|
260441
|
- |
|
e107
|
e107
|
Cross-site scripting (XSS) vulnerability in submitnews.php in e107 CMS 0.7.11 allows remote attackers to inject arbitrary web script or HTML via the (1) author_name, (2) itemtitle, and (3) item param…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6208
|
2017-08-17 10:29 |
2009-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260442
|
- |
|
mcgallerypro
|
mcgallery
|
Multiple cross-site scripting (XSS) vulnerabilities in PhpForums.net mcGallery 1.1 allow remote attackers to inject arbitrary web script or HTML via the lang parameter to (1) admin.php, (2) index.php…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6211
|
2017-08-17 10:29 |
2009-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260443
|
- |
|
php-stats
|
php-stats
|
Cross-site scripting (XSS) vulnerability in admin.php in Php-Stats 0.1.9.1 allows remote attackers to inject arbitrary web script or HTML via the (1) sel_mese and (2) sel_anno parameters in a systems…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6212
|
2017-08-17 10:29 |
2009-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260444
|
- |
|
extrakt
|
extrakt_framework
|
Cross-site scripting (XSS) vulnerability in index.php in Extrakt Framework 0.7 allows remote attackers to inject arbitrary web script or HTML via the plugins[file][id] parameter. NOTE: the provenanc…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6217
|
2017-08-17 10:29 |
2009-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260445
|
- |
|
drupal
|
content_construction_kit
|
Cross-site scripting (XSS) vulnerability in the administrative interface in Drupal Content Construction Kit (CCK) 5.x before 5.x-1.10 and 6.x before 6.x-2.0, a module for Drupal, allows remote authen…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6229
|
2017-08-17 10:29 |
2009-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260446
|
- |
|
cafuego
|
simple_document_management_system
|
SQL injection vulnerability in login.php in Simple Document Management System (SDMS) 1.1.5 and 1.1.4, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the login par…
|
CWE-89
SQL Injection
|
CVE-2008-6236
|
2017-08-17 10:29 |
2009-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260447
|
- |
|
openedit
|
openedit_digital_asset_management
|
Cross-site scripting (XSS) vulnerability in archive/savedqueries/savequeryfinish.html in OpenEdit Digital Asset Management (DAM) before 5.2014 allows remote attackers to inject arbitrary web script o…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6238
|
2017-08-17 10:29 |
2009-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260448
|
- |
|
openedit
|
openedit_digital_asset_management
|
Cross-site request forgery (CSRF) vulnerability in OpenEdit Digital Asset Management (DAM) before 5.2014 allows remote attackers to perform unspecified actions as arbitrary users via unknown vectors.
|
CWE-352
Origin Validation Error
|
CVE-2008-6239
|
2017-08-17 10:29 |
2009-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260449
|
- |
|
openedit
|
openedit_digital_asset_management
|
Cross-site scripting (XSS) vulnerability in data/views/index.html in OpenEdit Digital Asset Management (DAM) before 5.2014 allows remote attackers to inject arbitrary web script or HTML via the catal…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6240
|
2017-08-17 10:29 |
2009-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260450
|
- |
|
infireal
|
saturncms
|
SQL injection vulnerability in lib/url/meta_url.php in SaturnCMS allows remote attackers to execute arbitrary SQL commands via the URL to the translate function. NOTE: the provenance of this informa…
|
CWE-89
SQL Injection
|
CVE-2008-6262
|
2017-08-17 10:29 |
2009-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
