|
261681
|
- |
|
xen
|
xen
xen_flask_module
|
Heap-based buffer overflow in the flask_security_label function in Xen 3.3, when compiled with the XSM:FLASK module, allows unprivileged domain users (domU) to execute arbitrary code via the flask_op…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-3687
|
2017-08-8 10:32 |
2008-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261682
|
- |
|
amarok
|
amarok
|
The MagnatuneBrowser::listDownloadComplete function in magnatunebrowser/magnatunebrowser.cpp in Amarok before 1.4.10 allows local users to overwrite arbitrary files via a symlink attack on the album_…
|
CWE-59
Link Following
|
CVE-2008-3699
|
2017-08-8 10:32 |
2008-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261683
|
- |
|
kayako
|
supportsuite
|
Multiple cross-site scripting (XSS) vulnerabilities in Kayako SupportSuite 3.20.02 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the sessionid parameter in a lives…
|
CWE-79
Cross-site Scripting
|
CVE-2008-3700
|
2017-08-8 10:32 |
2008-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261684
|
- |
|
kayako
|
supportsuite
|
SQL injection vulnerability in staff/index.php in Kayako SupportSuite 3.20.02 and earlier allows remote authenticated users to execute arbitrary SQL commands via the customfieldlinkid parameter in a …
|
CWE-89
SQL Injection
|
CVE-2008-3701
|
2017-08-8 10:32 |
2008-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261685
|
- |
|
echovnc
|
echovnc
|
Stack-based buffer overflow in the CLogger::WriteFormated function in echoware/Logger.cpp in EchoVNC Linux before 1.1.2 allows remote echoServers to execute arbitrary code via a large (1) group or (2…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-3705
|
2017-08-8 10:32 |
2008-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261686
|
- |
|
hotscripts
|
cyboards_php_lite
|
Multiple PHP remote file inclusion vulnerabilities in CyBoards PHP Lite 1.21 allow remote attackers to execute arbitrary PHP code via a URL in the script_path parameter to (1) flat_read.php, (2) post…
|
CWE-94
Code Injection
|
CVE-2008-3707
|
2017-08-8 10:32 |
2008-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261687
|
- |
|
hotscripts
|
cyboards_php_lite
|
Multiple cross-site scripting (XSS) vulnerabilities in CyBoards PHP Lite 1.21 allow remote attackers to inject arbitrary web script or HTML via the (1) lOptionsOptions, (2) lNavAdminOptions, or (3) l…
|
CWE-79
Cross-site Scripting
|
CVE-2008-3709
|
2017-08-8 10:32 |
2008-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261688
|
- |
|
hotscripts
|
cyboards_php_lite
|
Multiple directory traversal vulnerabilities in CyBoards PHP Lite 1.21 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) script_path par…
|
CWE-22
Path Traversal
|
CVE-2008-3710
|
2017-08-8 10:32 |
2008-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261689
|
- |
|
hotscripts
|
cyboards_php_lite
|
In order to exploit this vulnerability to execute arbitrary code, the attacker would first be required to upload a malicious file or inject arbitrary commands into an existing file and register_globa…
|
CWE-22
Path Traversal
|
CVE-2008-3710
|
2017-08-8 10:32 |
2008-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261690
|
- |
|
awstats
|
awstats
|
Cross-site scripting (XSS) vulnerability in awstats.pl in AWStats 6.8 allows remote attackers to inject arbitrary web script or HTML via the query_string, a different vulnerability than CVE-2006-3681…
|
CWE-79
Cross-site Scripting
|
CVE-2008-3714
|
2017-08-8 10:32 |
2008-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
