|
268141
|
- |
|
website_meta_language
|
website_meta_language
|
Website META Language (WML) 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on (1) the /tmp/pe.tmp.$$ temporary file used by wml_contrib/wmg.cgi and (2) temporary files us…
|
CWE-59
Link Following
|
CVE-2008-0666
|
2008-09-6 06:35 |
2008-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268142
|
- |
|
sift
|
unity
|
Cross-site scripting (XSS) vulnerability in search.cgi in Sift Unity allows remote attackers to inject arbitrary web script or HTML via the qt parameter. NOTE: the provenance of this information is …
|
CWE-79
Cross-site Scripting
|
CVE-2008-0669
|
2008-09-6 06:35 |
2008-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268143
|
- |
|
itechscripts
|
itechclassifieds
|
Cross-site scripting (XSS) vulnerability in ViewCat.php in iTechClassifieds 3.0 allows remote attackers to inject arbitrary web script or HTML via the CatID parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-0684
|
2008-09-6 06:35 |
2008-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268144
|
- |
|
itechscripts
|
itechclassifieds
|
SQL injection vulnerability in ViewCat.php in iTechClassifieds 3.0 allows remote attackers to execute arbitrary SQL commands via the CatID parameter.
|
CWE-89
SQL Injection
|
CVE-2008-0685
|
2008-09-6 06:35 |
2008-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268145
|
- |
|
crux_software
|
cruxcms
|
Cross-site scripting (XSS) vulnerability in search.php in Crux Software CruxCMS 3.0 allows remote attackers to inject arbitrary web script or HTML via the search parameter. NOTE: the provenance of t…
|
CWE-79
Cross-site Scripting
|
CVE-2008-0700
|
2008-09-6 06:35 |
2008-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268146
|
- |
|
planetluc
|
mynews
|
Cross-site scripting (XSS) vulnerability in mynews.inc.php in MyNews 1.6.4, and other earlier 1.6.x versions, allows remote attackers to inject arbitrary web script or HTML via the hash parameter in …
|
CWE-79
Cross-site Scripting
|
CVE-2008-0723
|
2008-09-6 06:35 |
2008-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268147
|
- |
|
titan
|
ftp_server
|
Multiple heap-based buffer overflows in the (1) FTP service and (2) administration service in Titan FTP Server 6.0.5.549 allow remote attackers to cause a denial of service (daemon hang) and possibly…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-0725
|
2008-09-6 06:35 |
2008-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268148
|
- |
|
novell
|
apparmor
|
The Linux kernel before 2.6.18.8-0.8 in SUSE openSUSE 10.2 does not properly handle failure of an AppArmor change_hat system call, which might allow attackers to trigger the unconfining of an apparmo…
|
NVD-CWE-noinfo
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-0731
|
2008-09-6 06:35 |
2008-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268149
|
- |
|
apache
|
geronimo
|
The init script for Apache Geronimo on SUSE Linux follows symlinks when performing a chown operation, which might allow local users to obtain access to unspecified files or directories.
|
CWE-59
Link Following
|
CVE-2008-0732
|
2008-09-6 06:35 |
2008-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268150
|
- |
|
loris
|
hotel_reservation_system
|
Cross-site scripting (XSS) vulnerability in search.cgi in Loris Hotel Reservation System 3.01 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the hotel_name pa…
|
CWE-79
Cross-site Scripting
|
CVE-2008-0774
|
2008-09-6 06:35 |
2008-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
