|
260631
|
- |
|
peterselie
|
yourplace
|
internettoolbar/edit.php in YourPlace 1.0.2 and earlier does not end execution when an invalid username is detected, which allows remote attackers to bypass intended restrictions and edit toolbar set…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6774
|
2017-08-17 10:29 |
2009-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260632
|
- |
|
phpnuke
|
sarkilar_module
|
SQL injection vulnerability in the Sarkilar module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a showcontent action to modules.php.
|
CWE-89
SQL Injection
|
CVE-2008-6779
|
2017-08-17 10:29 |
2009-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260633
|
- |
|
ubuntu
|
linux
|
system-tools-backends before 2.6.0-1ubuntu1.1 in Ubuntu 8.10, as used by "Users and Groups" in GNOME System Tools, hashes account passwords with 3DES and consequently limits effective password length…
|
CWE-310
Cryptographic Issues
|
CVE-2008-6792
|
2017-08-17 10:29 |
2009-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260634
|
- |
|
tufat
|
flashchat
|
connection.php in FlashChat 5.0.8 allows remote attackers to bypass the role filter mechanism and gain administrative privileges by setting the s parameter to "7."
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6799
|
2017-08-17 10:29 |
2009-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260635
|
- |
|
vivvo
|
vivvo
|
Cross-site request forgery (CSRF) vulnerability in Vivvo CMS before 4.0.4 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
|
CWE-352
Origin Validation Error
|
CVE-2008-6801
|
2017-08-17 10:29 |
2009-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260636
|
- |
|
yigit_aybuga
|
dizi_portali
|
SQL injection vulnerability in diziler.asp in Yigit Aybuga Dizi Portali allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is un…
|
CWE-89
SQL Injection
|
CVE-2008-6803
|
2017-08-17 10:29 |
2009-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260637
|
- |
|
ibiblio
|
osprey
|
PHP remote file inclusion vulnerability in ListRecords.php in osprey 1.0a4.1 allows remote attackers to execute arbitrary PHP code via a URL in the xml_dir parameter. NOTE: the provenance of this in…
|
CWE-94
Code Injection
|
CVE-2008-6807
|
2017-08-17 10:29 |
2009-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260638
|
- |
|
mole-group
|
lastminute_script
|
Mole Group Lastminute Script 4.0 and earlier stores passwords in cleartext, which allows context-dependent attackers to obtain sensitive information. NOTE: the provenance of this information is unkn…
|
CWE-255
Credentials Management
|
CVE-2008-6817
|
2017-08-17 10:29 |
2009-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260639
|
- |
|
mole-group
|
real_estate_script
|
Mole Group Real Estate Script 1.1 and earlier stores passwords in cleartext, which allows context-dependent attackers to obtain sensitive information. NOTE: the provenance of this information is unk…
|
CWE-255
Credentials Management
|
CVE-2008-6818
|
2017-08-17 10:29 |
2009-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260640
|
- |
|
ibm
|
db2
|
Buffer overflow in the DAS server in IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP2 might allow attackers to execute arbitrary code or cause a denial of service (application crash) via uns…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-6821
|
2017-08-17 10:29 |
2009-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
