|
258261
|
- |
|
siemens
john_doe
|
speedstream_5200
netport_software
|
Siemens SpeedStream 5200 with NetPort Software 1.1 allows remote attackers to bypass authentication via an invalid Host header, possibly involving a trailing dot in the hostname.
|
CWE-287
Improper Authentication
|
CVE-2008-6916
|
2017-09-29 10:33 |
2009-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258262
|
- |
|
exoscripts
|
exophpdesk
|
SQL injection vulnerability in admin.php in Exocrew ExoPHPDesk 1.2 Final allows remote attackers to execute arbitrary SQL commands via the username (user parameter).
|
CWE-89
SQL Injection
|
CVE-2008-6917
|
2017-09-29 10:33 |
2009-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258263
|
- |
|
theportal2.pl
|
theportal2
|
Unrestricted file upload vulnerability in admin/galeria.php in ThePortal2 2.2 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6918
|
2017-09-29 10:33 |
2009-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258264
|
- |
|
taskdriver
|
taskdriver
|
profileedit.php TaskDriver 1.3 and earlier allows remote attackers to bypass authentication and gain administrative access by setting the auth cookie to "fook!admin."
|
CWE-287
Improper Authentication
|
CVE-2008-6919
|
2017-09-29 10:33 |
2009-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258265
|
- |
|
w2b
|
phpemployment
|
Unrestricted file upload vulnerability in auth.php in phpEmployment 1.8 allows remote attackers to execute arbitrary code by uploading a file with an executable extension during a regnew action, then…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6920
|
2017-09-29 10:33 |
2009-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258266
|
- |
|
w2b
|
phpadboard
|
Unrestricted file upload vulnerability in index.php in phpAdBoard 1.8 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direc…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6921
|
2017-09-29 10:33 |
2009-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258267
|
- |
|
youngzsoft
|
cmailserver
|
Multiple stack-based buffer overflows in CMailCOM.dll in CMailServer 5.4.6 allow remote attackers to execute arbitrary code via a long argument to the (1) CreateUserPath, (2) Logout, (3) DeleteMailBy…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-6922
|
2017-09-29 10:33 |
2009-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258268
|
- |
|
joomla
|
com_content
|
SQL injection vulnerability in the content component (com_content) 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a blogcategory action to ind…
|
CWE-89
SQL Injection
|
CVE-2008-6923
|
2017-09-29 10:33 |
2009-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258269
|
- |
|
phpstore
|
complete_classifieds
|
Unrestricted file upload vulnerability in PHPStore Complete Classifieds allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a logo, then ac…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6928
|
2017-09-29 10:33 |
2009-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258270
|
- |
|
phpstore
|
auto_classifieds
|
Unrestricted file upload vulnerability in PHPStore Auto Classifieds allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a logo, then access…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6929
|
2017-09-29 10:33 |
2009-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
