|
257761
|
- |
|
pixel_motion
|
pixel_motion_blog
|
admin/modif_config.php in Blog Pixel Motion (aka PixelMotion) does not require admin authentication, which allows remote authenticated users to upload arbitrary PHP scripts in a ZIP archive, which is…
|
CWE-94
Code Injection
|
CVE-2008-1866
|
2017-09-29 10:30 |
2008-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257762
|
- |
|
pixel_motion
|
pixel_motion_blog
|
SQL injection vulnerability in Blog Pixel Motion (aka Blog PixelMotion) allows remote attackers to execute arbitrary SQL commands via the categorie parameter to index.php, possibly related to include…
|
CWE-89
SQL Injection
|
CVE-2008-1867
|
2017-09-29 10:30 |
2008-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257763
|
- |
|
pixel_motion
|
pixel_motion_blog
|
admin/sauvBase.php in Blog Pixel Motion (aka Blog PixelMotion) does not require authentication, which allows remote attackers to trigger a database backup dump, and obtain the resulting blogPM.sql fi…
|
CWE-287
Improper Authentication
|
CVE-2008-1868
|
2017-09-29 10:30 |
2008-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257764
|
- |
|
site_sift_media
|
site_sift_listings
|
SQL injection vulnerability in Site Sift Listings allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. NOTE: this issue might be site-speci…
|
CWE-89
SQL Injection
|
CVE-2008-1869
|
2017-09-29 10:30 |
2008-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257765
|
- |
|
geek247
|
pigmy-sql
|
SQL injection vulnerability in getdata.php in PIGMy-SQL 1.4.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2008-1870
|
2017-09-29 10:30 |
2008-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257766
|
- |
|
scriptsagent
|
links_directory
|
SQL injection vulnerability in links.php in Scriptsagent.com Links Directory 1.1 allows remote authenticated users to execute arbitrary SQL commands via the cat_id parameter in a list action.
|
CWE-89
SQL Injection
|
CVE-2008-1871
|
2017-09-29 10:30 |
2008-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257767
|
- |
|
comdev
|
comdev_news_publisher
|
SQL injection vulnerability in home.news.php in Comdev News Publisher 4.1.2 allows remote attackers to execute arbitrary SQL commands via the arcmonth parameter. NOTE: some of these details are obta…
|
CWE-89
SQL Injection
|
CVE-2008-1872
|
2017-09-29 10:30 |
2008-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257768
|
- |
|
xpoze
|
xpoze_pro
|
SQL injection vulnerability in account/user/mail.html in Xpoze Pro 3.05 and earlier allows remote authenticated users to execute arbitrary SQL commands via the reed parameter.
|
CWE-89
SQL Injection
|
CVE-2008-1874
|
2017-09-29 10:30 |
2008-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257769
|
- |
|
terong
|
advanced_web_photo_gallery
|
SQL injection vulnerability in index.php in Terong PHP Photo Gallery (aka Advanced Web Photo Gallery) 1.0 allows remote attackers to execute arbitrary SQL commands via the photo_id parameter.
|
CWE-89
SQL Injection
|
CVE-2008-1875
|
2017-09-29 10:30 |
2008-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257770
|
- |
|
snarky
|
visualpic
|
PHP remote file inclusion vulnerability in index.php in VisualPic 0.3.1 allows remote attackers to execute arbitrary PHP code via a URL in the _CONFIG[files][functions_page] parameter.
|
CWE-94
Code Injection
|
CVE-2008-1876
|
2017-09-29 10:30 |
2008-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
