|
256791
|
- |
|
bigace
|
bigace
|
Multiple PHP remote file inclusion vulnerabilities in BigACE 2.4, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) GLOBALS[_BIGACE][DIR][add…
|
CWE-94
Code Injection
|
CVE-2008-2520
|
2017-09-29 10:31 |
2008-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256792
|
- |
|
yabsoft
|
mega_file_hosting_script
|
SQL injection vulnerability in members.php in YABSoft Mega File Hosting Script (aka MFH or MFHS) 1.2 allows remote authenticated users to execute arbitrary SQL commands via the fid parameter.
|
CWE-89
SQL Injection
|
CVE-2008-2521
|
2017-09-29 10:31 |
2008-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256793
|
- |
|
haudenschilt
|
battlenet_clan_script
|
SQL injection vulnerability in members.php in Battle.net Clan Script for PHP 1.5.3 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the sh…
|
CWE-89
SQL Injection
|
CVE-2008-2522
|
2017-09-29 10:31 |
2008-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256794
|
- |
|
advanced_links_management
|
advanced_links_management
|
SQL injection vulnerability in read.php in Advanced Links Management (ALM) 1.5.2 allows remote attackers to execute arbitrary SQL commands via the catId parameter.
|
CWE-89
SQL Injection
|
CVE-2008-2529
|
2017-09-29 10:31 |
2008-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256795
|
- |
|
quickupcms
|
quickupcms
|
Multiple SQL injection vulnerabilities in Concepts & Solutions QuickUpCMS allow remote attackers to execute arbitrary SQL commands via the (1) nr parameter to (a) frontend/news.php, the (2) id parame…
|
CWE-89
SQL Injection
|
CVE-2008-2530
|
2017-09-29 10:31 |
2008-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256796
|
- |
|
aj_square
|
aj_hyip
|
SQL injection vulnerability in forum/topic_detail.php in AJ Square aj-hyip (aka AJ HYIP Acme) allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2008-2532
|
2017-09-29 10:31 |
2008-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256797
|
- |
|
fkrauthan
|
phoenix_view_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in Phoenix View CMS Pre Alpha2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) ltarget parameter to (a) admin…
|
CWE-79
Cross-site Scripting
|
CVE-2008-2533
|
2017-09-29 10:31 |
2008-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256798
|
- |
|
fkrauthan
|
phoenix_view_cms
|
Directory traversal vulnerability in admin/admin_frame.php in Phoenix View CMS Pre Alpha2 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lt…
|
CWE-22
Path Traversal
|
CVE-2008-2534
|
2017-09-29 10:31 |
2008-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256799
|
- |
|
fkrauthan
|
phoenix_view_cms
|
Multiple SQL injection vulnerabilities in Phoenix View CMS Pre Alpha2 and earlier allow remote attackers to execute arbitrary SQL commands via the del parameter to (1) gbuch.admin.php, (2) links.admi…
|
CWE-89
SQL Injection
|
CVE-2008-2535
|
2017-09-29 10:31 |
2008-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256800
|
- |
|
yabsoft
|
advanced_image_hosting_script
|
SQL injection vulnerability in out.php in YABSoft Advanced Image Hosting (AIH) Script 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the t parameter.
|
CWE-89
SQL Injection
|
CVE-2008-2536
|
2017-09-29 10:31 |
2008-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
