|
260551
|
- |
|
zoph
|
zoph
|
Cross-site scripting (XSS) vulnerability in search.php in Zoph 0.7.2.1 allows remote attackers to inject arbitrary web script or HTML via the _off parameter. NOTE: the provenance of this information…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6838
|
2017-08-17 10:29 |
2009-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260552
|
- |
|
tgs-cms
|
tgs_content_management
|
Multiple cross-site scripting (XSS) vulnerabilities in TGS Content Management 0.3.2r2 allow remote attackers to inject arbitrary web script or HTML via the (1) msg and (2) goodmsg parameters to (a) l…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6839
|
2017-08-17 10:29 |
2009-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260553
|
- |
|
christof_bruyland
|
v-webmail
|
Multiple PHP remote file inclusion vulnerabilities in V-webmail 1.6.4 allow remote attackers to execute arbitrary PHP code via a URL in the (1) CONFIG[pear_dir] parameter to (a) Mail/RFC822.php, (b) …
|
CWE-94
Code Injection
|
CVE-2008-6840
|
2017-08-17 10:29 |
2009-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260554
|
- |
|
preproject
|
pre_asp_job_board
|
Cross-site scripting (XSS) vulnerability in Employee/emp_login.asp in Pre ASP Job Board allows remote attackers to inject arbitrary web script or HTML via the msg parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-6847
|
2017-08-17 10:29 |
2009-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260555
|
- |
|
php-fusion
|
php-fusion
|
Cross-site scripting (XSS) vulnerability in messages.php in PHP-Fusion 6.01.17 and 7.00.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2008-6850
|
2017-08-17 10:29 |
2009-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260556
|
- |
|
editeurscripts
|
esbaseadmin
|
Cross-site scripting (XSS) vulnerability in default/login.php in EditeurScripts EsBaseAdmin 2.1 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: the EsCont…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6868
|
2017-08-17 10:29 |
2009-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260557
|
- |
|
humayun_shabbir_bhutta
|
asp_product_catalog
|
SQL injection vulnerability in default.asp in ASP Product Catalog allows remote attackers to execute arbitrary SQL commands via the cid parameter, a different vector than CVE-2007-5220.
|
CWE-89
SQL Injection
|
CVE-2008-6875
|
2017-08-17 10:29 |
2009-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260558
|
- |
|
editeurscripts
|
espartenaires
|
Cross-site scripting (XSS) vulnerability in login.php in EsPartenaires 1.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: the EsContacts 1.0 issue is cov…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6876
|
2017-08-17 10:29 |
2009-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260559
|
- |
|
rsa
|
envision
|
RSA EnVision 3.5.0, 3.5.1, 3.5.2, and 3.7.0 does not properly restrict access to unspecified user profile functionality, which allows remote attackers to obtain the administrator password hash and co…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6886
|
2017-08-17 10:29 |
2009-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260560
|
- |
|
preprojects
|
pre_classified_listings
|
SQL injection vulnerability in detailad.asp in Pre Classified Listings 1.0 allows remote attackers to execute arbitrary SQL commands via the siteid parameter.
|
CWE-89
SQL Injection
|
CVE-2008-6887
|
2017-08-17 10:29 |
2009-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
