|
260531
|
- |
|
typo3
|
autobeuser
|
SQL injection vulnerability in the auto BE User Registration (autobeuser) extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2008-6459
|
2017-08-17 10:29 |
2009-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260532
|
- |
|
mirko_werner
|
mw_random_objects
|
SQL injection vulnerability in the Simple Random Objects (mw_random_objects) extension 1.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2008-6460
|
2017-08-17 10:29 |
2009-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260533
|
- |
|
fr.simon_rundell
|
ste_prayer2
|
SQL injection vulnerability in the Random Prayer 2 (ste_prayer2) extension before 0.0.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2008-6461
|
2017-08-17 10:29 |
2009-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260534
|
- |
|
kurt_gusbeth
|
myquizpoll
|
SQL injection vulnerability in the My quiz and poll (myquizpoll) extension before 0.1.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2008-6462
|
2017-08-17 10:29 |
2009-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260535
|
- |
|
parallels
|
h-sphere
|
Multiple cross-site scripting (XSS) vulnerabilities in login.php in webshell4 in Parallels H-Sphere 3.0.0 P9 and 3.1 P1 allow remote attackers to inject arbitrary web script or HTML via the (1) err, …
|
CWE-79
Cross-site Scripting
|
CVE-2008-6465
|
2017-08-17 10:29 |
2009-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260536
|
- |
|
clansphere
|
clansphere
|
Multiple unspecified vulnerabilities in ClanSphere before 2008.2.1 allow remote attackers to obtain sensitive information, and possibly have unknown other impact, via vectors related to "javascript i…
|
NVD-CWE-noinfo
|
CVE-2008-6470
|
2017-08-17 10:29 |
2009-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260537
|
- |
|
dotnetblogengine
|
blogengine.net
|
Cross-site scripting (XSS) vulnerability in blog/search.aspx in BlogEngine.NET allows remote attackers to inject arbitrary web script or HTML via the q parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-6476
|
2017-08-17 10:29 |
2009-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260538
|
- |
|
denis_moinel
|
phpgkit
|
PHP remote file inclusion vulnerability in connexion.php in PHPGKit 0.9 allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter. NOTE: the provenance of this i…
|
CWE-94
Code Injection
|
CVE-2008-6491
|
2017-08-17 10:29 |
2009-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260539
|
- |
|
codetoad
|
asp_shopping_cart_script
|
Cross-site scripting (XSS) vulnerability in CodeToad ASP Shopping Cart Script allows remote attackers to inject arbitrary web script or HTML via the query string to the default URI.
|
CWE-79
Cross-site Scripting
|
CVE-2008-6500
|
2017-08-17 10:29 |
2009-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260540
|
- |
|
opensymphony
apache
|
xwork
struts
|
ParametersInterceptor in OpenSymphony XWork 2.0.x before 2.0.6 and 2.1.x before 2.1.2, as used in Apache Struts and other products, does not properly restrict # (pound sign) references to context obj…
|
CWE-20
Improper Input Validation
|
CVE-2008-6504
|
2017-08-17 10:29 |
2009-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
