|
256741
|
- |
|
aspsiteware
|
autodealer
|
Multiple SQL injection vulnerabilities in ASP SiteWare autoDealer 1 and 2 allow remote attackers to execute arbitrary SQL commands via the iType parameter in (1) Auto1/type.asp or (2) auto2/type.asp.
|
CWE-89
SQL Injection
|
CVE-2008-6874
|
2017-09-29 10:33 |
2009-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256742
|
- |
|
joompolitan
|
com_livechat
|
Multiple SQL injection vulnerabilities in the Live Chat (com_livechat) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the last parameter to (1) getChat.php, (2…
|
CWE-89
SQL Injection
|
CVE-2008-6881
|
2017-09-29 10:33 |
2009-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256743
|
- |
|
joompolitan
|
com_livechat
|
Live Chat (com_livechat) component 1.0 for Joomla! allows remote attackers to use the xmlhttp.php script as an open HTTP proxy to hide network scanning activities or scan internal networks via a GET …
|
CWE-20
Improper Input Validation
|
CVE-2008-6882
|
2017-09-29 10:33 |
2009-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256744
|
- |
|
joompolitan
|
com_livechat
|
SQL injection vulnerability in the Live Chat (com_livechat) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the last parameter to getChatRoom.php. NOTE: the p…
|
CWE-89
SQL Injection
|
CVE-2008-6883
|
2017-09-29 10:33 |
2009-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256745
|
- |
|
xoops
|
xoops
|
Multiple directory traversal vulnerabilities in XOOPS 2.3.1, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the xoopsConfi…
|
CWE-22
Path Traversal
|
CVE-2008-6884
|
2017-09-29 10:33 |
2009-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256746
|
- |
|
activewebsoftwares
|
aspreferral
|
SQL injection vulnerability in Merchantsadd.asp in ASPReferral 5.3 allows remote attackers to execute arbitrary SQL commands via the AccountID parameter.
|
CWE-89
SQL Injection
|
CVE-2008-6889
|
2017-09-29 10:33 |
2009-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256747
|
- |
|
peel
|
peel
|
SQL injection vulnerability in lire/index.php in Peel 3.1 allows remote attackers to execute arbitrary SQL commands via the rubid parameter. NOTE: this might be the same issue as CVE-2005-3572.
|
CWE-89
SQL Injection
|
CVE-2008-6892
|
2017-09-29 10:33 |
2009-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256748
|
- |
|
andres_garcia
|
getleft
|
Multiple buffer overflows in Getleft.exe in Andres Garcia Getleft 1.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) "a" HTML tag; a lo…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-6897
|
2017-09-29 10:33 |
2009-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256749
|
- |
|
saschart
|
sascam_webcam_server
|
Buffer overflow in the XHTTP Module 4.1.0.0 in the ActiveX control for SaschArt SasCam Webcam Server 2.6.5 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-6898
|
2017-09-29 10:33 |
2009-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256750
|
- |
|
availscript
|
availscript_article_script
|
Unrestricted file upload vulnerability in "Add Pen/Author Name" feature in addpen.php in AvailScript Article Script allows remote authenticated users to execute arbitrary code by uploading a file wit…
|
CWE-94
Code Injection
|
CVE-2008-6900
|
2017-09-29 10:33 |
2009-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
