|
257411
|
- |
|
phpecho_cms
|
phpecho_cms
|
SQL injection vulnerability in index.php in the forum module in PHPEcho CMS, probably 2.0-rc3 and earlier, allows remote attackers to execute arbitrary SQL commands via the id parameter in a section …
|
CWE-89
SQL Injection
|
CVE-2008-0355
|
2017-09-29 10:30 |
2008-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257412
|
- |
|
galaxyscripts
|
mini_file_host
|
Directory traversal vulnerability in pages/upload.php in Galaxyscripts Mini File Host 1.2.1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal se…
|
CWE-22
Path Traversal
|
CVE-2008-0357
|
2017-09-29 10:30 |
2008-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257413
|
- |
|
pixelpost
|
pixelpost
|
SQL injection vulnerability in index.php in Pixelpost 1.7 allows remote attackers to execute arbitrary SQL commands via the parent_id parameter.
|
CWE-89
SQL Injection
|
CVE-2008-0358
|
2017-09-29 10:30 |
2008-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257414
|
- |
|
alilg
|
alitalk
|
Multiple SQL injection vulnerabilities in aliTalk 1.9.1.1, when magic_quotes_gpc is disabled, allow remote authenticated users to execute arbitrary SQL commands via (1) the mohit parameter to (a) inc…
|
CWE-89
SQL Injection
|
CVE-2008-0371
|
2017-09-29 10:30 |
2008-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257415
|
- |
|
softpedia
|
small_axe_weblog
|
PHP remote file inclusion vulnerability in inc/linkbar.php in Small Axe Weblog 0.3.1 allows remote attackers to execute arbitrary PHP code via a URL in the cfile parameter.
|
CWE-94
Code Injection
|
CVE-2008-0376
|
2017-09-29 10:30 |
2008-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257416
|
- |
|
digital_data_communications
|
rtspvapgdecoder.dll
|
Buffer overflow in the Digital Data Communications RtspVaPgCtrl ActiveX control (RtspVapgDecoder.dll 1.1.0.29) allows remote attackers to execute arbitrary code via a long MP4Prefix property.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-0380
|
2017-09-29 10:30 |
2008-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257417
|
- |
|
wordpress
|
wp_forum
|
SQL injection vulnerability in the WP-Forum 1.7.4 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the user parameter in a showprofile action to the default URI.
|
CWE-89
SQL Injection
|
CVE-2008-0388
|
2017-09-29 10:30 |
2008-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257418
|
- |
|
auracms
|
auracms
mod_block_statistik
|
stat.php in AuraCMS 1.62, and Mod Block Statistik for AuraCMS, allows remote attackers to inject arbitrary PHP code into online.db.txt via the X-Forwarded-For HTTP header in a stat action to index.ph…
|
CWE-94
Code Injection
|
CVE-2008-0390
|
2017-09-29 10:30 |
2008-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257419
|
- |
|
alilg
|
alitalk
|
inc/elementz.php in aliTalk 1.9.1.1 does not properly verify authentication, which allows remote attackers to add an arbitrary user account via a modified lilil parameter, in conjunction with the ubi…
|
CWE-287
Improper Authentication
|
CVE-2008-0391
|
2017-09-29 10:30 |
2008-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257420
|
- |
|
microsoft
|
visual_basic
|
Multiple buffer overflows in Microsoft Visual Basic Enterprise Edition 6.0 SP6 allow user-assisted remote attackers to execute arbitrary code via a .dsr file with a long (1) ConnectionName or (2) Com…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-0392
|
2017-09-29 10:30 |
2008-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
