|
256411
|
- |
|
micgr
|
mic_blog
|
Multiple SQL injection vulnerabilities in Mic_Blog 0.0.3, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter to category.php, the (2…
|
CWE-89
SQL Injection
|
CVE-2008-6805
|
2017-09-29 10:33 |
2009-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256412
|
- |
|
7-shop
|
7shop
|
Unrestricted file upload vulnerability in includes/imageupload.php in 7Shop 1.1 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then ac…
|
CWE-20
Improper Input Validation
|
CVE-2008-6806
|
2017-09-29 10:33 |
2009-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256413
|
- |
|
scripts-for-sites
|
ez_link_directory
|
SQL injection vulnerability in links.php in Scripts for Sites (SFS) EZ Link Directory allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action.
|
CWE-89
SQL Injection
|
CVE-2008-6808
|
2017-09-29 10:33 |
2009-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256414
|
- |
|
bookingcentre
|
booking_system_for_hotels_group
|
SQL injection vulnerability in hotel_habitaciones.php in Venalsur Booking Centre Booking System for Hotels Group 2.01 allows remote attackers to execute arbitrary SQL commands via the HotelID paramet…
|
CWE-89
SQL Injection
|
CVE-2008-6809
|
2017-09-29 10:33 |
2009-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256415
|
- |
|
bookingcentre
|
booking_system_for_hotels_group
|
Multiple SQL injection vulnerabilities in admin/checklogin.php in Venalsur Booking Centre Booking System for Hotels Group 2.01 allow remote attackers to execute arbitrary SQL commands via the (1) myu…
|
CWE-89
SQL Injection
|
CVE-2008-6810
|
2017-09-29 10:33 |
2009-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256416
|
- |
|
instinct
|
e-commerce_plugin
|
Unrestricted file upload vulnerability in image_processing.php in the e-Commerce Plugin 3.4 and earlier for Wordpress allows remote attackers to execute arbitrary code by uploading a file with an exe…
|
NVD-CWE-Other
|
CVE-2008-6811
|
2017-09-29 10:33 |
2009-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256417
|
- |
|
surat_kabar
|
phpwebnews
|
SQL injection vulnerability in bukutamu.php in phpWebNews 0.2 MySQL Edition allows remote attackers to execute arbitrary SQL commands via the det parameter.
|
CWE-89
SQL Injection
|
CVE-2008-6812
|
2017-09-29 10:33 |
2009-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256418
|
- |
|
surat_kabar
|
phpwebnews
|
SQL injection vulnerability in index.php in phpWebNews 0.2 MySQL Edition allows remote attackers to execute arbitrary SQL commands via the id_kat parameter.
|
CWE-89
SQL Injection
|
CVE-2008-6813
|
2017-09-29 10:33 |
2009-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256419
|
- |
|
jan_de_graaff
|
com_simpleboard
|
Unrestricted file upload vulnerability in image_upload.php in the SimpleBoard (com_simpleboard) component 1.0.1 and earlier for Mambo allows remote attackers to execute arbitrary code by uploading a …
|
CWE-20
Improper Input Validation
|
CVE-2008-6814
|
2017-09-29 10:33 |
2009-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256420
|
- |
|
myktools
|
myktools
|
mykdownload.php in MyKtools 2.4 does not require administrative authentication, which allows remote attackers to read a database backup by making a direct request, and then sending an unspecified req…
|
CWE-287
Improper Authentication
|
CVE-2008-6815
|
2017-09-29 10:33 |
2009-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
