|
260711
|
- |
|
firebird
|
firebird
|
The default configuration of Firebird before 2.0.3.12981.0-r6 on Gentoo Linux sets the ISC_PASSWORD environment variable before starting Firebird, which allows remote attackers to bypass SYSDBA authe…
|
CWE-255
Credentials Management
|
CVE-2008-1880
|
2017-08-8 10:30 |
2008-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260712
|
- |
|
wikepage
|
opus
|
Directory traversal vulnerability in index.php in Wikepage Opus 13 2007.2 allows remote attackers to read arbitrary files via directory traversal sequences in the wiki parameter, a different vector t…
|
CWE-22
Path Traversal
|
CVE-2008-1884
|
2017-08-8 10:30 |
2008-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260713
|
- |
|
azrul
|
jom_comment
|
SQL injection vulnerability in the Jom Comment 2.0 build 345 component for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this inf…
|
CWE-89
SQL Injection
|
CVE-2008-1890
|
2017-08-8 10:30 |
2008-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260714
|
- |
|
ruby-lang
|
ruby
|
Directory traversal vulnerability in WEBrick in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2, when using NTFS or FAT file…
|
CWE-22
Path Traversal
|
CVE-2008-1891
|
2017-08-8 10:30 |
2008-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260715
|
- |
|
blogator_script
|
blogator_script
|
Cross-site scripting (XSS) vulnerability in bs_auth.php in Blogator-script 0.95 and 1.01 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: the provenance of…
|
CWE-79
Cross-site Scripting
|
CVE-2008-1892
|
2017-08-8 10:30 |
2008-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260716
|
- |
|
w2b
|
online_banking
|
PHP remote file inclusion vulnerability in index.php in W2B Online Banking allows remote attackers to execute arbitrary PHP code via a URL in the ilang parameter.
|
CWE-94
Code Injection
|
CVE-2008-1893
|
2017-08-8 10:30 |
2008-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260717
|
- |
|
businessobjects
|
infoview
|
Cross-site scripting (XSS) vulnerability in desktoplaunch/InfoView/logon/logon.object in BusinessObjects InfoView XI R2 SP1, SP2, and SP3 Java version before FixPack 3.5 allows remote attackers to in…
|
CWE-79
Cross-site Scripting
|
CVE-2008-1894
|
2017-08-8 10:30 |
2008-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260718
|
- |
|
debian
|
aptlinex
|
aptlinex before 0.91 allows local users to overwrite arbitrary files via a symlink attack on the gambas-apt.lock temporary file.
|
CWE-59
Link Following
|
CVE-2008-1901
|
2017-08-8 10:30 |
2008-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260719
|
- |
|
debian
|
aptlinex
|
The GUI for aptlinex before 0.91 does not sufficiently warn the user of potentially dangerous actions, which allows remote attackers to remove or modify packages via an apt:// URL.
|
NVD-CWE-Other
|
CVE-2008-1902
|
2017-08-8 10:30 |
2008-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260720
|
- |
|
nero
|
mediahome
nero
|
NMMediaServer.exe in Nero MediaHome 3.3.3.0 and earlier, as used in Nero 8.3.2.1 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via…
|
CWE-20
Improper Input Validation
|
CVE-2008-1905
|
2017-08-8 10:30 |
2008-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
