|
260711
|
- |
|
apple
|
safari
|
Apple Safari sends Referer headers containing https URLs to different https web sites, which allows remote attackers to obtain potentially sensitive information by reading Referer log data.
|
CWE-200
Information Exposure
|
CVE-2008-3171
|
2017-08-8 10:31 |
2008-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260712
|
- |
|
opera
|
opera
|
Opera allows web sites to set cookies for country-specific top-level domains that have DNS A records, such as co.tv, which could allow remote attackers to perform a session fixation attack and hijack…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-3172
|
2017-08-8 10:31 |
2008-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260713
|
- |
|
sophos
|
es1000
es4000
sophos_anti-virus
sophos_puremessage_anti-virus
|
Sophos virus detection engine 2.75 on Linux and Unix, as used in Sophos Email Appliance, Pure Message for Unix, and Sophos Anti-Virus Interface (SAVI), allows remote attackers to cause a denial of se…
|
CWE-16
Configuration
|
CVE-2008-3177
|
2017-08-8 10:31 |
2008-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260714
|
- |
|
chipmunk_scripts
|
chipmunk_blogger
|
Multiple cross-site scripting (XSS) vulnerabilities in Chipmunk Blog (Blogger) allow remote attackers to inject arbitrary web script or HTML via the membername parameter to (1) members.php, (2) comme…
|
CWE-79
Cross-site Scripting
|
CVE-2008-3186
|
2017-08-8 10:31 |
2008-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260715
|
- |
|
opensuse
|
zypper
|
zypp-refresh-patches in zypper in SUSE openSUSE 10.2, 10.3, and 11.0 does not ask the user before accepting repository keys, which allows remote repositories to cause a denial of service (package dat…
|
CWE-20
Improper Input Validation
|
CVE-2008-3187
|
2017-08-8 10:31 |
2008-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260716
|
- |
|
phpmyadmin
|
phpmyadmin
|
Cross-site request forgery (CSRF) vulnerability in phpMyAdmin before 2.11.7.1 allows remote attackers to perform unauthorized actions via a link or IMG tag to (1) the db parameter in the "Creating a …
|
CWE-352
Origin Validation Error
|
CVE-2008-3197
|
2017-08-8 10:31 |
2008-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260717
|
- |
|
mozilla
|
firefox
|
Mozilla Firefox 3.x before 3.0.1 allows remote attackers to inject arbitrary web script into a chrome document via unspecified vectors, as demonstrated by injection into a XUL error page. NOTE: this…
|
CWE-94
Code Injection
|
CVE-2008-3198
|
2017-08-8 10:31 |
2008-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260718
|
- |
|
resiprocate
|
resiprocate
|
Multiple unspecified vulnerabilities in ReSIProcate before 1.3.4 allow remote attackers to cause a denial of service (stack consumption) via unknown network traffic with a large "bytes-in-memory/byte…
|
CWE-20
Improper Input Validation
|
CVE-2008-3199
|
2017-08-8 10:31 |
2008-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260719
|
- |
|
pagefusion
|
pagefusion
|
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Pagefusion 1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) acct_fname and (2) acct_lname parameters i…
|
CWE-79
Cross-site Scripting
|
CVE-2008-3201
|
2017-08-8 10:31 |
2008-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260720
|
- |
|
xomol
|
xomol_cms
|
Cross-site scripting (XSS) vulnerability in index.php in Xomol CMS 1.2 allows remote attackers to inject arbitrary web script or HTML via the current_url parameter in a tellafriend action. NOTE: the…
|
CWE-79
Cross-site Scripting
|
CVE-2008-3202
|
2017-08-8 10:31 |
2008-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
