|
260521
|
- |
|
sina
|
dloader
|
Insecure method vulnerability in Sina Inc. DLoader Class ActiveX Control allows remote attackers to overwrite arbitrary files via a URL in the first parameter to the DonwloadAndInstall method. NOTE:…
|
NVD-CWE-Other
|
CVE-2008-6442
|
2017-08-17 10:29 |
2009-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260522
|
- |
|
phpkf
|
phpkf
|
SQL injection vulnerability in forum_duzen.php in phpKF allows remote attackers to execute arbitrary SQL commands via the fno parameter.
|
CWE-89
SQL Injection
|
CVE-2008-6443
|
2017-08-17 10:29 |
2009-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260523
|
- |
|
yourplace
|
yourplace
|
Unspecified vulnerability in YourPlace before 1.0.1 has unknown impact and attack vectors, possibly related to improper authentication and the ability to upload arbitrary PHP code. NOTE: some of the…
|
CWE-287
Improper Authentication
|
CVE-2008-6445
|
2017-08-17 10:29 |
2009-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260524
|
- |
|
skyarc
|
mtcms_wysiwyg_editor
|
Cross-site scripting (XSS) vulnerability in install.cgi in SKYARC System MTCMS WYSIWYG Editor allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2008-6448
|
2017-08-17 10:29 |
2009-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260525
|
- |
|
centurysys
|
xr-1100
xr-410
xr-410-l2
xr-440
xr-510
xr-540
xr-640
xr-640-l2
xr-730
|
Cross-site request forgery (CSRF) vulnerability in multiple Century Systems routers including XR-410 before 1.6.9, XR-510 before 3.5.3, XR-440 before 1.7.8, and other XR series routers from XR-510 to…
|
CWE-352
Origin Validation Error
|
CVE-2008-6449
|
2017-08-17 10:29 |
2009-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260526
|
- |
|
under_construction_baby
|
pc2m
|
Cross-site scripting (XSS) vulnerability in Under Construction, Baby (UCB) PC2M 0.9.22.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2008-6450
|
2017-08-17 10:29 |
2009-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260527
|
- |
|
edikon
|
phpshop
|
Session fixation vulnerability in Edikon phpShop 0.8.1 allows remote attackers to hijack web sessions via unspecified vectors. NOTE: the provenance of this information is unknown; the details are ob…
|
CWE-287
Improper Authentication
|
CVE-2008-6455
|
2017-08-17 10:29 |
2009-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260528
|
- |
|
martin_helmich
|
hbook
|
SQL injection vulnerability in the HBook (h_book) extension 2.3.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2008-6456
|
2017-08-17 10:29 |
2009-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260529
|
- |
|
walnutstreet
|
cgswigmore
|
SQL injection vulnerability in the Swigmore institute (cgswigmore) extension before 0.1.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2008-6457
|
2017-08-17 10:29 |
2009-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260530
|
- |
|
dieter_mayer
|
fe_address_edit
|
SQL injection vulnerability in the FE address edit for tt_address & direct mail (dmaddredit) extension 0.4.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspec…
|
CWE-89
SQL Injection
|
CVE-2008-6458
|
2017-08-17 10:29 |
2009-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
