|
263751
|
- |
|
valarsoft
|
webmatic
|
SQL injection vulnerability in Webmatic before 2.8 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2008-2925
|
2017-08-8 10:31 |
2008-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263752
|
- |
|
ibm
|
tivoli_directory_server
|
Double free vulnerability in IBM Tivoli Directory Server (TDS) 6.1.0.0 through 6.1.0.15 allows remote authenticated administrators to cause a denial of service (ABEND) and possibly execute arbitrary …
|
CWE-399
Resource Management Errors
|
CVE-2008-2943
|
2017-08-8 10:31 |
2008-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263753
|
- |
|
sun
|
java_system_access_manager
java_system_identity_server
|
Sun Java System Access Manager 6.3 through 7.1 and Sun Java System Identity Server 6.1 and 6.2 do not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-depe…
|
CWE-20
Improper Input Validation
|
CVE-2008-2945
|
2017-08-8 10:31 |
2008-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263754
|
- |
|
linux
|
direct_connect
|
Linux DC++ (linuxdcpp) before 0.707 allows remote attackers to cause a denial of service (crash) via "partial file list requests" that trigger a NULL pointer dereference.
|
CWE-20
Improper Input Validation
|
CVE-2008-2953
|
2017-08-8 10:31 |
2008-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263755
|
- |
|
linux
|
direct_connect
|
client/NmdcHub.cpp in Linux DC++ (linuxdcpp) before 0.707 allows remote attackers to cause a denial of service (crash) via an empty private message, which triggers an out-of-bounds read.
|
CWE-20
Improper Input Validation
|
CVE-2008-2954
|
2017-08-8 10:31 |
2008-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263756
|
- |
|
checkinstall
|
checkinstall
|
Race condition in (1) checkinstall 1.6.1 and (2) installwatch allows local users to overwrite arbitrary files and have other impacts via symlink and possibly other attacks on temporary working direct…
|
CWE-362
Race Condition
|
CVE-2008-2958
|
2017-08-8 10:31 |
2008-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263757
|
- |
|
phpmyadmin
|
phpmyadmin
|
Cross-site scripting (XSS) vulnerability in phpMyAdmin before 2.11.7, when register_globals is enabled and .htaccess support is disabled, allows remote attackers to inject arbitrary web script or HTM…
|
CWE-79
Cross-site Scripting
|
CVE-2008-2960
|
2017-08-8 10:31 |
2008-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263758
|
- |
|
drupal
|
aggregation_module
|
Multiple cross-site scripting (XSS) vulnerabilities in the Aggregation module 5.x before 5.x-4.4 for Drupal allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2008-2998
|
2017-08-8 10:31 |
2008-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263759
|
- |
|
drupal
|
aggregation_module
|
Per Hyperlink Record 1026625, Drupal core is not affected. If you do not use the contributed Aggregation module, there is nothing you need to do.
|
CWE-79
Cross-site Scripting
|
CVE-2008-2998
|
2017-08-8 10:31 |
2008-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263760
|
- |
|
drupal
|
aggregation_module
drupal
|
Multiple SQL injection vulnerabilities in the Aggregation module 5.x before 5.x-4.4 for Drupal allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2008-2999
|
2017-08-8 10:31 |
2008-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
