|
259261
|
- |
|
microsoft
|
visual_interdev
|
Buffer overflow in Microsoft Visual InterDev 6.0 (SP6) allows user-assisted attackers to execute arbitrary code via a Studio Solution (.SLN) file with a long malformed Project line beginning with a '…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-1709
|
2017-09-29 10:30 |
2008-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259262
|
- |
|
ibm
|
aix
|
Untrusted search path vulnerability in chnfsmnt in IBM AIX 6.1 allows local users to gain privileges via a modified PATH environment variable.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-1710
|
2017-09-29 10:30 |
2008-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259263
|
- |
|
terong
|
advanced_web_photo_gallery
|
Terong PHP Photo Gallery (aka Advanced Web Photo Gallery) 1.0 stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
|
CWE-310
Cryptographic Issues
|
CVE-2008-1711
|
2017-09-29 10:30 |
2008-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259264
|
- |
|
mx-system
|
mxbb
|
PHP remote file inclusion vulnerability in includes/functions_weblog.php in mxBB mx_blogs 2.0.0 beta allows remote attackers to execute arbitrary PHP code via a URL in the mx_root_path parameter.
|
CWE-94
Code Injection
|
CVE-2008-1712
|
2017-09-29 10:30 |
2008-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259265
|
- |
|
noticeware
|
email_server
|
MailServer.exe in NoticeWare Email Server 4.6.1.0 allows remote attackers to cause a denial of service (application crash) via a long string to IMAP port (143/tcp).
|
NVD-CWE-Other
|
CVE-2008-1713
|
2017-09-29 10:30 |
2008-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259266
|
- |
|
fascript
|
faphoto
|
SQL injection vulnerability in show.php in FaScript FaPhoto 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2008-1714
|
2017-09-29 10:30 |
2008-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259267
|
- |
|
auracms
|
auracms
|
SQL injection vulnerability in content/user.php in AuraCMS 2.2.1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the country parameter.
|
CWE-89
SQL Injection
|
CVE-2008-1715
|
2017-09-29 10:30 |
2008-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259268
|
- |
|
nsoftware
|
ibiz_e-banking_integrator
|
The IBizEBank.FIProfile.1 ActiveX control in fiprofile20.ocx in IBiz E-Banking Integrator (formerly IBiz OFX Integrator) 2.0.2932 exposes the unsafe WriteOFXDataFile method, which allows remote attac…
|
NVD-CWE-Other
|
CVE-2008-1725
|
2017-09-29 10:30 |
2008-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259269
|
- |
|
myknowledgequest
|
knowledgequest
|
Multiple SQL injection vulnerabilities in KnowledgeQuest 2.6, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) kqid parameter to (a) articletext…
|
CWE-89
SQL Injection
|
CVE-2008-1726
|
2017-09-29 10:30 |
2008-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259270
|
- |
|
myknowledgequest
|
knowledgequest
|
KnowledgeQuest 2.5 and 2.6 does not require authentication for access to admincheck.php, which allows remote attackers to create arbitrary admin accounts.
|
CWE-287
Improper Authentication
|
CVE-2008-1727
|
2017-09-29 10:30 |
2008-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
