|
257231
|
- |
|
21degrees
|
symphony
|
Unrestricted file upload vulnerability in the File Manager in the admin panel in Twentyone Degrees Symphony 1.7.01 and earlier allows remote attackers to execute arbitrary code by uploading a file wi…
|
CWE-94
Code Injection
|
CVE-2008-3592
|
2017-09-29 10:31 |
2008-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257232
|
- |
|
21degrees
|
symphony
|
Successful exploitation of this vulnerability requires valid administrator credentials. See CVE-2008-3591 for more information.
|
CWE-94
Code Injection
|
CVE-2008-3592
|
2017-09-29 10:31 |
2008-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257233
|
- |
|
syzygycms
|
syzygycms
|
Directory traversal vulnerability in index.php in SyzygyCMS 0.3 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
|
CWE-22
Path Traversal
|
CVE-2008-3593
|
2017-09-29 10:31 |
2008-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257234
|
- |
|
magicscripts
|
e-store_kit-1
e-store_kit-2
|
SQL injection vulnerability in viewdetails.php in MagicScripts E-Store Kit-1, E-Store Kit-2, E-Store Kit-1 Pro PayPal Edition, and E-Store Kit-2 PayPal Edition allows remote attackers to execute arbi…
|
CWE-89
SQL Injection
|
CVE-2008-3594
|
2017-09-29 10:31 |
2008-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257235
|
- |
|
txtsql
|
txtsql
|
PHP remote file inclusion vulnerability in examples/txtSQLAdmin/startup.php in txtSQL 2.2 Final allows remote attackers to execute arbitrary PHP code via a URL in the CFG[txtsql][class] parameter.
|
CWE-94
Code Injection
|
CVE-2008-3595
|
2017-09-29 10:31 |
2008-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257236
|
- |
|
psi-labs
|
psipuss
|
Multiple SQL injection vulnerabilities in psipuss 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the Cid parameter to categories.php or (2) the Username parameter to login.php.
|
CWE-89
SQL Injection
|
CVE-2008-3598
|
2017-09-29 10:31 |
2008-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257237
|
- |
|
openimpro
|
openimpro
|
SQL injection vulnerability in image.php in OpenImpro 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2008-3599
|
2017-09-29 10:31 |
2008-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257238
|
- |
|
quicksilver_forums
|
quicksilver_forums
|
SQL injection vulnerability in index.php in Quicksilver Forums 1.4.1 allows remote attackers to execute arbitrary SQL commands via the forums array parameter in a search action.
|
CWE-89
SQL Injection
|
CVE-2008-3601
|
2017-09-29 10:31 |
2008-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257239
|
- |
|
psychdaily
|
php_ring_webring_system
|
admin/wr_admin.php in PHP-Ring Webring System (aka uPHP_ring_website) 0.9.1 allows remote attackers to bypass authentication and gain administrative access by setting the admin cookie to 1.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-3602
|
2017-09-29 10:31 |
2008-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257240
|
- |
|
vacation_rentals
|
vacation_rental_script
|
SQL injection vulnerability in index.php in Vacation Rental Script 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a sections action.
|
CWE-89
SQL Injection
|
CVE-2008-3603
|
2017-09-29 10:31 |
2008-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
