|
260821
|
- |
|
xine
|
xine-lib
|
Array index error in the sdpplin_parse function in input/libreal/sdpplin.c in xine-lib 1.1.10.1 allows remote RTSP servers to execute arbitrary code via a large streamid SDP parameter.
|
CWE-189
Numeric Errors
|
CVE-2008-0073
|
2017-08-8 10:29 |
2008-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260822
|
- |
|
eticket
|
eticket
|
Multiple cross-site scripting (XSS) vulnerabilities in newticket.php in eTicket 1.5.5.2, and 1.5.6 RC2 and RC3, allow remote attackers to inject arbitrary web script or HTML via the (1) Name and (2) …
|
CWE-79
Cross-site Scripting
|
CVE-2008-0093
|
2017-08-8 10:29 |
2008-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260823
|
- |
|
s9y
|
serendipity
|
Cross-site scripting (XSS) vulnerability in Serendipity (S9Y) before 1.3-beta1 allows remote authenticated users to inject arbitrary web script or HTML via (1) the "Real name" field in Personal Setti…
|
CWE-79
Cross-site Scripting
|
CVE-2008-0124
|
2017-08-8 10:29 |
2008-02-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260824
|
- |
|
instantsoftwares
|
dating_site
|
SQL injection vulnerability in login_form.asp in Instant Softwares Dating Site allows remote attackers to execute arbitrary SQL commands via the Username parameter, a different vulnerability than CVE…
|
CWE-89
SQL Injection
|
CVE-2008-0130
|
2017-08-8 10:29 |
2008-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260825
|
- |
|
php
|
php
|
Unspecified vulnerability in glob in PHP before 4.4.8, when open_basedir is enabled, has unknown impact and attack vectors. NOTE: this issue reportedly exists because of a regression related to CVE-…
|
NVD-CWE-noinfo
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-0145
|
2017-08-8 10:29 |
2008-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260826
|
- |
|
pragma_systems
|
pragma_telnetserver
|
telnetd.exe in Pragma TelnetServer 7.0.4.589 allows remote attackers to cause a denial of service (process crash and resource exhaustion) via a crafted TELOPT PRAGMA LOGON telnet option, which trigge…
|
CWE-399
Resource Management Errors
|
CVE-2008-0153
|
2017-08-8 10:29 |
2008-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260827
|
- |
|
linux
|
linux_kernel
|
Linux kernel 2.6, when using vservers, allows local users to access resources of other vservers via a symlink attack in /proc.
|
CWE-59
Link Following
|
CVE-2008-0163
|
2017-08-8 10:29 |
2008-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260828
|
- |
|
ikiwiki
|
ikiwiki
|
Cross-site request forgery (CSRF) vulnerability in Ikiwiki before 2.42 allows remote attackers to modify user preferences, including passwords, via the (1) preferences and (2) edit forms.
|
CWE-352
Origin Validation Error
|
CVE-2008-0165
|
2017-08-8 10:29 |
2008-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260829
|
- |
|
gforge
|
gforge
|
The write_array_file function in utils/include.pl in GForge 4.5.14 updates configuration files by truncating them to zero length and then writing new data, which might allow attackers to bypass inten…
|
CWE-59
Link Following
|
CVE-2008-0167
|
2017-08-8 10:29 |
2008-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260830
|
- |
|
ikiwiki
|
ikiwiki
|
Plugin/passwordauth.pm (aka the passwordauth plugin) in ikiwiki 1.34 through 2.47 allows remote attackers to bypass authentication, and login to any account for which an OpenID identity is configured…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-0169
|
2017-08-8 10:29 |
2008-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
