|
258371
|
- |
|
phprisk
|
netrisk
|
NetRisk 1.9.7 does not properly restrict access to admin/change_submit.php, which allows remote attackers to change the password of arbitrary users via a direct request.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7155
|
2017-08-17 10:29 |
2009-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258372
|
- |
|
numarasoftware
|
footprints
|
Numara FootPrints 7.5a through 7.5a1 and 8.0 through 8.0a allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) transcriptFile parameter to MRcgi/MRchat.pl or (2) …
|
CWE-78
OS Command
|
CVE-2008-7158
|
2017-08-17 10:29 |
2009-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258373
|
- |
|
silcnet
|
silc_toolkit
|
The silc_asn1_encoder function in lib/silcasn1/silcasn1_encode.c in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.8 allows remote attackers to overwrite a stack location and possibly ex…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2008-7159
|
2017-08-17 10:29 |
2009-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258374
|
- |
|
heroshare
|
hero_super_player_3000
|
Buffer overflow in Hero Super Player 3000 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long filename in a .M3U file. NOTE: this might be rel…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-7162
|
2017-08-17 10:29 |
2009-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258375
|
- |
|
ryo-oh-ki
|
shareaza
|
Multiple unspecified vulnerabilities in Shareaza before 2.3.1.0 have unknown impact and attack vectors related to "very important security fixes," possibly involving update notifications and a domain…
|
NVD-CWE-noinfo
|
CVE-2008-7164
|
2017-08-17 10:29 |
2009-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258376
|
- |
|
uusee
|
uusee
uuupgrade.ocx
|
Insecure method vulnerability in the UUSee UUUpgrade ActiveX control (UUUpgrade.ocx 3.0.2.12) allows remote attackers to force the download and overwrite of arbitrary files via crafted arguments to t…
|
NVD-CWE-Other
|
CVE-2008-7168
|
2017-08-17 10:29 |
2009-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258377
|
- |
|
evacms
|
eva_cms
|
PHP remote file inclusion vulnerability in eva/index.php in EVA CMS 2.3.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the eva[caminho] parame…
|
CWE-94
Code Injection
|
CVE-2008-7183
|
2017-08-17 10:29 |
2009-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258378
|
- |
|
fujitsu
|
interstage_application_server
|
Unspecified vulnerability in Fujitsu Interstage HTTP Server, as used in Interstage Application Server 5.0, 7.0, 7.0.1, and 8.0.0 for Windows, allows attackers to cause a denial of service via a craft…
|
NVD-CWE-noinfo
|
CVE-2008-7194
|
2017-08-17 10:29 |
2009-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258379
|
- |
|
fujitsu
|
interstage_application_server
|
Unspecified vulnerability in Fujitsu Interstage HTTP Server, as used in Interstage Application Server Enterprise Edition 7.0.1 for Solaris, allows attackers to cause a denial of service via unknown v…
|
NVD-CWE-noinfo
|
CVE-2008-7195
|
2017-08-17 10:29 |
2009-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258380
|
- |
|
virtuemart
|
virtuemart
|
Cross-site request forgery (CSRF) vulnerability in VirtueMart 1.0.13a and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
|
CWE-352
Origin Validation Error
|
CVE-2008-7204
|
2017-08-17 10:29 |
2009-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
