|
260481
|
- |
|
ott
|
phpcksec
|
Cross-site scripting (XSS) vulnerability in phpcksec.php in Stefan Ott phpcksec 0.2 allows remote attackers to inject arbitrary web script or HTML via the path parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-6609
|
2017-08-17 10:29 |
2009-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260482
|
- |
|
ott
|
phpcksec
|
Absolute path traversal vulnerability in phpcksec.php in Stefan Ott phpcksec 0.2.0 allows remote attackers to list arbitrary directories and read arbitrary files via a full pathname in the file param…
|
CWE-22
Path Traversal
|
CVE-2008-6610
|
2017-08-17 10:29 |
2009-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260483
|
- |
|
zen-cart
|
zen_cart
|
SQL injection vulnerability in index.php in Zen Software Zen Cart 2008 allows remote attackers to execute arbitrary SQL commands via the keyword parameter in the advanced_search_result page. NOTE: t…
|
CWE-89
SQL Injection
|
CVE-2008-6615
|
2017-08-17 10:29 |
2009-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260484
|
- |
|
zen-cart
|
zen_cart
|
Cross-site scripting (XSS) vulnerability in index.php in Zen Software Zen Cart 2008 allows remote attackers to inject arbitrary web script or HTML via the keyword parameter in the advanced_search_res…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6616
|
2017-08-17 10:29 |
2009-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260485
|
- |
|
grafxsoftware
|
minicwb
|
Multiple cross-site scripting (XSS) vulnerabilities in javascript/editor/editor/filemanager/browser/mcpuk/connectors/php/connector.php in GraFX miniCWB 2.1.1 and earlier allow remote attackers to inj…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6620
|
2017-08-17 10:29 |
2009-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260486
|
- |
|
typo3
|
wt_gallery
|
Directory traversal vulnerability in the wt_gallery extension 2.5.0 and earlier for TYPO3 allows remote attackers to read arbitrary image files and determine directory structure via unspecified vecto…
|
CWE-22
Path Traversal
|
CVE-2008-6630
|
2017-08-17 10:29 |
2009-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260487
|
- |
|
blogphp
|
blogphp
|
Multiple cross-site scripting (XSS) vulnerabilities in index.php in BlogPHP 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) user parameter in a sendmessage action and th…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6631
|
2017-08-17 10:29 |
2009-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260488
|
- |
|
libraryvideocompany
|
safari_montage
|
Multiple cross-site scripting (XSS) vulnerabilities in forgotPW.php in Library Video Company SAFARI Montage 3.1.x allow remote attackers to inject arbitrary web script or HTML via the (1) school and …
|
CWE-79
Cross-site Scripting
|
CVE-2008-6637
|
2017-08-17 10:29 |
2009-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260489
|
- |
|
ajaxplorer
|
ajaxplorer
|
Cross-site request forgery (CSRF) vulnerability in admin.php in AjaXplorer 2.3.3 and 2.3.4 allows remote attackers to hijack the authentication of administrators for requests that modify passwords vi…
|
CWE-352
Origin Validation Error
|
CVE-2008-6639
|
2017-08-17 10:29 |
2009-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260490
|
- |
|
aspindir
|
batmanportal
|
Multiple SQL injection vulnerabilities in BatmanPorTaL allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) uyeadmin.asp and (2) profil.asp. NOTE: the provenance of t…
|
CWE-89
SQL Injection
|
CVE-2008-6640
|
2017-08-17 10:29 |
2009-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
