|
262021
|
- |
|
extrakt
|
extrakt_framework
|
Cross-site scripting (XSS) vulnerability in index.php in Extrakt Framework 0.7 allows remote attackers to inject arbitrary web script or HTML via the plugins[file][id] parameter. NOTE: the provenanc…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6217
|
2017-08-17 10:29 |
2009-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262022
|
- |
|
drupal
|
content_construction_kit
|
Cross-site scripting (XSS) vulnerability in the administrative interface in Drupal Content Construction Kit (CCK) 5.x before 5.x-1.10 and 6.x before 6.x-2.0, a module for Drupal, allows remote authen…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6229
|
2017-08-17 10:29 |
2009-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262023
|
- |
|
cafuego
|
simple_document_management_system
|
SQL injection vulnerability in login.php in Simple Document Management System (SDMS) 1.1.5 and 1.1.4, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the login par…
|
CWE-89
SQL Injection
|
CVE-2008-6236
|
2017-08-17 10:29 |
2009-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262024
|
- |
|
openedit
|
openedit_digital_asset_management
|
Cross-site scripting (XSS) vulnerability in archive/savedqueries/savequeryfinish.html in OpenEdit Digital Asset Management (DAM) before 5.2014 allows remote attackers to inject arbitrary web script o…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6238
|
2017-08-17 10:29 |
2009-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262025
|
- |
|
openedit
|
openedit_digital_asset_management
|
Cross-site request forgery (CSRF) vulnerability in OpenEdit Digital Asset Management (DAM) before 5.2014 allows remote attackers to perform unspecified actions as arbitrary users via unknown vectors.
|
CWE-352
Origin Validation Error
|
CVE-2008-6239
|
2017-08-17 10:29 |
2009-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262026
|
- |
|
openedit
|
openedit_digital_asset_management
|
Cross-site scripting (XSS) vulnerability in data/views/index.html in OpenEdit Digital Asset Management (DAM) before 5.2014 allows remote attackers to inject arbitrary web script or HTML via the catal…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6240
|
2017-08-17 10:29 |
2009-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262027
|
- |
|
infireal
|
saturncms
|
SQL injection vulnerability in lib/url/meta_url.php in SaturnCMS allows remote attackers to execute arbitrary SQL commands via the URL to the translate function. NOTE: the provenance of this informa…
|
CWE-89
SQL Injection
|
CVE-2008-6262
|
2017-08-17 10:29 |
2009-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262028
|
- |
|
myktools
|
myktools
|
Directory traversal vulnerability in configuration_script.php in MyKtools 3.0 allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the langage…
|
CWE-22
Path Traversal
|
CVE-2008-6273
|
2017-08-17 10:29 |
2009-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262029
|
- |
|
drupal
|
user_karma_module
|
Cross-site scripting (XSS) vulnerability in the User Karma module 5.x before 5.x-1.13 and 6.x before 6.x-1.0-beta1, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6275
|
2017-08-17 10:29 |
2009-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262030
|
- |
|
drupal
|
user_karma_module
|
Multiple SQL injection vulnerabilities in the User Karma module 5.x before 5.x-1.13 and 6.x before 6.x-1.0-beta1, a module for Drupal, allow remote authenticated administrators to execute arbitrary S…
|
CWE-89
SQL Injection
|
CVE-2008-6276
|
2017-08-17 10:29 |
2009-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
