|
256531
|
- |
|
cmsmadesimple
|
cms_made_simple
|
Directory traversal vulnerability in admin/login.php in CMS Made Simple 1.4.1 allows remote attackers to read arbitrary files via a .. (dot dot) in a cms_language cookie.
|
CWE-22
Path Traversal
|
CVE-2008-5642
|
2017-09-29 10:32 |
2008-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256532
|
- |
|
joomla
|
com_books
|
SQL injection vulnerability in the Books (com_books) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the book_id parameter in a book_details action to index.php.
|
CWE-89
SQL Injection
|
CVE-2008-5643
|
2017-09-29 10:32 |
2008-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256533
|
- |
|
alstrasoft
|
article_manager_pro
|
SQL injection vulnerability in admin/admin.php in AlstraSoft Article Manager Pro 1.6 allows remote attackers to execute arbitrary SQL commands via the username parameter.
|
CWE-89
SQL Injection
|
CVE-2008-5649
|
2017-09-29 10:32 |
2008-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256534
|
- |
|
alstrasoft
|
webhost_directory
|
SQL injection vulnerability in the login directory in AlstraSoft Web Host Directory allows remote attackers to execute arbitrary SQL commands via the pwd parameter.
|
CWE-89
SQL Injection
|
CVE-2008-5650
|
2017-09-29 10:32 |
2008-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256535
|
- |
|
myiosoft
|
easybookmarker
|
SQL injection vulnerability in the loginADP function in ajaxp.php in MyioSoft EasyBookMarker 4.0 allows remote attackers to execute arbitrary SQL commands via the rsargs parameter, as reachable throu…
|
CWE-89
SQL Injection
|
CVE-2008-5652
|
2017-09-29 10:32 |
2008-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256536
|
- |
|
kusaba
|
kusaba
|
Multiple unrestricted file upload vulnerabilities in Kusaba 1.0.4 and earlier allow remote authenticated users to execute arbitrary code by uploading a file with an executable extension using (1) loa…
|
CWE-20
Improper Input Validation
|
CVE-2008-5663
|
2017-09-29 10:32 |
2008-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256537
|
- |
|
xoops
|
xoops
|
SQL injection vulnerability in index.php in the xhresim module in XOOPS allows remote attackers to execute arbitrary SQL commands via the no parameter.
|
CWE-89
SQL Injection
|
CVE-2008-5665
|
2017-09-29 10:32 |
2008-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256538
|
- |
|
wftpserver
|
winftp_ftp_server
|
WinFTP FTP Server 2.3.0, when passive (aka PASV) mode is used, allows remote authenticated users to cause a denial of service via a sequence of FTP sessions that include an invalid "NLST -1" command.
|
CWE-399
Resource Management Errors
|
CVE-2008-5666
|
2017-09-29 10:32 |
2008-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256539
|
- |
|
virusblokada
|
vba32_personal_antivirus
|
The scanning engine in VirusBlokAda VBA32 Personal Antivirus 3.12.8.x allows remote attackers to cause a denial of service (memory corruption and application crash) via a malformed RAR archive.
|
CWE-399
Resource Management Errors
|
CVE-2008-5667
|
2017-09-29 10:32 |
2008-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256540
|
- |
|
kwalbum
|
kwalbum
|
Unrestricted file upload vulnerability in Kwalbum 2.0.4, 2.0.2, and earlier, when PICS_PATH is located in the web root, allows remote authenticated users with upload capability to execute arbitrary c…
|
CWE-20
Improper Input Validation
|
CVE-2008-5677
|
2017-09-29 10:32 |
2008-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
