|
256721
|
- |
|
cmsnx
|
feedback_and_rating_script
|
SQL injection vulnerability in detail.php in Feedback and Rating Script 1.0 allows remote attackers to execute arbitrary SQL commands via the listingid parameter.
|
CWE-89
SQL Injection
|
CVE-2008-2277
|
2017-09-29 10:31 |
2008-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256722
|
- |
|
freelanceauction
|
freelance_auction_script
|
SQL injection vulnerability in browseproject.php in Freelance Auction Script 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter in a pdetails action.
|
CWE-89
SQL Injection
|
CVE-2008-2278
|
2017-09-29 10:31 |
2008-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256723
|
- |
|
freelance_auction
|
freelance_auction_script
|
Freelance Auction Script 1.0 stores user passwords in plaintext in the tbl_users table, which allows attackers to gain privileges by reading the table.
|
CWE-255
Credentials Management
|
CVE-2008-2279
|
2017-09-29 10:31 |
2008-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256724
|
- |
|
thomas_voecking
|
internet_photoshow
|
admin.php in Internet Photoshow and Internet Photoshow Special Edition (SE) allows remote attackers to bypass authentication by setting the login_admin cookie to true.
|
CWE-287
Improper Authentication
|
CVE-2008-2282
|
2017-09-29 10:31 |
2008-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256725
|
- |
|
idautomation
|
aztec_barcode
datamatrix_barcode
linear_barcode
pdf417_barcode
|
IDAutomation allows remote attackers to overwrite arbitrary files via the argument to the (1) SaveBarCode and (2) SaveEnhWMF methods in (a) the IDAuto.BarCode.1 ActiveX control in IDAutomationLinear6…
|
CWE-20
Improper Input Validation
|
CVE-2008-2283
|
2017-09-29 10:31 |
2008-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256726
|
- |
|
net-snmp
|
net-snmp
|
Buffer overflow in the __snprint_value function in snmp_get in Net-SNMP 5.1.4, 5.2.4, and 5.4.1, as used in SNMP.xs for Perl, allows remote attackers to cause a denial of service (crash) and possibly…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-2292
|
2017-09-29 10:31 |
2008-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256727
|
- |
|
tpvgames
|
mpcs
|
admin.php in Multi-Page Comment System (MPCS) 1.0 and 1.1 allows remote attackers to bypass authentication and gain privileges by setting the CommentSystemAdmin cookie to 1.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-2293
|
2017-09-29 10:31 |
2008-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256728
|
- |
|
mreaves
|
pet_grooming_management_system
|
Pet Grooming Management System 2.0 allows remote attackers to gain privileges via a direct request to useradded.php with a modified user name for "admin."
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-2294
|
2017-09-29 10:31 |
2008-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256729
|
- |
|
rgboard
|
rgboard
|
Cross-site scripting (XSS) vulnerability in rg_search.php in Rgboard 3.0.12, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the s_text parameter and…
|
CWE-79
Cross-site Scripting
|
CVE-2008-2295
|
2017-09-29 10:31 |
2008-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256730
|
- |
|
rgboard
|
rgboard
|
PHP remote file inclusion vulnerability in include/bbs.lib.inc.php in Rgboard 3.0.12 allows remote attackers to execute arbitrary PHP code via a URL in the site_path parameter.
|
CWE-94
Code Injection
|
CVE-2008-2296
|
2017-09-29 10:31 |
2008-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
