|
260601
|
- |
|
opennms
|
opennms
|
Cross-site scripting (XSS) vulnerability in surveillanceView.htm in OpenNMS 1.5.94 allows remote attackers to inject arbitrary web script or HTML via the viewName parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-6095
|
2017-08-8 10:33 |
2009-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260602
|
- |
|
wikyblog
|
wikyblog
|
Multiple cross-site scripting (XSS) vulnerabilities in WikyBlog before 1.7.1 allow remote attackers to inject arbitrary web script or HTML via the (1) key parameter to index.php/Special/Main/keywordS…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6097
|
2017-08-8 10:33 |
2009-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260603
|
- |
|
mozilla
|
bugzilla
|
Bugzilla 3.2 before 3.2 RC2, 3.0 before 3.0.6, 2.22 before 2.22.6, 2.20 before 2.20.7, and other versions after 2.17.4 allows remote authenticated users to bypass moderation to approve and disapprove…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6098
|
2017-08-8 10:33 |
2009-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260604
|
- |
|
a4desk
|
a4desk_flash_event_calendar
|
PHP remote file inclusion vulnerability in index.php in A4Desk Event Calendar, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the v parameter.
|
CWE-94
Code Injection
|
CVE-2008-6103
|
2017-08-8 10:33 |
2009-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260605
|
- |
|
linux
|
linux_kernel
|
The (1) sys32_mremap function in arch/sparc64/kernel/sys_sparc32.c, the (2) sparc_mmap_check function in arch/sparc/kernel/sys_sparc.c, and the (3) sparc64_mmap_check function in arch/sparc64/kernel/…
|
CWE-399
Resource Management Errors
|
CVE-2008-6107
|
2017-08-8 10:33 |
2009-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260606
|
- |
|
shelter_manager
|
animal_shelter_manager
|
Robin Rawson-Tetley Animal Shelter Manager (ASM) before 2.2.2 does not properly enforce the privileges of user accounts, which allows local users to bypass intended access restrictions by (1) opening…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6109
|
2017-08-8 10:33 |
2009-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260607
|
- |
|
semanticscuttle
|
semanticscuttle
|
Cross-site scripting (XSS) vulnerability in SemanticScuttle before 0.90 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to the (1) username and (2) pro…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6113
|
2017-08-8 10:33 |
2009-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260608
|
- |
|
goople_cms
|
goople_cms
|
Static code injection vulnerability in gooplecms/admin/account/action/editpass.php in Goople CMS 1.7 allows remote attackers to inject arbitrary PHP code into admin/userandpass.php via the (1) userna…
|
CWE-20
Improper Input Validation
|
CVE-2008-6119
|
2017-08-8 10:33 |
2009-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260609
|
- |
|
socialengine
|
socialengine
|
SQL injection vulnerability in profile_comments.php in SocialEngine (SE) 2.7 and earlier allows remote attackers to execute arbitrary SQL commands via the comment_secure parameter.
|
CWE-89
SQL Injection
|
CVE-2008-6120
|
2017-08-8 10:33 |
2009-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260610
|
- |
|
socialengine
|
socialengine
|
CRLF injection vulnerability in SocialEngine (SE) 2.7 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the PHPSESSID cookie.
|
CWE-20
Improper Input Validation
|
CVE-2008-6121
|
2017-08-8 10:33 |
2009-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
