|
258591
|
- |
|
paul_arbogast
|
accms
|
All Club CMS (ACCMS) 0.0.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain database configuration information, in…
|
CWE-200
Information Exposure
|
CVE-2008-7069
|
2017-09-29 10:33 |
2009-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258592
|
- |
|
chipmunk-scripts
|
chipmunk_topsites
|
SQL injection vulnerability in authenticate.php in Chipmunk Topsites allows remote attackers to execute arbitrary SQL commands via the username parameter, related to login.php. NOTE: some of these d…
|
CWE-89
SQL Injection
|
CVE-2008-7071
|
2017-09-29 10:33 |
2009-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258593
|
- |
|
chipmunk-scripts
|
chipmunk_topsites
|
Cross-site scripting (XSS) vulnerability in index.php in Chipmunk Topsites allows remote attackers to inject arbitrary web script or HTML via the start parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-7072
|
2017-09-29 10:33 |
2009-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258594
|
- |
|
rssmodule
ekkaia
|
rss_module
pie_web
|
PHP remote file inclusion vulnerability in lib/action/rss.php in RSS module 0.1 for Pie Web M{a,e}sher, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a U…
|
CWE-94
Code Injection
|
CVE-2008-7073
|
2017-09-29 10:33 |
2009-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258595
|
- |
|
memcode
|
i.scribe
|
Format string vulnerability in MemeCode Software i.Scribe 1.88 through 2.00 before Beta9 allows remote SMTP servers to cause a denial of service (crash) and possibly execute arbitrary code via format…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2008-7074
|
2017-09-29 10:33 |
2009-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258596
|
- |
|
kalptaru_infotech
|
stararticles
|
Multiple SQL injection vulnerabilities in Kalptaru Infotech Ltd. Star Articles 6.0 allow remote attackers to inject arbitrary SQL commands via (1) the subcatid parameter to article.list.php; or the a…
|
CWE-89
SQL Injection
|
CVE-2008-7075
|
2017-09-29 10:33 |
2009-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258597
|
- |
|
kalptaru_infotech
|
stararticles
|
Unrestricted file upload vulnerability in user.modify.profile.php in Kalptaru Infotech Ltd. Star Articles 6.0 allows remote authenticated users to execute arbitrary code by uploading a file with an e…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7076
|
2017-09-29 10:33 |
2009-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258598
|
- |
|
relative
|
sailplanner
|
Multiple SQL injection vulnerabilities in SailPlanner 0.3a allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields.
|
CWE-89
SQL Injection
|
CVE-2008-7077
|
2017-09-29 10:33 |
2009-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258599
|
- |
|
nero
|
showtime
|
Buffer overflow in Nero ShowTime 5.0.15.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long entry in a .M3U playlist file. NOTE: this issue …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-7079
|
2017-09-29 10:33 |
2009-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258600
|
- |
|
phpclassifiedsscript
|
php_classifieds_script
|
Team PHP PHP Classifieds Script stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain database credentials via a direct request for…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7080
|
2017-09-29 10:33 |
2009-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
