|
258631
|
- |
|
otmanager
|
otmanager_cms
|
OTManager CMS 2.4 allows remote attackers to bypass authentication and gain administrator privileges by setting the ADMIN_Hora, ADMIN_Logado, and ADMIN_Nome cookies to certain values, as reachable in…
|
CWE-287
Improper Authentication
|
CVE-2008-7179
|
2017-09-29 10:33 |
2009-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258632
|
- |
|
rittwick_banerjee
|
telephone_directory_2008
|
del_query1.php in Telephone Directory 2008 allows remote attackers to delete arbitrary contacts via a direct request with a modified id variable.
|
CWE-20
Improper Input Validation
|
CVE-2008-7180
|
2017-09-29 10:33 |
2009-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258633
|
- |
|
butterflymedia
|
butterfly_organizer
|
Butterfly Organizer 2.0.0 allows remote attackers to (1) delete arbitrary categories via a modified tablehere parameter to category-delete.php with the is_js_confirmed parameter set to 1, or (2) dele…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7181
|
2017-09-29 10:33 |
2009-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258634
|
- |
|
netwin
|
surgemail
|
Buffer overflow in the IMAP service in NetWin Surgemail 3.9e, and possibly other versions before 3.9g2, allows remote authenticated users to cause a denial of service (crash) and possibly execute arb…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-7182
|
2017-09-29 10:33 |
2009-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258635
|
- |
|
clip-share
|
clipshare
|
ClipShare 2.6 does not properly restrict access to certain functionality, which allows remote attackers to change the profile of arbitrary users via a modified uid variable to siteadmin/useredit.php.…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7188
|
2017-09-29 10:33 |
2009-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258636
|
- |
|
ming_han
|
ajchat
|
directory.php in AJchat 0.10 allows remote attackers to bypass input validation and conduct SQL injection attacks via a numeric parameter with a value matching the s parameter's hash value, which pre…
|
CWE-89
SQL Injection
|
CVE-2008-7210
|
2017-09-29 10:33 |
2009-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258637
|
- |
|
elinks
|
elinks
|
Buffer overflow in entity_cache in ELinks before 0.11.4rc0 allows remote attackers to cause a denial of service (crash) via a crafted link.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-7224
|
2017-09-29 10:33 |
2009-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258638
|
- |
|
linuxwebshop
|
php_user_base
|
Directory traversal vulnerability in include/unverified.inc.php in Linux Web Shop (LWS) php User Base 1.3beta allows remote attackers to include and execute arbitrary local files via the template par…
|
CWE-94
CWE-22
Code Injection
Path Traversal
|
CVE-2008-7240
|
2017-09-29 10:33 |
2009-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258639
|
- |
|
talkback
|
talkback
|
TalkBack 2.3.6 allows remote attackers to obtain configuration information via a direct request to install/info.php, which calls the phpinfo function.
|
CWE-200
Information Exposure
|
CVE-2008-4115
|
2017-09-29 10:32 |
2008-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258640
|
- |
|
apple
|
itunes
quicktime
|
Buffer overflow in Apple QuickTime 7.5.5 and iTunes 8.0 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a long type attribute in a quicktim…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-4116
|
2017-09-29 10:32 |
2008-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
