|
256591
|
- |
|
katywhitton
|
rankem
|
SQL injection vulnerability in rankup.asp in Katy Whitton RankEm allows remote attackers to execute arbitrary SQL commands via the siteID parameter.
|
CWE-89
SQL Injection
|
CVE-2008-5588
|
2017-09-29 10:32 |
2008-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256592
|
- |
|
katywhitton
|
rankem
|
SQL injection vulnerability in processlogin.asp in Katy Whitton RankEm allows remote attackers to execute arbitrary SQL commands via the (1) txtusername parameter (aka username field) or the (2) txtp…
|
CWE-89
SQL Injection
|
CVE-2008-5589
|
2017-09-29 10:32 |
2008-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256593
|
- |
|
kalptaru_infotech
|
product_sale_framework
|
SQL injection vulnerability in customer.forumtopic.php in Kalptaru Infotech Product Sale Framework 0.1 beta allows remote attackers to execute arbitrary SQL commands via the forum_topic_id parameter.
|
CWE-89
SQL Injection
|
CVE-2008-5590
|
2017-09-29 10:32 |
2008-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256594
|
- |
|
iwrite
|
nightfall_personal_diary
|
Cross-site scripting (XSS) vulnerability in login.asp in Nightfall Personal Diary 1.0 allows remote attackers to inject arbitrary web script or HTML via the username parameter and possibly other "log…
|
CWE-79
Cross-site Scripting
|
CVE-2008-5591
|
2017-09-29 10:32 |
2008-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256595
|
- |
|
iwrite
|
nightfall_personal_diary
|
Nightfall Personal Diary 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for use…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-5592
|
2017-09-29 10:32 |
2008-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256596
|
- |
|
bpowerhouse
|
mini_cms
|
Multiple directory traversal vulnerabilities in index.php in Mini CMS 1.0.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) page and (2) admin parame…
|
CWE-22
Path Traversal
|
CVE-2008-5593
|
2017-09-29 10:32 |
2008-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256597
|
- |
|
bpowerhouse
|
mini_blog
|
Multiple directory traversal vulnerabilities in index.php in Mini Blog 1.0.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) page and (2) admin param…
|
CWE-22
Path Traversal
|
CVE-2008-5594
|
2017-09-29 10:32 |
2008-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256598
|
- |
|
aspapps
|
asp_autodealer
|
SQL injection vulnerability in detail.asp in ASP AutoDealer allows remote attackers to execute arbitrary SQL commands via the ID parameter.
|
CWE-89
SQL Injection
|
CVE-2008-5595
|
2017-09-29 10:32 |
2008-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256599
|
- |
|
dotnetindex
|
ikon_admanager
|
Ikon AdManager 2.1 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for i…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-5596
|
2017-09-29 10:32 |
2008-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256600
|
- |
|
cold_bbs
|
cold_bbs
|
Cold BBS stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for db/cforum.mdb.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-5597
|
2017-09-29 10:32 |
2008-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
