|
261911
|
- |
|
bluecube
|
bluecube_cms
|
SQL injection vulnerability in tienda.php in BlueCUBE CMS allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2008-6026
|
2017-08-8 10:33 |
2009-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261912
|
- |
|
achievo
|
achievo
|
Cross-site scripting (XSS) vulnerability in dispatch.php in Achievo 1.3.2 allows remote attackers to inject arbitrary web script or HTML via the atkaction parameter. NOTE: the provenance of this inf…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6034
|
2017-08-8 10:33 |
2009-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261913
|
- |
|
achievo
|
achievo
|
Cross-site scripting (XSS) vulnerability in dispatch.php in Achievo 1.3.2-STABLE allows remote attackers to inject arbitrary web script or HTML via the atknodetype parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-6035
|
2017-08-8 10:33 |
2009-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261914
|
- |
|
preprojects
|
pre_e-learning_portal
|
PreProjects Pre E-Learning Portal stores db_elearning.mdb under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6052
|
2017-08-8 10:33 |
2009-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261915
|
- |
|
preprojects
|
pre_resume_submitter
|
PreProjects Pre Resume Submitter stores onlineresume.mdb under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6053
|
2017-08-8 10:33 |
2009-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261916
|
- |
|
preprojects.com
|
pre_courier_and_cargo_business
|
PreProjects Pre Courier and Cargo Business stores dbcourior.mdb under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6054
|
2017-08-8 10:33 |
2009-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261917
|
- |
|
webkit
|
webkit
|
xml/XMLHttpRequest.cpp in WebCore in WebKit before r38566 does not properly restrict access from web pages to the (1) Set-Cookie and (2) Set-Cookie2 HTTP response headers, which allows remote attacke…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6059
|
2017-08-8 10:33 |
2009-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261918
|
- |
|
meet\#web
|
meet\#web
|
Multiple PHP remote file inclusion vulnerabilities in Meet#Web 0.8 allow remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) modules.php, (2) ManagerResource.cl…
|
CWE-94
Code Injection
|
CVE-2008-6066
|
2017-08-8 10:33 |
2009-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261919
|
- |
|
graphicsmagick
|
graphicsmagick
|
Multiple heap-based buffer underflows in the ReadPALMImage function in coders/palm.c in GraphicsMagick before 1.2.3 allow remote attackers to cause a denial of service (crash) or possibly execute arb…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-6070
|
2017-08-8 10:33 |
2009-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261920
|
- |
|
graphicsmagick
|
graphicsmagick
|
Heap-based buffer overflow in the DecodeImage function in coders/pict.c in GraphicsMagick before 1.1.14, and 1.2.x before 1.2.3, allows remote attackers to cause a denial of service (crash) or possib…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-6071
|
2017-08-8 10:33 |
2009-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
