|
263471
|
- |
|
blogn
|
blogn
|
Cross-site request forgery (CSRF) vulnerability in Blogn (BURO GUN) 1.9.7 and earlier allows remote attackers to hijack the authentication of arbitrary users for requests that make content modificati…
|
CWE-352
Origin Validation Error
|
CVE-2008-3885
|
2017-08-8 10:32 |
2008-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263472
|
- |
|
dotproject
|
dotproject
|
Multiple cross-site scripting (XSS) vulnerabilities in index.php in dotProject 2.1.2 allow remote attackers to inject arbitrary web script or HTML via (1) the inactive parameter in a tasks action, (2…
|
CWE-79
Cross-site Scripting
|
CVE-2008-3886
|
2017-08-8 10:32 |
2008-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263473
|
- |
|
dotproject
|
dotproject
|
Multiple SQL injection vulnerabilities in index.php in dotProject 2.1.2 allow (1) remote authenticated users to execute arbitrary SQL commands via the tab parameter in a projects action, and (2) remo…
|
CWE-89
SQL Injection
|
CVE-2008-3887
|
2017-08-8 10:32 |
2008-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263474
|
- |
|
dotproject
|
dotproject
|
http://secunia.com/advisories/31681:
"Successful exploitation of this vulnerability allows e.g. retrieval of administrator usernames and password hashes, but requires valid user credentials."
…
|
CWE-89
SQL Injection
|
CVE-2008-3887
|
2017-08-8 10:32 |
2008-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263475
|
- |
|
freebsd
|
freebsd
|
The kernel in FreeBSD 6.3 through 7.0 on amd64 platforms can make an extra swapgs call after a General Protection Fault (GPF), which allows local users to gain privileges by triggering a GPF during t…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-3890
|
2017-08-8 10:32 |
2008-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263476
|
- |
|
asterisk
trixbox
|
p_b_x
pbx
|
Asterisk Open Source 1.2.x before 1.2.32, 1.4.x before 1.4.24.1, and 1.6.0.x before 1.6.0.8; Asterisk Business Edition A.x.x, B.x.x before B.2.5.8, C.1.x.x before C.1.10.5, and C.2.x.x before C.2.3.3…
|
CWE-200
Information Exposure
|
CVE-2008-3903
|
2017-08-8 10:32 |
2008-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263477
|
- |
|
asterisk
trixbox
|
p_b_x
pbx
|
Additional details can be found here: http://www.voipsa.org/pipermail/voipsec_voipsa.org/2006-May/001628.html
|
CWE-200
Information Exposure
|
CVE-2008-3903
|
2017-08-8 10:32 |
2008-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263478
|
- |
|
lxde
|
gpicview
lightweight_x11_desktop_environment
|
src/main-win.c in GPicView 0.1.9 in Lightweight X11 Desktop Environment (LXDE) allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename.
|
CWE-20
Improper Input Validation
|
CVE-2008-3904
|
2017-08-8 10:32 |
2008-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263479
|
- |
|
newsbeuter
|
newsbeuter
|
The open-in-browser command in newsbeuter before 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in a feed URL.
|
CWE-20
Improper Input Validation
|
CVE-2008-3907
|
2017-08-8 10:32 |
2008-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263480
|
- |
|
newsbeuter
|
newsbeuter
|
http://www.openwall.com/lists/oss-security/2008/09/01/4
"The previous version allowed to execute arbitrary code by a
crafted feed URL that is passed as a command line parameter
if the URL is o…
|
CWE-20
Improper Input Validation
|
CVE-2008-3907
|
2017-08-8 10:32 |
2008-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
