|
256551
|
- |
|
kde
|
konqueror
|
The HTML parser in KDE Konqueror 3.5.9 allows remote attackers to cause a denial of service (application crash) via (1) a long COLOR attribute in an HR element; or a long (a) BGCOLOR or (b) BORDERCOL…
|
CWE-20
Improper Input Validation
|
CVE-2008-5712
|
2017-09-29 10:32 |
2008-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256552
|
- |
|
sawstudio
|
sawstudio
|
Buffer overflow in SAWStudio 3.9i allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long SAWSTUDIO PREFERENCES STRUCT va…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-5722
|
2017-09-29 10:32 |
2008-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256553
|
- |
|
entechtaiwan
|
powerstrip
|
The NT kernel-mode driver (aka pstrip.sys) 5.0.1.1 and earlier in EnTech Taiwan PowerStrip 3.84 and earlier allows local users to gain privileges via certain IRP parameters in an IOCTL request to \De…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-5725
|
2017-09-29 10:32 |
2008-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256554
|
- |
|
stormboards_aaronnemisis
|
stormboards
|
SQL injection vulnerability in thread.php in stormBoards 1.0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2008-5726
|
2017-09-29 10:32 |
2008-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256555
|
- |
|
netcat
|
netcat
|
SQL injection vulnerability in modules/auth/password_recovery.php in AIST NetCat 3.12 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the…
|
CWE-89
SQL Injection
|
CVE-2008-5727
|
2017-09-29 10:32 |
2008-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256556
|
- |
|
netcat
|
netcat
|
Multiple directory traversal vulnerabilities in AIST NetCat 3.12 and earlier, when magic_quotes_gpc is disabled and register_globals is enabled, allow remote attackers to include and execute arbitrar…
|
CWE-22
Path Traversal
|
CVE-2008-5728
|
2017-09-29 10:32 |
2008-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256557
|
- |
|
netcat
|
netcat
|
Multiple cross-site scripting (XSS) vulnerabilities in AIST NetCat 3.12 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) form and (2) control parameters to FCKedi…
|
CWE-79
Cross-site Scripting
|
CVE-2008-5729
|
2017-09-29 10:32 |
2008-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256558
|
- |
|
netcat
|
netcat
|
Multiple CRLF injection vulnerabilities in AIST NetCat 3.12 and earlier allow remote attackers to have an unknown impact via unspecified vectors involving (1) a %0a sequence in a cookie and (2) the a…
|
CWE-20
Improper Input Validation
|
CVE-2008-5730
|
2017-09-29 10:32 |
2008-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256559
|
- |
|
kafooeyblog
|
kafooeyblog
|
Unrestricted file upload vulnerability in lib/image_upload.php in KafooeyBlog 1.55b allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing …
|
CWE-20
Improper Input Validation
|
CVE-2008-5732
|
2017-09-29 10:32 |
2008-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256560
|
- |
|
nodstrum
|
mysql_calendar
|
SQL injection vulnerability in index.php in Nodstrum MySQL Calendar 1.1 and 1.2 allows remote attackers to execute arbitrary SQL commands via the username parameter.
|
CWE-89
SQL Injection
|
CVE-2008-5737
|
2017-09-29 10:32 |
2008-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
