|
256691
|
- |
|
jadu
|
jadu_cms_for_government
|
SQL injection vulnerability in scripts/recruit_details.php in Jadu CMS for Government allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2008-5988
|
2017-09-29 10:32 |
2009-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256692
|
- |
|
phpcounter
|
phpcounter
|
Directory traversal vulnerability in defs.php in PHPcounter 1.3.2 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot do…
|
CWE-22
Path Traversal
|
CVE-2008-5989
|
2017-09-29 10:32 |
2009-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256693
|
- |
|
eduforge
|
emergecolab
|
Directory traversal vulnerability in connect/init.inc in emergecolab 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the sitecode parameter to connect/i…
|
CWE-22
Path Traversal
|
CVE-2008-5990
|
2017-09-29 10:32 |
2009-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256694
|
- |
|
mailwatch
|
mailwatch
|
Directory traversal vulnerability in docs.php in MailWatch for MailScanner 1.0.4 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the doc paramet…
|
CWE-22
Path Traversal
|
CVE-2008-5991
|
2017-09-29 10:32 |
2009-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256695
|
- |
|
jetik
|
jetik_emlak_sistem_a
|
Multiple SQL injection vulnerabilities in Jetik Emlak Sistem A (ESA) 2.0 allow remote attackers to execute arbitrary SQL commands via the KayitNo parameter to (1) diger.php and (2) sayfalar.php.
|
CWE-89
SQL Injection
|
CVE-2008-5992
|
2017-09-29 10:32 |
2009-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256696
|
- |
|
barcodephp
|
barcodegen_1d
|
Directory traversal vulnerability in image.php in Barcode Generator 1D (barcodegen) 2.0.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the co…
|
CWE-22
Path Traversal
|
CVE-2008-5993
|
2017-09-29 10:32 |
2009-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256697
|
- |
|
adnforum
|
adnforum
|
index.php in ADN Forum 1.0b and earlier allows remote attackers to bypass authentication and gain sysop access via a fpusuario cookie composed of an initial sysop: string, an arbitrary password field…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6001
|
2017-09-29 10:32 |
2009-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256698
|
- |
|
web-cp
|
web-cp
|
Absolute path traversal vulnerability in sendfile.php in web-cp 0.5.7, when register_globals is enabled, allows remote attackers to read arbitrary files via a full pathname in the filelocation parame…
|
CWE-22
Path Traversal
|
CVE-2008-6002
|
2017-09-29 10:32 |
2009-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256699
|
- |
|
aj_square
|
aj_auction
|
SQL injection vulnerability in sellers_othersitem.php in AJ Auction Pro Platinum 2 allows remote attackers to execute arbitrary SQL commands via the seller_id parameter.
|
CWE-89
SQL Injection
|
CVE-2008-6003
|
2017-09-29 10:32 |
2009-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256700
|
- |
|
aj_square
|
aj_auction
|
Cross-site scripting (XSS) vulnerability in search.php in AJ Auction Pro Platinum 2 allows remote attackers to inject arbitrary web script or HTML via the product parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-6004
|
2017-09-29 10:32 |
2009-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
