|
263641
|
- |
|
jv2
|
quick_gallery
|
Cross-site scripting (XSS) vulnerability in index.php in JV2 Quick Gallery 1.1 allows remote attackers to inject arbitrary web script or HTML via the f parameter. NOTE: the provenance of this inform…
|
CWE-79
Cross-site Scripting
|
CVE-2008-1636
|
2017-08-8 10:30 |
2008-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263642
|
- |
|
nik_software_inc
|
nik_sharpener_pro
|
Nik Sharpener Pro, possibly 2.0, uses world-writable permissions for plug-in files, which allows local users to gain privileges by replacing a plug-in with a Trojan horse.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-1638
|
2017-08-8 10:30 |
2008-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263643
|
- |
|
savas_place
|
savas_guestbook
|
Directory traversal vulnerability in index.php in Sava's GuestBook 2.0 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the action parameter. …
|
CWE-22
Path Traversal
|
CVE-2008-1642
|
2017-08-8 10:30 |
2008-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263644
|
- |
|
landesk_software
|
landesk_management_suite
|
Directory traversal vulnerability in the PXE TFTP Service (PXEMTFTP.exe) in LANDesk Management Suite (LDMS) 8.7 SP5 and earlier and 8.8 allows remote attackers to read arbitrary files via unspecified…
|
CWE-22
Path Traversal
|
CVE-2008-1643
|
2017-08-8 10:30 |
2008-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263645
|
- |
|
savas_place
|
savas_link_manager
|
SQL injection vulnerability in viewlinks.php in Sava's Link Manager 2.0 allows remote attackers to execute arbitrary SQL commands via the category parameter. NOTE: the provenance of this information…
|
CWE-89
SQL Injection
|
CVE-2008-1644
|
2017-08-8 10:30 |
2008-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263646
|
- |
|
sympa
|
sympa
|
Sympa before 5.4 allows remote attackers to cause a denial of service (daemon crash) via an e-mail message with a malformed value of the Content-Type header and unspecified other headers. NOTE: some…
|
CWE-20
Improper Input Validation
|
CVE-2008-1648
|
2017-08-8 10:30 |
2008-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263647
|
- |
|
perlbal
|
perlbal
|
Directory traversal vulnerability in the _serve_request_multiple function in lib/Perlbal/ClientHTTPBase.pm in Perlbal before 1.70, when concat get is enabled, allows remote attackers to read arbitrar…
|
CWE-22
Path Traversal
|
CVE-2008-1652
|
2017-08-8 10:30 |
2008-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263648
|
- |
|
savas_place
|
savas_link_manager
|
Directory traversal vulnerability in index.php in Sava's Link Manager 2.0 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the q parameter. N…
|
CWE-22
Path Traversal
|
CVE-2008-1653
|
2017-08-8 10:30 |
2008-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263649
|
- |
|
adobe
|
coldfusion
|
Adobe ColdFusion 8 and 8.0.1 does not properly implement the public access level for CFC methods, which allows remote attackers to invoke these methods via Flex 2 remoting, a different vulnerability …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-1656
|
2017-08-8 10:30 |
2008-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263650
|
- |
|
hp
|
storageworks_storage_mirroring
|
Stack-based buffer overflow in DoubleTake.exe in HP StorageWorks Storage Mirroring (SWSM) before 4.5 SP2 allows remote attackers to execute arbitrary code via a crafted encoded authentication request.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-1661
|
2017-08-8 10:30 |
2008-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
