|
260571
|
- |
|
intelliants
|
esyndicat
|
Multiple cross-site scripting (XSS) vulnerabilities in register.php in eSyndiCat Directory 2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) username, (2) email, (3) passw…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6924
|
2017-08-17 10:29 |
2009-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260572
|
- |
|
zenphoto
|
zenphoto
|
Cross-site scripting (XSS) vulnerability in function.php in Zenphoto 1.1.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in the "request logging" feature. NO…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6925
|
2017-08-17 10:29 |
2009-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260573
|
- |
|
jabber
|
exodus
|
Argument injection vulnerability in Exodus 0.10 allows remote attackers to inject arbitrary command line arguments, overwrite arbitrary files, and cause a denial of service via encoded spaces in an x…
|
CWE-94
Code Injection
|
CVE-2008-6937
|
2017-08-17 10:29 |
2009-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260574
|
- |
|
icdevgroup
|
interchange
|
Multiple cross-site scripting (XSS) vulnerabilities in Interchange 5.7 before 5.7.1, 5.6 before 5.6.1, and 5.4 before 5.4.3 allow remote attackers to inject arbitrary web script or HTML via (1) the m…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6945
|
2017-08-17 10:29 |
2009-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260575
|
- |
|
michael_dehaan
|
cobbler
|
The web interface (CobblerWeb) in Cobbler before 1.2.9 allows remote authenticated users to execute arbitrary Python code in cobblerd by editing a Cheetah kickstart template to import arbitrary Pytho…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6954
|
2017-08-17 10:29 |
2009-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260576
|
- |
|
avira
|
antivir
antivir_personal
antivir_professional
antivir_security_suite
|
Avira AntiVir Premium, Premium Security Suite, AntiVir Professional, and AntiVir Personal - FREE allows local users to execute arbitrary code via a crafted IOCTL request that overwrites a kernel poin…
|
CWE-20
Improper Input Validation
|
CVE-2008-6962
|
2017-08-17 10:29 |
2009-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260577
|
- |
|
alt-n
|
mdaemon
worldclient
|
Multiple unspecified vulnerabilities in WorldClient in Alt-N MDaemon before 10.02 have unknown impact and attack vectors, probably related to cross-site scripting (XSS) and WorldClient DLL 10.0.1, a …
|
NVD-CWE-noinfo
|
CVE-2008-6967
|
2017-08-17 10:29 |
2009-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260578
|
- |
|
pligg
|
pligg_cms
|
Multiple SQL injection vulnerabilities in submit.php in Pligg CMS 9.9.5 allow remote attackers to execute arbitrary SQL commands via the (1) category and (2) id parameters.
|
CWE-89
SQL Injection
|
CVE-2008-6968
|
2017-08-17 10:29 |
2009-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260579
|
- |
|
pentasoft_corp.
|
avactis_shopping_cart
|
Multiple cross-site scripting (XSS) vulnerabilities in checkout.php in Avactis Shopping Cart 1.8.0 and 1.8.1 allow remote attackers to inject arbitrary web script or HTML via the (1) step_id and (2) …
|
CWE-79
Cross-site Scripting
|
CVE-2008-6969
|
2017-08-17 10:29 |
2009-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260580
|
- |
|
ubbcentral
|
ubb.threads
|
SQL injection vulnerability in dosearch.inc.php in UBB.threads 7.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the Forum[] array parameter.
|
CWE-89
SQL Injection
|
CVE-2008-6970
|
2017-08-17 10:29 |
2009-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
