|
257241
|
- |
|
articlefriendly
|
article_friendly
|
SQL injection vulnerability in categorydetail.php in Article Friendly Standard allows remote attackers to execute arbitrary SQL commands via the Cat parameter.
|
CWE-89
SQL Injection
|
CVE-2008-3649
|
2017-09-29 10:31 |
2008-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257242
|
- |
|
articlefriendly
|
article_friendly
|
Regarding Access Complexity:
http://secunia.com/advisories/31292:
"Input passed to the "autid" parameter in authordetail.php and to the "Cat" parameter in categorydetail.php is not properly san…
|
CWE-89
SQL Injection
|
CVE-2008-3649
|
2017-09-29 10:31 |
2008-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257243
|
- |
|
zeescripts
|
zeereviews
|
SQL injection vulnerability in comments.php in ZeeScripts Reviews Opinions Rating Posting Engine Web-Site PHP Script (aka ZeeReviews) allows remote attackers to execute arbitrary SQL commands via the…
|
CWE-89
SQL Injection
|
CVE-2008-3669
|
2017-09-29 10:31 |
2008-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257244
|
- |
|
articlefriendly
|
article_friendly
|
SQL injection vulnerability in authordetail.php in Article Friendly Pro allows remote attackers to execute arbitrary SQL commands via the autid parameter.
|
CWE-89
SQL Injection
|
CVE-2008-3670
|
2017-09-29 10:31 |
2008-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257245
|
- |
|
pozscripts
|
classified_ads
|
SQL injection vulnerability in browsecats.php in PozScripts Classified Ads allows remote attackers to execute arbitrary SQL commands via the cid parameter, a different vector than CVE-2008-3672.
|
CWE-89
SQL Injection
|
CVE-2008-3673
|
2017-09-29 10:31 |
2008-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257246
|
- |
|
pozscripts
|
tubeguru_video_sharing_script
|
SQL injection vulnerability in ugroups.php in PozScripts TubeGuru Video Sharing Script allows remote attackers to execute arbitrary SQL commands via the UID parameter.
|
CWE-89
SQL Injection
|
CVE-2008-3674
|
2017-09-29 10:31 |
2008-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257247
|
- |
|
gelatocms
|
gelatocms
|
Directory traversal vulnerability in classes/imgsize.php in Gelato 0.95 allows remote attackers to read arbitrary files via (1) a .. (dot dot) and possibly (2) a full pathname in the img parameter. …
|
CWE-22
Path Traversal
|
CVE-2008-3675
|
2017-09-29 10:31 |
2008-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257248
|
- |
|
joomla
|
com_user
|
components/com_user/models/reset.php in Joomla! 1.5 through 1.5.5 does not properly validate reset tokens, which allows remote attackers to reset the "first enabled user (lowest id)" password, typica…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-3681
|
2017-09-29 10:31 |
2008-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257249
|
- |
|
jcomsoft
speedbit
|
anigif
download_accelerator_plus
|
Multiple stack-based buffer overflows in the Animation GIF ActiveX control in JComSoft AniGIF.ocx 1.12 and 2.47, as used in products such as SpeedBit Download Accelerator Plus (DAP) 8.6, allow remote…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-3702
|
2017-09-29 10:31 |
2008-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257250
|
- |
|
zeeways
|
zeejobsite
|
SQL injection vulnerability in bannerclick.php in ZEEJOBSITE 2.0 allows remote attackers to execute arbitrary SQL commands via the adid parameter.
|
CWE-89
SQL Injection
|
CVE-2008-3706
|
2017-09-29 10:31 |
2008-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
