|
257541
|
- |
|
fuzzylime
|
fuzzylime_cms
|
Directory traversal vulnerability in rss.php in fuzzylime (cms) 3.01a and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (do…
|
CWE-22
Path Traversal
|
CVE-2008-3165
|
2017-09-29 10:31 |
2008-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257542
|
- |
|
boonex
|
ray
|
PHP remote file inclusion vulnerability in modules/global/inc/content.inc.php in BoonEx Ray 3.5, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in t…
|
CWE-94
Code Injection
|
CVE-2008-3166
|
2017-09-29 10:31 |
2008-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257543
|
- |
|
boonex
|
dolphin
|
Multiple PHP remote file inclusion vulnerabilities in BoonEx Dolphin 6.1.2, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) dir[plugins] pa…
|
CWE-94
Code Injection
|
CVE-2008-3167
|
2017-09-29 10:31 |
2008-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257544
|
- |
|
webxell
|
webxell_editor
|
Unrestricted file upload vulnerability in upload_pictures.php in WebXell Editor 0.1.3 allows remote attackers to execute arbitrary code by uploading a .php file with a jpeg content type, then accessi…
|
CWE-20
Improper Input Validation
|
CVE-2008-3178
|
2017-09-29 10:31 |
2008-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257545
|
- |
|
w2b
|
phpdatingclub
|
Directory traversal vulnerability in website.php in Web 2 Business (W2B) phpDatingClub (aka Dating Club) 3.7 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in…
|
CWE-22
Path Traversal
|
CVE-2008-3179
|
2017-09-29 10:31 |
2008-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257546
|
- |
|
cwh_underground
|
contentnow_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in upload/file/language_menu.php in ContentNow CMS 1.4.1 allow remote attackers to inject arbitrary web script or HTML via the (1) pageid parameter…
|
CWE-79
Cross-site Scripting
|
CVE-2008-3180
|
2017-09-29 10:31 |
2008-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257547
|
- |
|
content_now
|
content_now
|
Unrestricted file upload vulnerability in upload.php in ContentNow CMS 1.4.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessi…
|
CWE-20
Improper Input Validation
|
CVE-2008-3181
|
2017-09-29 10:31 |
2008-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257548
|
- |
|
speedbit
|
download_accelerator_plus
|
Stack-based buffer overflow in DAP.exe in Download Accelerator Plus (DAP) 7.0.1.3, 8.6.6.3, and other 8.x versions allows user-assisted remote attackers to execute arbitrary code via an M3U (.m3u) fi…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-3182
|
2017-09-29 10:31 |
2008-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257549
|
- |
|
1scripts
|
codedb
|
Directory traversal vulnerability in list.php in 1Scripts CodeDB 1.1.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
|
CWE-22
Path Traversal
|
CVE-2008-3190
|
2017-09-29 10:31 |
2008-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257550
|
- |
|
marcioforum
|
mforum
|
Multiple SQL injection vulnerabilities in usercp.php in mForum 0.1a, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) City, (2) Interest, (3) Em…
|
CWE-89
SQL Injection
|
CVE-2008-3191
|
2017-09-29 10:31 |
2008-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
