|
262021
|
- |
|
ibm
|
lotus_connections
|
Multiple SQL injection vulnerabilities in IBM Lotus Connections 2.x before 2.0.1 allow remote attackers to execute arbitrary SQL commands via the sortField parameter to unspecified components. NOTE:…
|
CWE-89
SQL Injection
|
CVE-2008-4806
|
2017-08-8 10:32 |
2008-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262022
|
- |
|
ibm
|
lotus_connections
|
IBM Lotus Connections 2.x before 2.0.1 stores the password for the administrative user in the trace.log file, which allows local users to obtain sensitive information by reading this file. NOTE: the…
|
CWE-255
Credentials Management
|
CVE-2008-4807
|
2017-08-8 10:32 |
2008-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262023
|
- |
|
ibm
|
lotus_connections
|
IBM Lotus Connections 2.x before 2.0.1 allows attackers to discover passwords via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third…
|
CWE-200
Information Exposure
|
CVE-2008-4808
|
2017-08-8 10:32 |
2008-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262024
|
- |
|
ibm
|
lotus_connections
|
Multiple unspecified vulnerabilities in the Profiles search pages in IBM Lotus Connections 2.x before 2.0.1 have unknown impact and attack vectors related to "Active" content. NOTE: the provenance o…
|
NVD-CWE-noinfo
|
CVE-2008-4809
|
2017-08-8 10:32 |
2008-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262025
|
- |
|
smarty
|
smarty
|
The _expand_quoted_text function in libs/Smarty_Compiler.class.php in Smarty 2.6.20 before r2797 allows remote attackers to execute arbitrary PHP code via vectors related to templates and (1) a dolla…
|
CWE-94
Code Injection
|
CVE-2008-4810
|
2017-08-8 10:32 |
2008-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262026
|
- |
|
smarty
|
smarty
|
The _expand_quoted_text function in libs/Smarty_Compiler.class.php in Smarty 2.6.20 r2797 and earlier allows remote attackers to execute arbitrary PHP code via vectors related to templates and a \ (b…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-4811
|
2017-08-8 10:32 |
2008-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262027
|
- |
|
rpath
|
initscripts
|
rc.sysinit in initscripts 8.12-8.21 and 8.56.15-0.1 on rPath allows local users to delete arbitrary files via a symlink attack on a directory under (1) /var/lock or (2) /var/run. NOTE: this issue ex…
|
CWE-59
Link Following
|
CVE-2008-4832
|
2017-08-8 10:32 |
2008-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262028
|
- |
|
ffmpeg
|
ffmpeg
|
Multiple buffer overflows in libavformat/utils.c in FFmpeg 0.4.9 before r14715, as used by MPlayer, allow context-dependent attackers to have an unknown impact via vectors related to execution of DTS…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-4866
|
2017-08-8 10:32 |
2008-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262029
|
- |
|
ffmpeg
|
ffmpeg
|
Buffer overflow in libavcodec/dca.c in FFmpeg 0.4.9 before r14917, as used by MPlayer, allows context-dependent attackers to have an unknown impact via vectors related to an incorrect DCA_MAX_FRAME_S…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-4867
|
2017-08-8 10:32 |
2008-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262030
|
- |
|
ffmpeg
|
ffmpeg
|
Unspecified vulnerability in the avcodec_close function in libavcodec/utils.c in FFmpeg 0.4.9 before r14787, as used by MPlayer, has unknown impact and attack vectors, related to a free "on random po…
|
NVD-CWE-noinfo
|
CVE-2008-4868
|
2017-08-8 10:32 |
2008-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
