|
263911
|
- |
|
xigla
|
absolute_image_gallery_xe
|
SQL injection vulnerability in gallery.asp in Xigla Absolute Image Gallery XE allows remote attackers to execute arbitrary SQL commands via the categoryid parameter in a viewimage action.
|
CWE-89
SQL Injection
|
CVE-2008-2765
|
2017-08-8 10:31 |
2008-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263912
|
- |
|
xigla
|
absolute_image_gallery_xe
|
Cross-site scripting (XSS) vulnerability in Xigla Absolute Image Gallery XE allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in (1) admin/search.asp and (2) gall…
|
CWE-79
Cross-site Scripting
|
CVE-2008-2766
|
2017-08-8 10:31 |
2008-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263913
|
- |
|
xigla
|
absolute_poll_manager_xe
|
SQL injection vulnerability in search.asp in Xigla Poll Manager XE allows remote authenticated users with administrator role privileges to execute arbitrary SQL commands via the orderby parameter.
|
CWE-89
SQL Injection
|
CVE-2008-2767
|
2017-08-8 10:31 |
2008-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263914
|
- |
|
xigla
|
absolute_poll_manager_xe
|
Cross-site scripting (XSS) vulnerability in admin/search.asp in Xigla Poll Manager XE allows remote authenticated users with administrator role privileges to inject arbitrary web script or HTML via u…
|
CWE-79
Cross-site Scripting
|
CVE-2008-2768
|
2017-08-8 10:31 |
2008-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263915
|
- |
|
drupal
|
drupal
node_hierarchy_module
|
The Node Hierarchy module 5.x before 5.x-1.1 and 6.x before 6.x-1.0 for Drupal does not properly implement access checks, which allows remote attackers with "access content" permissions to bypass res…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-2771
|
2017-08-8 10:31 |
2008-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263916
|
- |
|
drupal
|
magic_tabs_module
|
The Magic Tabs module 5.x before 5.x-1.1 for Drupal allows remote attackers to execute arbitrary PHP code via unspecified URL arguments, possibly related to a missing "whitelist of callbacks."
|
CWE-94
Code Injection
|
CVE-2008-2772
|
2017-08-8 10:31 |
2008-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263917
|
- |
|
drupal
|
taxonomy_image_module
|
Cross-site scripting (XSS) vulnerability in the Taxonomy Image module 5.x before 5.x-1.3 and 6.x before 6.x-1.3, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML vi…
|
CWE-79
Cross-site Scripting
|
CVE-2008-2773
|
2017-08-8 10:31 |
2008-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263918
|
- |
|
dt_centrepiece
|
dt_centrepiece
|
SQL injection vulnerability in search.asp in DT Centrepiece 4.0 allows remote attackers to execute arbitrary SQL commands via the searchFor parameter. NOTE: the provenance of this information is unk…
|
CWE-89
SQL Injection
|
CVE-2008-2775
|
2017-08-8 10:31 |
2008-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263919
|
- |
|
dt_centrepiece
|
dt_centrepiece
|
Cross-site scripting (XSS) vulnerability in search.asp in DT Centrepiece 4.0 allows remote attackers to inject arbitrary web script or HTML via the searchFor parameter. NOTE: the provenance of this …
|
CWE-79
Cross-site Scripting
|
CVE-2008-2776
|
2017-08-8 10:31 |
2008-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263920
|
- |
|
luca_corbo
|
ortro
|
Cross-site scripting (XSS) vulnerability in Ortro before 1.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2008-2777
|
2017-08-8 10:31 |
2008-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
