|
258711
|
- |
|
phpway
|
kostenloses_linkmanagementscript
|
Multiple PHP remote file inclusion vulnerabilities in PHPWAY Kostenloses Linkmanagementscript allow remote attackers to execute arbitrary PHP code via a URL in the (1) main_page_directory and (2) pag…
|
CWE-94
Code Injection
|
CVE-2008-2270
|
2017-09-29 10:31 |
2008-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258712
|
- |
|
matisbt
|
mantis
|
Cross-site request forgery (CSRF) vulnerability in manage_user_create.php in Mantis 1.1.1 allows remote attackers to create new administrative users via a crafted link.
|
CWE-352
Origin Validation Error
|
CVE-2008-2276
|
2017-09-29 10:31 |
2008-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258713
|
- |
|
cmsnx
|
feedback_and_rating_script
|
SQL injection vulnerability in detail.php in Feedback and Rating Script 1.0 allows remote attackers to execute arbitrary SQL commands via the listingid parameter.
|
CWE-89
SQL Injection
|
CVE-2008-2277
|
2017-09-29 10:31 |
2008-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258714
|
- |
|
freelanceauction
|
freelance_auction_script
|
SQL injection vulnerability in browseproject.php in Freelance Auction Script 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter in a pdetails action.
|
CWE-89
SQL Injection
|
CVE-2008-2278
|
2017-09-29 10:31 |
2008-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258715
|
- |
|
freelance_auction
|
freelance_auction_script
|
Freelance Auction Script 1.0 stores user passwords in plaintext in the tbl_users table, which allows attackers to gain privileges by reading the table.
|
CWE-255
Credentials Management
|
CVE-2008-2279
|
2017-09-29 10:31 |
2008-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258716
|
- |
|
thomas_voecking
|
internet_photoshow
|
admin.php in Internet Photoshow and Internet Photoshow Special Edition (SE) allows remote attackers to bypass authentication by setting the login_admin cookie to true.
|
CWE-287
Improper Authentication
|
CVE-2008-2282
|
2017-09-29 10:31 |
2008-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258717
|
- |
|
idautomation
|
aztec_barcode
datamatrix_barcode
linear_barcode
pdf417_barcode
|
IDAutomation allows remote attackers to overwrite arbitrary files via the argument to the (1) SaveBarCode and (2) SaveEnhWMF methods in (a) the IDAuto.BarCode.1 ActiveX control in IDAutomationLinear6…
|
CWE-20
Improper Input Validation
|
CVE-2008-2283
|
2017-09-29 10:31 |
2008-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258718
|
- |
|
net-snmp
|
net-snmp
|
Buffer overflow in the __snprint_value function in snmp_get in Net-SNMP 5.1.4, 5.2.4, and 5.4.1, as used in SNMP.xs for Perl, allows remote attackers to cause a denial of service (crash) and possibly…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-2292
|
2017-09-29 10:31 |
2008-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258719
|
- |
|
tpvgames
|
mpcs
|
admin.php in Multi-Page Comment System (MPCS) 1.0 and 1.1 allows remote attackers to bypass authentication and gain privileges by setting the CommentSystemAdmin cookie to 1.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-2293
|
2017-09-29 10:31 |
2008-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258720
|
- |
|
mreaves
|
pet_grooming_management_system
|
Pet Grooming Management System 2.0 allows remote attackers to gain privileges via a direct request to useradded.php with a modified user name for "admin."
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-2294
|
2017-09-29 10:31 |
2008-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
