257261
|
- |
|
freelance_auction
|
freelance_auction_script
|
Freelance Auction Script 1.0 stores user passwords in plaintext in the tbl_users table, which allows attackers to gain privileges by reading the table.
|
CWE-255
Credentials Management
|
CVE-2008-2279
|
2017-09-29 10:31 |
2008-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257262
|
- |
|
thomas_voecking
|
internet_photoshow
|
admin.php in Internet Photoshow and Internet Photoshow Special Edition (SE) allows remote attackers to bypass authentication by setting the login_admin cookie to true.
|
CWE-287
Improper Authentication
|
CVE-2008-2282
|
2017-09-29 10:31 |
2008-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257263
|
- |
|
idautomation
|
aztec_barcode datamatrix_barcode linear_barcode pdf417_barcode
|
IDAutomation allows remote attackers to overwrite arbitrary files via the argument to the (1) SaveBarCode and (2) SaveEnhWMF methods in (a) the IDAuto.BarCode.1 ActiveX control in IDAutomationLinear6…
|
CWE-20
Improper Input Validation
|
CVE-2008-2283
|
2017-09-29 10:31 |
2008-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257264
|
- |
|
net-snmp
|
net-snmp
|
Buffer overflow in the __snprint_value function in snmp_get in Net-SNMP 5.1.4, 5.2.4, and 5.4.1, as used in SNMP.xs for Perl, allows remote attackers to cause a denial of service (crash) and possibly…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-2292
|
2017-09-29 10:31 |
2008-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257265
|
- |
|
tpvgames
|
mpcs
|
admin.php in Multi-Page Comment System (MPCS) 1.0 and 1.1 allows remote attackers to bypass authentication and gain privileges by setting the CommentSystemAdmin cookie to 1.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-2293
|
2017-09-29 10:31 |
2008-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257266
|
- |
|
mreaves
|
pet_grooming_management_system
|
Pet Grooming Management System 2.0 allows remote attackers to gain privileges via a direct request to useradded.php with a modified user name for "admin."
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-2294
|
2017-09-29 10:31 |
2008-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257267
|
- |
|
rgboard
|
rgboard
|
Cross-site scripting (XSS) vulnerability in rg_search.php in Rgboard 3.0.12, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the s_text parameter and…
|
CWE-79
Cross-site Scripting
|
CVE-2008-2295
|
2017-09-29 10:31 |
2008-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257268
|
- |
|
rgboard
|
rgboard
|
PHP remote file inclusion vulnerability in include/bbs.lib.inc.php in Rgboard 3.0.12 allows remote attackers to execute arbitrary PHP code via a URL in the site_path parameter.
|
CWE-94
Code Injection
|
CVE-2008-2296
|
2017-09-29 10:31 |
2008-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257269
|
- |
|
roticv
|
rantx
|
The admin.php file in Rantx allows remote attackers to bypass authentication and gain privileges by setting the logininfo cookie to "<?php" or "?>", which is present in the password file and probably…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-2297
|
2017-09-29 10:31 |
2008-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257270
|
- |
|
sourceforge
|
web_slider
|
Admin.php in Web Slider 0.6 allows remote attackers to bypass authentication and gain privileges by setting the admin cookie to 1.
|
CWE-287
Improper Authentication
|
CVE-2008-2298
|
2017-09-29 10:31 |
2008-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|