|
268151
|
- |
|
freebsd
|
freebsd
|
The sendfile system call in FreeBSD 5.5 through 7.0 does not check the access flags of the file descriptor used for sending a file, which allows local users to read the contents of write-only files.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-0777
|
2008-09-6 06:35 |
2008-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268152
|
- |
|
sam_lantinga
|
splitvt
|
misc.c in splitvt 1.6.6 and earlier does not drop group privileges before executing xprop, which allows local users to gain privileges.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-0162
|
2008-09-6 06:34 |
2008-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268153
|
- |
|
liferay
|
liferay_enterprise_portal
|
Cross-site scripting (XSS) vulnerability in the Enterprise Admin Session Monitoring component in Liferay Portal 4.3.6 allows remote authenticated users to inject arbitrary web script or HTML via the …
|
CWE-79
Cross-site Scripting
|
CVE-2008-0178
|
2008-09-6 06:34 |
2008-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268154
|
- |
|
liferay
|
liferay_enterprise_portal
|
Cross-site scripting (XSS) vulnerability in service/impl/UserLocalServiceImpl.java in Liferay Portal 4.3.6 allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP heade…
|
CWE-79
Cross-site Scripting
|
CVE-2008-0179
|
2008-09-6 06:34 |
2008-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268155
|
- |
|
liferay
|
liferay_enterprise_portal
|
Cross-site scripting (XSS) vulnerability in themes/_unstyled/templates/init.vm in Liferay Portal 4.3.6 allows remote authenticated users to inject arbitrary web script or HTML via the Greeting field …
|
CWE-79
Cross-site Scripting
|
CVE-2008-0180
|
2008-09-6 06:34 |
2008-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268156
|
- |
|
liferay
|
liferay_enterprise_portal
|
Cross-site scripting (XSS) vulnerability in the Admin portlet in Liferay Portal 4.3.6 allows remote authenticated users to inject arbitrary web script or HTML via the Shutdown message.
|
CWE-79
Cross-site Scripting
|
CVE-2008-0181
|
2008-09-6 06:34 |
2008-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268157
|
- |
|
liferay
|
liferay_enterprise_portal
|
Cross-site request forgery (CSRF) vulnerability in the Admin portlet in Liferay Portal before 4.4.0 allows remote authenticated users to perform unspecified actions as unspecified other authenticated…
|
CWE-352
Origin Validation Error
|
CVE-2008-0182
|
2008-09-6 06:34 |
2008-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268158
|
- |
|
ngircd
|
ngircd
|
ngIRCd 0.10.x before 0.10.4 and 0.11.0 before 0.11.0-pre2 allows remote attackers to cause a denial of service (crash) via crafted IRC PART message, which triggers an invalid dereference.
|
NVD-CWE-Other
|
CVE-2008-0285
|
2008-09-6 06:34 |
2008-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268159
|
- |
|
pmachine
|
pmachine_pro
|
Cross-site scripting (XSS) vulnerability in pm/language/spanish/preferences.php in PMachine Pro 2.4.1 allows remote attackers to inject arbitrary web script or HTML via the L_PREF_NAME[855] parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-0334
|
2008-09-6 06:34 |
2008-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268160
|
- |
|
mahara
|
mahara
|
Unspecified vulnerability in Mahara before 0.9.1 has unknown impact and remote attack vectors, probably related to cross-site scripting (XSS) in uploaded files.
|
CWE-79
Cross-site Scripting
|
CVE-2008-0381
|
2008-09-6 06:34 |
2008-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
