|
256811
|
- |
|
emophp
|
emo_realty_manager
|
SQL injection vulnerability in news.php in EMO Realty Manager allows remote attackers to execute arbitrary SQL commands via the ida parameter.
|
CWE-89
SQL Injection
|
CVE-2008-2265
|
2017-09-29 10:31 |
2008-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256812
|
- |
|
cms_made_simple
|
cms_made_simple
|
Incomplete blacklist vulnerability in javaUpload.php in Postlet in the FileManager module in CMS Made Simple 1.2.4 and earlier allows remote attackers to execute arbitrary code by uploading a file wi…
|
CWE-20
Improper Input Validation
|
CVE-2008-2267
|
2017-09-29 10:31 |
2008-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256813
|
- |
|
phpway
|
kostenloses_linkmanagementscript
|
Multiple PHP remote file inclusion vulnerabilities in PHPWAY Kostenloses Linkmanagementscript allow remote attackers to execute arbitrary PHP code via a URL in the (1) main_page_directory and (2) pag…
|
CWE-94
Code Injection
|
CVE-2008-2270
|
2017-09-29 10:31 |
2008-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256814
|
- |
|
matisbt
|
mantis
|
Cross-site request forgery (CSRF) vulnerability in manage_user_create.php in Mantis 1.1.1 allows remote attackers to create new administrative users via a crafted link.
|
CWE-352
Origin Validation Error
|
CVE-2008-2276
|
2017-09-29 10:31 |
2008-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256815
|
- |
|
cmsnx
|
feedback_and_rating_script
|
SQL injection vulnerability in detail.php in Feedback and Rating Script 1.0 allows remote attackers to execute arbitrary SQL commands via the listingid parameter.
|
CWE-89
SQL Injection
|
CVE-2008-2277
|
2017-09-29 10:31 |
2008-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256816
|
- |
|
freelanceauction
|
freelance_auction_script
|
SQL injection vulnerability in browseproject.php in Freelance Auction Script 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter in a pdetails action.
|
CWE-89
SQL Injection
|
CVE-2008-2278
|
2017-09-29 10:31 |
2008-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256817
|
- |
|
freelance_auction
|
freelance_auction_script
|
Freelance Auction Script 1.0 stores user passwords in plaintext in the tbl_users table, which allows attackers to gain privileges by reading the table.
|
CWE-255
Credentials Management
|
CVE-2008-2279
|
2017-09-29 10:31 |
2008-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256818
|
- |
|
thomas_voecking
|
internet_photoshow
|
admin.php in Internet Photoshow and Internet Photoshow Special Edition (SE) allows remote attackers to bypass authentication by setting the login_admin cookie to true.
|
CWE-287
Improper Authentication
|
CVE-2008-2282
|
2017-09-29 10:31 |
2008-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256819
|
- |
|
idautomation
|
aztec_barcode
datamatrix_barcode
linear_barcode
pdf417_barcode
|
IDAutomation allows remote attackers to overwrite arbitrary files via the argument to the (1) SaveBarCode and (2) SaveEnhWMF methods in (a) the IDAuto.BarCode.1 ActiveX control in IDAutomationLinear6…
|
CWE-20
Improper Input Validation
|
CVE-2008-2283
|
2017-09-29 10:31 |
2008-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256820
|
- |
|
net-snmp
|
net-snmp
|
Buffer overflow in the __snprint_value function in snmp_get in Net-SNMP 5.1.4, 5.2.4, and 5.4.1, as used in SNMP.xs for Perl, allows remote attackers to cause a denial of service (crash) and possibly…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-2292
|
2017-09-29 10:31 |
2008-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
