|
264521
|
- |
|
xigla
|
absolute_form_processor_xe
|
SQL injection vulnerability in search.asp in Xigla Absolute Form Processor XE 4.0 allows remote authenticated administrators to execute arbitrary SQL commands via the orderby parameter.
|
CWE-89
SQL Injection
|
CVE-2008-2762
|
2017-08-8 10:31 |
2008-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264522
|
- |
|
xigla
|
absolute_live_support_xe
|
SQL injection vulnerability in search.asp in Xigla Absolute Live Support XE 5.1 allows remote authenticated administrators to execute arbitrary SQL commands via the orderby parameter.
|
CWE-89
SQL Injection
|
CVE-2008-2763
|
2017-08-8 10:31 |
2008-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264523
|
- |
|
xigla
|
absolute_live_support_xe
|
Cross-site scripting (XSS) vulnerability in admin/search.asp in Xigla Absolute Live Support XE 5.1 allows remote authenticated administrators to inject arbitrary web script or HTML via unspecified ve…
|
CWE-79
Cross-site Scripting
|
CVE-2008-2764
|
2017-08-8 10:31 |
2008-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264524
|
- |
|
xigla
|
absolute_image_gallery_xe
|
SQL injection vulnerability in gallery.asp in Xigla Absolute Image Gallery XE allows remote attackers to execute arbitrary SQL commands via the categoryid parameter in a viewimage action.
|
CWE-89
SQL Injection
|
CVE-2008-2765
|
2017-08-8 10:31 |
2008-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264525
|
- |
|
xigla
|
absolute_image_gallery_xe
|
Cross-site scripting (XSS) vulnerability in Xigla Absolute Image Gallery XE allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in (1) admin/search.asp and (2) gall…
|
CWE-79
Cross-site Scripting
|
CVE-2008-2766
|
2017-08-8 10:31 |
2008-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264526
|
- |
|
xigla
|
absolute_poll_manager_xe
|
SQL injection vulnerability in search.asp in Xigla Poll Manager XE allows remote authenticated users with administrator role privileges to execute arbitrary SQL commands via the orderby parameter.
|
CWE-89
SQL Injection
|
CVE-2008-2767
|
2017-08-8 10:31 |
2008-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264527
|
- |
|
xigla
|
absolute_poll_manager_xe
|
Cross-site scripting (XSS) vulnerability in admin/search.asp in Xigla Poll Manager XE allows remote authenticated users with administrator role privileges to inject arbitrary web script or HTML via u…
|
CWE-79
Cross-site Scripting
|
CVE-2008-2768
|
2017-08-8 10:31 |
2008-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264528
|
- |
|
drupal
|
drupal
node_hierarchy_module
|
The Node Hierarchy module 5.x before 5.x-1.1 and 6.x before 6.x-1.0 for Drupal does not properly implement access checks, which allows remote attackers with "access content" permissions to bypass res…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-2771
|
2017-08-8 10:31 |
2008-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264529
|
- |
|
drupal
|
magic_tabs_module
|
The Magic Tabs module 5.x before 5.x-1.1 for Drupal allows remote attackers to execute arbitrary PHP code via unspecified URL arguments, possibly related to a missing "whitelist of callbacks."
|
CWE-94
Code Injection
|
CVE-2008-2772
|
2017-08-8 10:31 |
2008-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264530
|
- |
|
drupal
|
taxonomy_image_module
|
Cross-site scripting (XSS) vulnerability in the Taxonomy Image module 5.x before 5.x-1.3 and 6.x before 6.x-1.3, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML vi…
|
CWE-79
Cross-site Scripting
|
CVE-2008-2773
|
2017-08-8 10:31 |
2008-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
