|
262001
|
- |
|
hispah
|
text_links_ads
|
SQL injection vulnerability in index.php in Hispah Text Links Ads 1.1 allows remote attackers to execute arbitrary SQL commands via the idtl parameter in a buy action. NOTE: the provenance of this i…
|
CWE-89
SQL Injection
|
CVE-2008-6155
|
2017-08-17 10:29 |
2009-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262002
|
- |
|
w3bcms
|
w3b\>cms
|
Multiple unspecified vulnerabilities in the admin backend in w3b>cms (aka w3blabor CMS) before 3.2.0 have unknown impact and remote attack vectors.
|
NVD-CWE-noinfo
|
CVE-2008-6158
|
2017-08-17 10:29 |
2009-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262003
|
- |
|
drupal
|
semantically_interconnected_online_communities
|
Semantically-Interconnected Online Communities (SIOC) 5.x before 5.x-1.2 and 6.x before 6.x-1.1, a module for Drupal, does not properly implement menu and database APIs, which allows remote attackers…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6160
|
2017-08-17 10:29 |
2009-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262004
|
- |
|
drupal
|
localization_client
localization_server
|
Cross-site request forgery (CSRF) vulnerability in the Localization client 5.x before 5.x-1.1 and 6.x before 6.x-1.6 and the Localization server 5.x before 5.x-1.0-alpha5 and 6.x before 6.x-alpha2, m…
|
CWE-352
Origin Validation Error
|
CVE-2008-6169
|
2017-08-17 10:29 |
2009-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262005
|
- |
|
drupal
|
drupal
|
Cross-site scripting (XSS) vulnerability in Drupal 5.x before 5.12 and 6.x before 6.6 allows remote authenticated users with create book content or edit node book hierarchy permissions to inject arbi…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6170
|
2017-08-17 10:29 |
2009-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262006
|
- |
|
drupal
|
drupal
|
includes/bootstrap.inc in Drupal 5.x before 5.12 and 6.x before 6.6, when the server is configured for "IP-based virtual hosts," allows remote attackers to include and execute arbitrary files via the…
|
CWE-16
CWE-20
Configuration
Improper Input Validation
|
CVE-2008-6171
|
2017-08-17 10:29 |
2009-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262007
|
- |
|
clip-share
|
clipshare
|
Cross-site scripting (XSS) vulnerability in fullscreen.php in ClipShare Pro 4.0 allows remote attackers to inject arbitrary web script or HTML via the title parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-6173
|
2017-08-17 10:29 |
2009-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262008
|
- |
|
jetbox
|
jetbox_cms
|
Cross-site scripting (XSS) vulnerability in admin/postlister/index.php in Jetbox CMS 2.1 allows remote attackers to inject arbitrary web script or HTML via the liste parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-6174
|
2017-08-17 10:29 |
2009-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262009
|
- |
|
gforge
|
gforge
|
SQL injection vulnerability in GForge 4.5.19 allows remote attackers to execute arbitrary SQL commands via the offset parameter to (1) new/index.php, (2) news/index.php, and (3) top/topusers.php, whi…
|
CWE-89
SQL Injection
|
CVE-2008-6189
|
2017-08-17 10:29 |
2009-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262010
|
- |
|
eeb-welt
|
eebcms
|
Cross-site scripting (XSS) vulnerability in index.php in EEBCMS 0.95 allows remote attackers to inject arbitrary web script or HTML via the content parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-6190
|
2017-08-17 10:29 |
2009-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
