|
260501
|
- |
|
yellowswordfish
|
simple_forum
|
SQL injection vulnerability in ahah/sf-profile.php in the Yellow Swordfish Simple Forum module for Wordpress allows remote attackers to execute arbitrary SQL commands via the u parameter. NOTE: this…
|
CWE-89
SQL Injection
|
CVE-2008-7040
|
2017-08-17 10:29 |
2009-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260502
|
- |
|
natterchat
|
natterchat
|
Multiple cross-site scripting (XSS) vulnerabilities in NatterChat 1.12 allow remote attackers to inject arbitrary web script or HTML via the (1) txtUsername parameter to registerDo.asp, as invoked fr…
|
CWE-79
Cross-site Scripting
|
CVE-2008-7048
|
2017-08-17 10:29 |
2009-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260503
|
- |
|
raidsonic
|
icy_box_nas
|
userHandler.cgi in RaidSonic ICY BOX NAS firmware 2.3.2.IB.2.RS.1 allows remote attackers to bypass authentication and gain administrator privileges by setting the login parameter to admin. NOTE: the…
|
CWE-287
Improper Authentication
|
CVE-2008-7081
|
2017-08-17 10:29 |
2009-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260504
|
- |
|
unica
|
affinium_campaign
|
Multiple cross-site scripting (XSS) vulnerabilities in Unica Affinium Campaign 7.2.1.0.55 allow remote attackers to inject arbitrary web script or HTML via a Javascript event in the (1) url, (2) Page…
|
CWE-79
Cross-site Scripting
|
CVE-2008-7092
|
2017-08-17 10:29 |
2009-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260505
|
- |
|
unica
|
affinium_campaign
|
Multiple directory traversal vulnerabilities in Unica Affinium Campaign 7.2.1.0.55 allow remote attackers to (1) create arbitrary directories or files via a .. (dot dot) in the folder name in the new…
|
CWE-22
Path Traversal
|
CVE-2008-7093
|
2017-08-17 10:29 |
2009-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260506
|
- |
|
unica
|
affinium_campaign
|
Campaign/CampaignListener in the listener server in Unica Affinium Campaign 7.2.1.0.55 allows remote attackers to cause a denial of service (server crash) via a crafted length field that triggers (1)…
|
CWE-399
Resource Management Errors
|
CVE-2008-7094
|
2017-08-17 10:29 |
2009-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260507
|
- |
|
intel
|
bios
|
Intel Desktop and Intel Mobile Boards with BIOS firmware DQ35JO, DQ35MP, DP35DP, DG33FB, DG33BU, DG33TL, MGM965TW, D945GCPE, and DX38BT allows local administrators with ring 0 privileges to gain addi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7096
|
2017-08-17 10:29 |
2009-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260508
|
- |
|
dotnetnuke
|
dotnetnuke
|
Unspecified vulnerability in DotNetNuke 4.4.1 through 4.8.4 allows remote authenticated users to bypass authentication and gain privileges via unknown vectors related to a "unique id" for user action…
|
NVD-CWE-noinfo
|
CVE-2008-7100
|
2017-08-17 10:29 |
2009-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260509
|
- |
|
dotnetnuke
|
dotnetnuke
|
Unspecified vulnerability in DotNetNuke 4.0 through 4.8.4 and 5.0 allows remote attackers to obtain sensitive information (portal number) by accessing the install wizard page via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2008-7101
|
2017-08-17 10:29 |
2009-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260510
|
- |
|
dotnetnuke
|
dotnetnuke
|
DotNetNuke 2.0 through 4.8.4 allows remote attackers to load .ascx files instead of skin files, and possibly access privileged functionality, via unknown vectors related to parameter validation.
|
CWE-20
Improper Input Validation
|
CVE-2008-7102
|
2017-08-17 10:29 |
2009-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
