|
256851
|
- |
|
wajox_software
|
mircrossys_cms
|
PHP remote file inclusion vulnerability in index.php in Wajox Software microSSys CMS 1.5 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL…
|
CWE-94
Code Injection
|
CVE-2008-2396
|
2017-09-29 10:31 |
2008-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256852
|
- |
|
fichive
|
fichive
|
SQL injection vulnerability in index.php in FicHive 1.0 allows remote attackers to execute arbitrary SQL commands via the category parameter in a Fiction action, possibly related to sources/fiction.c…
|
CWE-89
SQL Injection
|
CVE-2008-2416
|
2017-09-29 10:31 |
2008-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256853
|
- |
|
how2asp
|
webboard
|
SQL injection vulnerability in showQAnswer.asp in How2ASP.net Webboard 4.1 allows remote attackers to execute arbitrary SQL commands via the qNo parameter.
|
CWE-89
SQL Injection
|
CVE-2008-2417
|
2017-09-29 10:31 |
2008-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256854
|
- |
|
sun
|
solaris
|
Race condition in the STREAMS Administrative Driver (sad) in Sun Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors.
|
CWE-362
Race Condition
|
CVE-2008-2418
|
2017-09-29 10:31 |
2008-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256855
|
- |
|
therealestatescript
|
the_real_estate_script
|
SQL injection vulnerability in dpage.php in The Real Estate Script allows remote attackers to execute arbitrary SQL commands via the docID parameter.
|
CWE-89
SQL Injection
|
CVE-2008-2443
|
2017-09-29 10:31 |
2008-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256856
|
- |
|
calogic
|
calogic_calendars
|
SQL injection vulnerability in userreg.php in CaLogic Calendars 1.2.2 allows remote attackers to execute arbitrary SQL commands via the langsel parameter.
|
CWE-89
SQL Injection
|
CVE-2008-2444
|
2017-09-29 10:31 |
2008-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256857
|
- |
|
wgcc
|
web_group_communication_center
|
Cross-site scripting (XSS) vulnerability in profile.php in Web Group Communication Center (WGCC) 1.0.3 PreRelease 1 and earlier allows remote attackers to inject arbitrary web script or HTML via the …
|
CWE-79
Cross-site Scripting
|
CVE-2008-2445
|
2017-09-29 10:31 |
2008-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256858
|
- |
|
wgcc
|
web_group_communication_center
|
Multiple SQL injection vulnerabilities in Web Group Communication Center (WGCC) 1.0.3 PreRelease 1 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) userid pa…
|
CWE-89
SQL Injection
|
CVE-2008-2446
|
2017-09-29 10:31 |
2008-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256859
|
- |
|
mytipper
|
zogo_shop
|
SQL injection vulnerability in products.php in the Mytipper ZoGo-shop plugin 1.15.5 and 1.16 Beta 13 for e107 allows remote attackers to execute arbitrary SQL commands via the cat parameter.
|
CWE-89
SQL Injection
|
CVE-2008-2447
|
2017-09-29 10:31 |
2008-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256860
|
- |
|
aspindir
|
meto_forum
|
Multiple SQL injection vulnerabilities in Meto Forum 1.1 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) admin/duzenle.asp and (b) admin_oku.asp; the (2) kid …
|
CWE-89
SQL Injection
|
CVE-2008-2448
|
2017-09-29 10:31 |
2008-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
