|
258681
|
- |
|
e-vision
|
e-vision_cms
|
Multiple directory traversal vulnerabilities in e-Vision CMS 2.0.2 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. (dot do…
|
CWE-22
Path Traversal
|
CVE-2008-6551
|
2017-09-29 10:33 |
2009-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258682
|
- |
|
redhat
fedoraproject
|
cluster_project
cman
rgmanager
fedora
gfs2-utils
|
Red Hat Cluster Project 2.x allows local users to modify or overwrite arbitrary files via symlink attacks on files in /tmp, involving unspecified components in Resource Group Manager (aka rgmanager) …
|
CWE-59
Link Following
|
CVE-2008-6552
|
2017-09-29 10:33 |
2009-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258683
|
- |
|
impliedbydesign
|
micro-cms
|
microcms-admin-home.php in Implied by Design Micro CMS (Micro-CMS) 3.5 (aka 0.3.5) does not require authentication as an administrator, which allows remote attackers to (1) create administrative acco…
|
CWE-287
Improper Authentication
|
CVE-2008-6553
|
2017-09-29 10:33 |
2009-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258684
|
- |
|
sco
unixware
|
unixware
reliantha
|
Untrusted search path vulnerability in (1) hvdisp and (2) rcvm in ReliantHA 1.1.4 in SCO UnixWare 7.1.4 allows local users to gain root privileges by modifying the RELIANT_PATH environment variable t…
|
CWE-20
Improper Input Validation
|
CVE-2008-6558
|
2017-09-29 10:33 |
2009-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258685
|
- |
|
sco
|
reliantha
unixware
|
Merge mcd in ReliantHA 1.1.4 in SCO UnixWare 7.1.4 allows local users to gain root privileges via a crafted -d argument that contains .. (dot dot) sequences that point to a directory containing a fil…
|
CWE-20
Improper Input Validation
|
CVE-2008-6559
|
2017-09-29 10:33 |
2009-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258686
|
- |
|
funscripts
|
red_reservations
|
The Red_Reservations script for ColdFusion stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database via a direct reques…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6580
|
2017-09-29 10:33 |
2009-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258687
|
- |
|
phpaddedit
|
phpaddedit
|
login.php in PhpAddEdit 1.3 allows remote attackers to bypass authentication and gain administrative access by setting the addedit cookie parameter.
|
CWE-287
Improper Authentication
|
CVE-2008-6581
|
2017-09-29 10:33 |
2009-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258688
|
- |
|
miniweb2
|
miniweb
|
SQL injection vulnerability in index.php in Miniweb 2.0 allows remote attackers to execute arbitrary SQL commands via the username parameter in a login action.
|
CWE-89
SQL Injection
|
CVE-2008-6582
|
2017-09-29 10:33 |
2009-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258689
|
- |
|
bsplayer
|
bs.player
|
Buffer overflow in BS.player 2.27 build 959 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a .SRT file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-6583
|
2017-09-29 10:33 |
2009-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258690
|
- |
|
picoflat
|
picoflat_cms
|
Directory traversal vulnerability in index.php in PicoFlat CMS 0.5.9 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pagina parameter, a different vulne…
|
CWE-22
Path Traversal
|
CVE-2008-6604
|
2017-09-29 10:33 |
2009-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
