|
261911
|
- |
|
rmsoft
|
minishop_module
|
SQL injection vulnerability in search.php in the RMSOFT MiniShop module 1.0 for Xoops might allow remote attackers to execute arbitrary SQL commands via the itemsxpag parameter.
|
CWE-89
SQL Injection
|
CVE-2008-4433
|
2017-08-8 10:32 |
2008-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261912
|
- |
|
utorrent
bittorrent
|
utorrent
bittorrent
|
Stack-based buffer overflow in (1) uTorrent 1.7.7 build 8179 and earlier and (2) BitTorrent 6.0.3 build 8642 and earlier allows remote attackers to cause a denial of service (crash) and possibly exec…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-4434
|
2017-08-8 10:32 |
2008-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261913
|
- |
|
rmsoft
|
downloads_plus_module
|
Multiple cross-site scripting (XSS) vulnerabilities in the RMSOFT Downloads Plus (rmdp) module 1.5 and 1.7 for Xoops allow remote attackers to inject arbitrary web script or HTML via the (1) key para…
|
CWE-79
Cross-site Scripting
|
CVE-2008-4435
|
2017-08-8 10:32 |
2008-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261914
|
- |
|
mozilla
|
bugzilla
|
Directory traversal vulnerability in importxml.pl in Bugzilla before 2.22.5, and 3.x before 3.0.5, when --attach_path is enabled, allows remote attackers to read arbitrary files via an XML file with …
|
CWE-22
Path Traversal
|
CVE-2008-4437
|
2017-08-8 10:32 |
2008-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261915
|
- |
|
datafeed_studio
|
datafeed_studio
|
Cross-site scripting (XSS) vulnerability in search.php in Datafeed Studio 1.6.2 allows remote attackers to inject arbitrary web script or HTML via the q parameter. NOTE: the provenance of this infor…
|
CWE-79
Cross-site Scripting
|
CVE-2008-4438
|
2017-08-8 10:32 |
2008-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261916
|
- |
|
martinwood
|
datafeed_studio
|
PHP remote file inclusion vulnerability in admin/bin/patch.php in MartinWood Datafeed Studio before 1.6.3 allows remote attackers to execute arbitrary PHP code via a URL in the INSTALL_FOLDER paramet…
|
CWE-94
Code Injection
|
CVE-2008-4439
|
2017-08-8 10:32 |
2008-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261917
|
- |
|
positive_software
|
h-sphere
|
Cross-site scripting (XSS) vulnerability in actions.php in Positive Software H-Sphere WebShell 4.3.10 allows remote attackers to inject arbitrary web script or HTML via (1) the fn parameter during a …
|
CWE-79
Cross-site Scripting
|
CVE-2008-4447
|
2017-08-8 10:32 |
2008-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261918
|
- |
|
positive_software
|
h-sphere
|
Cross-site request forgery (CSRF) vulnerability in actions.php in Positive Software H-Sphere WebShell 4.3.10 allows remote attackers to perform unauthorized actions as an administrator, including fil…
|
CWE-352
Origin Validation Error
|
CVE-2008-4448
|
2017-08-8 10:32 |
2008-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261919
|
- |
|
apache_friends
|
xampp
|
Cross-site scripting (XSS) vulnerability in adodb.php in XAMPP for Windows 1.6.8 allows remote attackers to inject arbitrary web script or HTML via the (1) dbserver, (2) host, (3) user, (4) password,…
|
CWE-79
Cross-site Scripting
|
CVE-2008-4450
|
2017-08-8 10:32 |
2008-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261920
|
- |
|
extrovert_software
|
thyme
|
SQL injection vulnerability in pick_users.php in the groups module in eXtrovert Thyme 1.3 allows remote attackers to execute arbitrary SQL commands via the uname_search parameter. NOTE: some of thes…
|
CWE-89
SQL Injection
|
CVE-2008-4459
|
2017-08-8 10:32 |
2008-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
