|
263451
|
- |
|
phpizabi
|
phpizabi
|
Cross-site scripting (XSS) vulnerability in index.php in PHPizabi before 848 Core HotFix Pack 3 allows remote attackers to inject arbitrary web script or HTML via the query parameter in a blogs.searc…
|
CWE-79
Cross-site Scripting
|
CVE-2008-3735
|
2017-08-8 10:32 |
2008-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263452
|
- |
|
spacetag
system_consultants
|
lacoodast
la_cooda_wiz
|
Multiple cross-site request forgery (CSRF) vulnerabilities in (1) System Consultants La!Cooda WIZ 1.4.0 and earlier and (2) SpaceTag LacoodaST 2.1.3 and earlier allow remote attackers to hijack the a…
|
CWE-352
Origin Validation Error
|
CVE-2008-3736
|
2017-08-8 10:32 |
2008-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263453
|
- |
|
spacetag
system_consultants
|
lacoodast
la_cooda_wiz
|
Unspecified vulnerability in (1) System Consultants La!Cooda WIZ 1.4.0 and earlier and (2) SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to execute arbitrary PHP scripts, and delete fi…
|
CWE-94
Code Injection
|
CVE-2008-3737
|
2017-08-8 10:32 |
2008-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263454
|
- |
|
spacetag
system_consultants
|
lacoodast
la_cooda_wiz
|
Cross-site scripting (XSS) vulnerability in (1) System Consultants La!Cooda WIZ 1.4.0 and earlier and (2) SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to inject arbitrary web script o…
|
CWE-79
Cross-site Scripting
|
CVE-2008-3739
|
2017-08-8 10:32 |
2008-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263455
|
- |
|
drupal
|
drupal
|
Cross-site scripting (XSS) vulnerability in the output filter in Drupal 5.x before 5.10 and 6.x before 6.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2008-3740
|
2017-08-8 10:32 |
2008-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263456
|
- |
|
drupal
|
drupal
|
The private filesystem in Drupal 5.x before 5.10 and 6.x before 6.4 trusts the MIME type sent by a web browser, which allows remote authenticated users to conduct cross-site scripting (XSS) attacks b…
|
CWE-79
Cross-site Scripting
|
CVE-2008-3741
|
2017-08-8 10:32 |
2008-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263457
|
- |
|
drupal
|
drupal
|
Unrestricted file upload vulnerability in the BlogAPI module in Drupal 5.x before 5.10 and 6.x before 6.4 allows remote authenticated users to execute arbitrary code by uploading a file with an execu…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-3742
|
2017-08-8 10:32 |
2008-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263458
|
- |
|
drupal
|
drupal
|
Multiple cross-site request forgery (CSRF) vulnerabilities in forms in Drupal 6.x before 6.4 allow remote attackers to perform unspecified actions via unknown vectors, related to improper token valid…
|
CWE-352
Origin Validation Error
|
CVE-2008-3743
|
2017-08-8 10:32 |
2008-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263459
|
- |
|
drupal
|
drupal
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Drupal 5.x before 5.10 and 6.x before 6.4 allow remote attackers to hijack the authentication of administrators for requests that (1) add…
|
CWE-352
Origin Validation Error
|
CVE-2008-3744
|
2017-08-8 10:32 |
2008-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263460
|
- |
|
drupal
|
drupal
upload_module
|
The Upload module in Drupal 6.x before 6.4 allows remote authenticated users to edit nodes, delete files, and download unauthorized attachments via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-3745
|
2017-08-8 10:32 |
2008-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
