|
257731
|
- |
|
iscripts
|
socialware
|
iScripts SocialWare stores passwords in cleartext in a database, which allows context-dependent attackers to obtain sensitive information.
|
CWE-310
Cryptographic Issues
|
CVE-2008-1772
|
2017-09-29 10:30 |
2008-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257732
|
- |
|
dragoon
|
dragoon
|
PHP remote file inclusion vulnerability in includes/header.inc.php in Dragoon 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the root parameter.
|
CWE-94
Code Injection
|
CVE-2008-1773
|
2017-09-29 10:30 |
2008-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257733
|
- |
|
pligg
|
pligg_cms
|
SQL injection vulnerability in editlink.php in Pligg 9.9.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2008-1774
|
2017-09-29 10:30 |
2008-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257734
|
- |
|
phpblock
|
phpblock
|
PHP remote file inclusion vulnerability in modules/basicfog/basicfogfactory.class.php in PhpBlock A8.4 allows remote attackers to execute arbitrary PHP code via a URL in the PATH_TO_CODE parameter.
|
CWE-94
Code Injection
|
CVE-2008-1776
|
2017-09-29 10:30 |
2008-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257735
|
- |
|
sun
|
solaris
|
Sun Solaris 8, 9, and 10 allows "remote privileged" users to cause a denial of service (panic) via unknown vectors related to self encapsulated IP packets.
|
CWE-399
Resource Management Errors
|
CVE-2008-1779
|
2017-09-29 10:30 |
2008-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257736
|
- |
|
advanced_software_engineering
|
chartdirector
|
phpdemo/viewsource.php in Advanced Software Engineering ChartDirector 4.1 allows remote attackers to read sensitive files via the file parameter.
|
CWE-200
Information Exposure
|
CVE-2008-1782
|
2017-09-29 10:30 |
2008-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257737
|
- |
|
prozilla
|
reviews
|
Prozilla Reviews 1.0 allows remote attackers to delete arbitrary users via a modified UserID parameter in a direct request to siteadmin/DeleteUser.php.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-1783
|
2017-09-29 10:30 |
2008-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257738
|
- |
|
prozilla
|
topsites
|
Prozilla Topsites 1.0 allows remote attackers to perform administrative actions via a direct request to (1) addu.php, (2) editu.php, and (3) uidx.php in siteadmin/.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-1784
|
2017-09-29 10:30 |
2008-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257739
|
- |
|
prozilla
|
top_100
|
delete.php in Prozilla Top 100 1.2 allows remote authenticated users to delete statistics and accounts of arbitrary users via a modified s parameter.
|
CWE-20
Improper Input Validation
|
CVE-2008-1785
|
2017-09-29 10:30 |
2008-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257740
|
- |
|
prozilla
|
forum
|
SQL injection vulnerability in forum.php in Prozilla Forum allows remote attackers to execute arbitrary SQL commands via the forum parameter.
|
CWE-89
SQL Injection
|
CVE-2008-1789
|
2017-09-29 10:30 |
2008-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
