|
259011
|
- |
|
easy-script
|
wysi_wiki_wyg
|
Directory traversal vulnerability in index.php in Easy-Script Wysi Wiki Wyg 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the c parameter.
|
CWE-22
Path Traversal
|
CVE-2008-3205
|
2017-09-29 10:31 |
2008-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259012
|
- |
|
pragyan
|
praygan_cms
|
PHP remote file inclusion vulnerability in cms/modules/form.lib.php in Pragyan CMS 2.6.2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the (1) …
|
CWE-94
Code Injection
|
CVE-2008-3207
|
2017-09-29 10:31 |
2008-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259013
|
- |
|
blackice
|
black_ice_document_imaging_sdk
|
Heap-based buffer overflow in the OpenGifFile function in BiGif.dll in Black Ice Document Imaging SDK 10.95 allows remote attackers to execute arbitrary code via a long string argument to the GetNumb…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-3209
|
2017-09-29 10:31 |
2008-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259014
|
- |
|
resiprocate
|
resiprocate
|
rutil/dns/DnsStub.cxx in ReSIProcate 1.3.2, as used by repro, allows remote attackers to cause a denial of service (daemon crash) via a SIP (1) INVITE or (2) OPTIONS message with a long domain name i…
|
CWE-20
Improper Input Validation
|
CVE-2008-3210
|
2017-09-29 10:31 |
2008-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259015
|
- |
|
scripteen
|
free_image_hosting_script
|
Scripteen Free Image Hosting Script 1.2 and 1.2.1 allows remote attackers to bypass authentication and gain administrative access by setting the cookid cookie value to 1.
|
CWE-287
Improper Authentication
|
CVE-2008-3211
|
2017-09-29 10:31 |
2008-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259016
|
- |
|
webcms
|
webcms_portal_edition
|
SQL injection vulnerability in secciones/tablon/tablon.php in WebCMS Portal Edition allows remote attackers to execute arbitrary SQL commands via the id parameter to portal/index.php in a tablon acti…
|
CWE-89
SQL Injection
|
CVE-2008-3213
|
2017-09-29 10:31 |
2008-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259017
|
- |
|
openbsd
|
openssh
|
sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH snapshot, allows remote authenticated users to obtain access to arbitrary SELinux roles by appending a :/ (colon slash) sequence, follo…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-3234
|
2017-09-29 10:31 |
2008-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259018
|
- |
|
itechscripts
|
itechbids
|
Cross-site scripting (XSS) vulnerability in forward_to_friend.php in ITechBids 7.0 Gold allows remote attackers to inject arbitrary web script or HTML via the productid parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-3237
|
2017-09-29 10:31 |
2008-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259019
|
- |
|
itechscripts
|
itechbids
|
Multiple SQL injection vulnerabilities in ITechBids 7.0 Gold allow remote attackers to execute arbitrary SQL commands via (1) the seller_id parameter in sellers_othersitem.php, (2) the productid para…
|
CWE-89
SQL Injection
|
CVE-2008-3238
|
2017-09-29 10:31 |
2008-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259020
|
- |
|
phpizabi
|
phpizabi
|
Unrestricted file upload vulnerability in the writeLogEntry function in system/v_cron_proc.php in PHPizabi 0.848b C1 HFP1, when register_globals is enabled, allows remote attackers to upload and exec…
|
CWE-20
Improper Input Validation
|
CVE-2008-3239
|
2017-09-29 10:31 |
2008-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
