|
257101
|
- |
|
w2b
|
phpdatingclub
|
Directory traversal vulnerability in website.php in Web 2 Business (W2B) phpDatingClub (aka Dating Club) 3.7 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in…
|
CWE-22
Path Traversal
|
CVE-2008-3179
|
2017-09-29 10:31 |
2008-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257102
|
- |
|
cwh_underground
|
contentnow_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in upload/file/language_menu.php in ContentNow CMS 1.4.1 allow remote attackers to inject arbitrary web script or HTML via the (1) pageid parameter…
|
CWE-79
Cross-site Scripting
|
CVE-2008-3180
|
2017-09-29 10:31 |
2008-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257103
|
- |
|
content_now
|
content_now
|
Unrestricted file upload vulnerability in upload.php in ContentNow CMS 1.4.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessi…
|
CWE-20
Improper Input Validation
|
CVE-2008-3181
|
2017-09-29 10:31 |
2008-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257104
|
- |
|
speedbit
|
download_accelerator_plus
|
Stack-based buffer overflow in DAP.exe in Download Accelerator Plus (DAP) 7.0.1.3, 8.6.6.3, and other 8.x versions allows user-assisted remote attackers to execute arbitrary code via an M3U (.m3u) fi…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-3182
|
2017-09-29 10:31 |
2008-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257105
|
- |
|
1scripts
|
codedb
|
Directory traversal vulnerability in list.php in 1Scripts CodeDB 1.1.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
|
CWE-22
Path Traversal
|
CVE-2008-3190
|
2017-09-29 10:31 |
2008-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257106
|
- |
|
marcioforum
|
mforum
|
Multiple SQL injection vulnerabilities in usercp.php in mForum 0.1a, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) City, (2) Interest, (3) Em…
|
CWE-89
SQL Injection
|
CVE-2008-3191
|
2017-09-29 10:31 |
2008-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257107
|
- |
|
sclek
|
jsite
|
Directory traversal vulnerability in index.php in jSite 1.0 OE allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module parameter.
|
CWE-22
Path Traversal
|
CVE-2008-3192
|
2017-09-29 10:31 |
2008-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257108
|
- |
|
sclek
|
jsite
|
SQL injection vulnerability in jSite 1.0 OE allows remote attackers to execute arbitrary SQL commands via the page parameter to the default URI.
|
CWE-89
SQL Injection
|
CVE-2008-3193
|
2017-09-29 10:31 |
2008-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257109
|
- |
|
pluck
|
pluck
|
Multiple directory traversal vulnerabilities in data/inc/themes/predefined_variables.php in pluck 4.5.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (…
|
CWE-22
Path Traversal
|
CVE-2008-3194
|
2017-09-29 10:31 |
2008-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257110
|
- |
|
twiki
|
twiki
|
Directory traversal vulnerability in bin/configure in TWiki before 4.2.3, when a certain step in the installation guide is skipped, allows remote attackers to read arbitrary files via a query string …
|
CWE-22
Path Traversal
|
CVE-2008-3195
|
2017-09-29 10:31 |
2008-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
