|
256701
|
- |
|
minbank
|
micronation_banking_system
|
Multiple PHP remote file inclusion vulnerabilities in Micronation Banking System (minba) 1.5.0 allow remote attackers to execute arbitrary PHP code via a URL in the minsoft_path parameter to (1) utdb…
|
CWE-94
Code Injection
|
CVE-2008-6006
|
2017-09-29 10:32 |
2009-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256702
|
- |
|
quidascript
|
bookmarks_favourites_script
|
SQL injection vulnerability in view_group.php in QuidaScript BookMarks Favourites Script (APB) allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2008-6007
|
2017-09-29 10:32 |
2009-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256703
|
- |
|
sg_real_estate_portal
|
sg_real_estate_portal
|
SG Real Estate Portal 2.0 allows remote attackers to bypass authentication and gain administrative access by setting the Auth cookie to 1.
|
CWE-287
Improper Authentication
|
CVE-2008-6009
|
2017-09-29 10:32 |
2009-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256704
|
- |
|
sg_real_estate_portal
|
sg_real_estate_portal
|
Multiple directory traversal vulnerabilities in SG Real Estate Portal 2.0 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) mod, (2) page, or (3) lang parameter to index.ph…
|
CWE-22
Path Traversal
|
CVE-2008-6010
|
2017-09-29 10:32 |
2009-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256705
|
- |
|
sg_real_estate_portal
|
sg_real_estate_portal
|
SQL injection vulnerability in index.php in SG Real Estate Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the page_id parameter.
|
CWE-89
SQL Injection
|
CVE-2008-6011
|
2017-09-29 10:32 |
2009-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256706
|
- |
|
rianxosencabos_cms
|
rianxosencabos_cms
|
SQL injection vulnerability in scripts/links.php in Rianxosencabos CMS 0.9 allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2008-6014
|
2017-09-29 10:32 |
2009-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256707
|
- |
|
i-rater
|
i-rater_basic
|
SQL injection vulnerability in messages.php in I-Rater Basic allows remote attackers to execute arbitrary SQL commands via the idp parameter.
|
CWE-89
SQL Injection
|
CVE-2008-6017
|
2017-09-29 10:32 |
2009-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256708
|
- |
|
myphpsite
|
myphpsite
|
Directory traversal vulnerability in index.php in MyPHPSite, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the mod parameter.
|
CWE-22
Path Traversal
|
CVE-2008-6018
|
2017-09-29 10:32 |
2009-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256709
|
- |
|
xnova
|
xnova
|
PHP remote file inclusion vulnerability in includes/todofleetcontrol.php in an older version of Xnova, possibly 0.8 sp1, allows remote attackers to execute arbitrary PHP code via a URL in the ugamela…
|
CWE-94
Code Injection
|
CVE-2008-6022
|
2017-09-29 10:32 |
2009-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256710
|
- |
|
xnova
|
xnova
|
PHP remote file inclusion vulnerability in includes/todofleetcontrol.php in a newer version of Xnova, possibly 0.8 sp1, allows remote attackers to execute arbitrary PHP code via a URL in the xnova_ro…
|
CWE-94
Code Injection
|
CVE-2008-6023
|
2017-09-29 10:32 |
2009-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
