269791
|
- |
|
winzip
|
winzip
|
WinZip before 11.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and…
|
CWE-94
Code Injection
|
CVE-2008-3442
|
2008-09-6 06:43 |
2008-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
269792
|
- |
|
egi_zaberl
|
e.z._poll
|
Multiple SQL injection vulnerabilities in admin/login.asp in E. Z. Poll 2 allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password parameters. NOTE: the provena…
|
CWE-89
SQL Injection
|
CVE-2008-3590
|
2008-09-6 06:43 |
2008-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
269793
|
- |
|
acronis
|
true_image_echo_server
|
Acronis True Image Echo Server 9.x build 8072 on Linux does not properly encrypt backups to an FTP server, which allows remote attackers to obtain sensitive information. NOTE: the provenance of this…
|
CWE-310
Cryptographic Issues
|
CVE-2008-3671
|
2008-09-6 06:43 |
2008-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
269794
|
- |
|
yourfreeworld
|
stylish_text_ads_script
|
SQL injection vulnerability in trl.php in YourFreeWorld Stylish Text Ads Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2008-3754
|
2008-09-6 06:43 |
2008-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
269795
|
- |
|
wordpress
|
wordpress
|
Cross-site scripting (XSS) vulnerability in WordPress before 2.6, SVN development versions only, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2008-3233
|
2008-09-6 06:42 |
2008-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
269796
|
- |
|
jamroom
|
jamroom
|
Multiple unspecified vulnerabilities in JamRoom before 3.4.0 have unknown impact and attack vectors.
|
NVD-CWE-noinfo CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-3376
|
2008-09-6 06:42 |
2008-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
269797
|
- |
|
opendocman
|
opendocman
|
Cross-site scripting (XSS) vulnerability in index.php in OpenDocMan 1.2.5 allows remote attackers to inject arbitrary web script or HTML via the redirection parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-2788
|
2008-09-6 06:41 |
2008-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
269798
|
- |
|
exerocms
|
exero_cms
|
Multiple directory traversal vulnerabilities in Exero CMS 1.0.0 and 1.0.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the theme parameter to (1) custompa…
|
CWE-22
Path Traversal
|
CVE-2008-2840
|
2008-09-6 06:41 |
2008-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
269799
|
- |
|
webchamado
|
webchamado
|
SQL injection vulnerability in index.php in WebChamado 1.1 allows remote attackers to execute arbitrary SQL commands via the eml parameter. NOTE: the provenance of this information is unknown; the d…
|
CWE-89
SQL Injection
|
CVE-2008-2858
|
2008-09-6 06:41 |
2008-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
269800
|
- |
|
flicks_software
|
authentix
|
Cross-site scripting (XSS) vulnerability in editUser.asp in AuthentiX 6.3b1 Trial allows remote attackers to inject arbitrary web script or HTML via the username parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-1174
|
2008-09-6 06:37 |
2008-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|