|
256741
|
- |
|
codeavalanche
|
ratemysite
|
CodeAvalanche RateMySite stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator pas…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-5896
|
2017-09-29 10:32 |
2009-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256742
|
- |
|
codeavalanche
|
freewallpaper
|
CodeAvalanche FreeWallpaper stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-5897
|
2017-09-29 10:32 |
2009-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256743
|
- |
|
codeavalanche
|
directory
|
CodeAvalanche Directory stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator pass…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-5898
|
2017-09-29 10:32 |
2009-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256744
|
- |
|
codeavalanche
|
freeforall
|
CodeAvalanche FreeForAll stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator pas…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-5899
|
2017-09-29 10:32 |
2009-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256745
|
- |
|
codeavalanche
|
articles
|
CodeAvalanche Articles stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator passw…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-5900
|
2017-09-29 10:32 |
2009-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256746
|
- |
|
iyziforum
|
iyzi_forum
|
iyzi Forum 1.0 beta 3 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing a password via a direct …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-5901
|
2017-09-29 10:32 |
2009-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256747
|
- |
|
mozilla
|
firefox
seamonkey
|
The Math.random function in the JavaScript implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, uses a random number generator that is seeded only…
|
NVD-CWE-Other
|
CVE-2008-5913
|
2017-09-29 10:32 |
2009-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256748
|
- |
|
tigris
|
websvn
|
Cross-site scripting (XSS) vulnerability in the getParameterisedSelfUrl function in index.php in WebSVN 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INF…
|
CWE-79
Cross-site Scripting
|
CVE-2008-5918
|
2017-09-29 10:32 |
2009-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256749
|
- |
|
tigris
|
websvn
|
Directory traversal vulnerability in rss.php in WebSVN 2.0 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to overwrite arbitrary files via directory traversal sequences in th…
|
CWE-22
Path Traversal
|
CVE-2008-5919
|
2017-09-29 10:32 |
2009-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256750
|
- |
|
tigris
|
websvn
|
The create_anchors function in utils.inc in WebSVN 1.x allows remote attackers to execute arbitrary PHP code via a crafted username that is processed by the preg_replace function with the eval switch.
|
CWE-94
Code Injection
|
CVE-2008-5920
|
2017-09-29 10:32 |
2009-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
