|
257091
|
- |
|
orbitscripts
|
smartppc
smartppc_pro
|
SQL injection vulnerability in directory.php in SmartPPC and SmartPPC Pro allows remote attackers to execute arbitrary SQL commands via the idDirectory parameter.
|
CWE-89
SQL Injection
|
CVE-2008-3152
|
2017-09-29 10:31 |
2008-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257092
|
- |
|
tritoncms
|
triton_cms_pro
|
SQL injection vulnerability in Triton CMS Pro allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header.
|
CWE-89
SQL Injection
|
CVE-2008-3153
|
2017-09-29 10:31 |
2008-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257093
|
- |
|
webblizzard
|
content_management_system
|
SQL injection vulnerability in index.php in WebBlizzard CMS allows remote attackers to execute arbitrary SQL commands via the page parameter.
|
CWE-89
SQL Injection
|
CVE-2008-3154
|
2017-09-29 10:31 |
2008-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257094
|
- |
|
panda
|
panda_activescan
|
Stack-based buffer overflow in the ActiveX control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-3155
|
2017-09-29 10:31 |
2008-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257095
|
- |
|
panda
|
panda_activescan
|
The ActiveScan ActiveX Control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attackers to download and execute arbitrary cabinet (CAB) files via unspecified URLs passed to the Updat…
|
NVD-CWE-noinfo
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-3156
|
2017-09-29 10:31 |
2008-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257096
|
- |
|
fuzzylime
|
fuzzylime_cms
|
Directory traversal vulnerability in blog.php in fuzzylime (cms) 3.01, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in th…
|
CWE-22
Path Traversal
|
CVE-2008-3164
|
2017-09-29 10:31 |
2008-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257097
|
- |
|
fuzzylime
|
fuzzylime_cms
|
Directory traversal vulnerability in rss.php in fuzzylime (cms) 3.01a and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (do…
|
CWE-22
Path Traversal
|
CVE-2008-3165
|
2017-09-29 10:31 |
2008-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257098
|
- |
|
boonex
|
ray
|
PHP remote file inclusion vulnerability in modules/global/inc/content.inc.php in BoonEx Ray 3.5, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in t…
|
CWE-94
Code Injection
|
CVE-2008-3166
|
2017-09-29 10:31 |
2008-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257099
|
- |
|
boonex
|
dolphin
|
Multiple PHP remote file inclusion vulnerabilities in BoonEx Dolphin 6.1.2, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) dir[plugins] pa…
|
CWE-94
Code Injection
|
CVE-2008-3167
|
2017-09-29 10:31 |
2008-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257100
|
- |
|
webxell
|
webxell_editor
|
Unrestricted file upload vulnerability in upload_pictures.php in WebXell Editor 0.1.3 allows remote attackers to execute arbitrary code by uploading a .php file with a jpeg content type, then accessi…
|
CWE-20
Improper Input Validation
|
CVE-2008-3178
|
2017-09-29 10:31 |
2008-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
