257491
|
- |
|
mediawiki
|
mediawiki
|
MediaWiki 1.11, and other versions before 1.13.3, does not properly protect against the download of backups of deleted images, which might allow remote attackers to obtain sensitive information via r…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-5687
|
2017-08-8 10:33 |
2008-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257492
|
- |
|
novell
|
netware
|
Novell NetWare 6.5 before Support Pack 8, when an OES2 Linux server is installed into the NDS tree, does not require a password for the ApacheAdmin console, which allows remote attackers to reconfigu…
|
CWE-255
Credentials Management
|
CVE-2008-5696
|
2017-08-8 10:33 |
2008-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257493
|
- |
|
avaya
|
communication_manager
|
Multiple unspecified vulnerabilities in the web management interface in Avaya Communication Manager (CM) 3.1 before 3.1.4 SP2, 4.0 before 4.0.3 SP1, and 5.0 before 5.0 SP3 allow remote authenticated …
|
NVD-CWE-noinfo CWE-20
Improper Input Validation
|
CVE-2008-5709
|
2017-08-8 10:33 |
2008-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257494
|
- |
|
avaya
|
communication_manager
|
Multiple unspecified vulnerabilities in the web management interface in Avaya Communication Manager (CM) 3.1.x, 4.0.3, and 5.x allow remote attackers to read (1) configuration files, (2) log files, (…
|
CWE-16
Configuration
|
CVE-2008-5710
|
2017-08-8 10:33 |
2008-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257495
|
- |
|
qemu
|
qemu
|
Off-by-one error in monitor.c in Qemu 0.9.1 might make it easier for remote attackers to guess the VNC password, which is limited to seven characters where eight was intended.
|
CWE-189
Numeric Errors
|
CVE-2008-5714
|
2017-08-8 10:33 |
2008-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257496
|
- |
|
citrix
|
xen
|
xend in Xen 3.3.0 does not properly restrict a guest VM's write access within the /local/domain xenstore directory tree, which allows guest OS users to cause a denial of service and possibly have uns…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-5716
|
2017-08-8 10:33 |
2008-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257497
|
- |
|
seasar
|
mayaa
|
Cross-site scripting (XSS) vulnerability in Mayaa before 1.1.23 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the default error page for the org.sea…
|
CWE-79
Cross-site Scripting
|
CVE-2008-5720
|
2017-08-8 10:33 |
2008-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257498
|
- |
|
cgi-rescue
|
kannibbs2000 kannibbs2000i
|
Directory traversal vulnerability in CGI RESCUE KanniBBS2000 (aka KanniBBS2000i, MiniBBS2000, and MiniBBS2000i) before 1.03 allows remote attackers to read arbitrary files via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2008-5723
|
2017-08-8 10:33 |
2008-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257499
|
- |
|
eset
|
smart_security
|
The Personal Firewall driver (aka epfw.sys) 3.0.672.0 and earlier in ESET Smart Security 3.0.672 and earlier allows local users to gain privileges via a crafted IRP in a certain METHOD_NEITHER IOCTL …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-5724
|
2017-08-8 10:33 |
2008-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257500
|
- |
|
icewarp
|
merak_mail_server
|
Cross-site scripting (XSS) vulnerability in WebMail Pro in IceWarp Software Merak Mail Server 9.3.2 allows remote attackers to inject arbitrary web script or HTML via an IMG element in an HTML e-mail…
|
CWE-79
Cross-site Scripting
|
CVE-2008-5734
|
2017-08-8 10:33 |
2008-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|