cross-site Scripting
|
CVE-2008-1131
|
2008-09-6 06:36 |
2008-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268128
|
- |
|
net_activity_viewer
|
net_activity_viewer
|
Untrusted search path vulnerability in src/mainwindow.c in Net Activity Viewer 0.2.1 allows local users with Net Activity Viewer privileges to execute arbitrary code via a malicious gksu program, whi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-1132
|
2008-09-6 06:36 |
2008-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268129
|
- |
|
small_axe_solutions
|
weblog
|
PHP remote file inclusion vulnerability in inc/linkbar.php in Small Axe Weblog 0.3.1 allows remote attackers to execute arbitrary PHP code via a URL in the ffile parameter, a different vector than CV…
|
CWE-94
Code Injection
|
CVE-2008-0442
|
2008-09-6 06:35 |
2008-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268130
|
- |
|
endian
|
firewall
|
Cross-site scripting (XSS) vulnerability in vpnum/userslist.php in Endian Firewall 2.1.2 allows remote attackers to inject arbitrary web script or HTML via the psearch parameter. NOTE: the provenanc…
|
CWE-79
Cross-site Scripting
|
CVE-2008-0494
|
2008-09-6 06:35 |
2008-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
