|
268451
|
- |
|
mybb
|
mybb
|
MyBB (aka MyBulletinBoard) 1.4.2 does not properly handle an uploaded file with a nonstandard file type that contains HTML sequences, which allows remote attackers to cause that file to be processed …
|
CWE-20
Improper Input Validation
|
CVE-2008-4930
|
2008-11-5 14:00 |
2008-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268452
|
- |
|
allaire
|
forums
|
Allaire Forums 2.0.4 and 2.0.5 and Forums! 3.0 and 3.1 allows remote authenticated users to spoof messages as other users by modifying the hidden form fields for the name and e-mail address.
|
NVD-CWE-Other
|
CVE-2002-0108
|
2008-11-4 14:23 |
2002-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268453
|
- |
|
infopop
|
ultimate_bulletin_board
|
Cross-site scripting vulnerability in Infopop Ultimate Bulletin Board (UBB) 6.2.0 Beta Release 1.0 allows remote attackers to execute arbitrary script and steal cookies via a message containing encod…
|
NVD-CWE-Other
|
CVE-2002-0118
|
2008-11-4 14:23 |
2002-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268454
|
- |
|
netgear
|
rp114
|
Netgear RP114 Cable/DSL Web Safe Router Firmware 3.26, when configured to block traffic below port 1024, allows remote attackers to cause a denial of service (hang) via a port scan of the WAN port.
|
NVD-CWE-Other
|
CVE-2002-0127
|
2008-11-4 14:23 |
2002-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268455
|
- |
|
maelstrom
|
maelstrom_gpl
|
Maelstrom GPL 3.0.1 allows local users to overwrite arbitrary files of other Maelstrom users via a symlink attack on the /tmp/f file.
|
NVD-CWE-Other
|
CVE-2002-0141
|
2008-11-4 14:23 |
2002-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268456
|
- |
|
awstats
|
awstats
|
Cross-site scripting (XSS) vulnerability in awstats.pl in AWStats 6.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the config parameter. NOTE: this might be the sam…
|
NVD-CWE-Other
|
CVE-2006-1945
|
2008-11-3 15:18 |
2006-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268457
|
- |
|
leadhound_network
|
leadhound_full
leadhound_lite
|
Multiple SQL injection vulnerabilities in Leadhound Full and LITE 2.1, and probably the Network Version "Full Version", allow remote attackers to execute arbitrary SQL commands via the (1) banner par…
|
NVD-CWE-Other
|
CVE-2006-2062
|
2008-11-3 15:18 |
2006-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268458
|
- |
|
leadhound_network
|
leadhound_full
leadhound_lite
|
Multiple cross-site scripting (XSS) vulnerabilities in Leadhound Full and LITE 2.1, and probably the Network Version "Full Version", allow remote attackers to inject arbitrary web script or HTML via …
|
NVD-CWE-Other
|
CVE-2006-2063
|
2008-11-3 15:18 |
2006-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268459
|
- |
|
ecotwo
|
shopsystem
|
Unspecified vulnerability in ecotwo Shopsystem 1.0-192 and earlier allows remote attackers to include arbitrary local files via (1) the lang parameter in news.php and (2) other unspecified vectors.
|
NVD-CWE-Other
|
CVE-2006-1684
|
2008-11-3 15:16 |
2006-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268460
|
- |
|
apt
|
apt-webshop-system
|
Unspecified vulnerability in modules.php in APT-webshop-system 4.0 PRO, 3.0 BASIC, and 3.0 LIGHT allows remote attackers to access unspecified files via a modified warp parameter.
|
NVD-CWE-Other
|
CVE-2006-1686
|
2008-11-3 15:16 |
2006-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
