|
260671
|
- |
|
alt-n
|
mdaemon
worldclient
|
Multiple unspecified vulnerabilities in WorldClient in Alt-N MDaemon before 10.02 have unknown impact and attack vectors, probably related to cross-site scripting (XSS) and WorldClient DLL 10.0.1, a …
|
NVD-CWE-noinfo
|
CVE-2008-6967
|
2017-08-17 10:29 |
2009-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260672
|
- |
|
pligg
|
pligg_cms
|
Multiple SQL injection vulnerabilities in submit.php in Pligg CMS 9.9.5 allow remote attackers to execute arbitrary SQL commands via the (1) category and (2) id parameters.
|
CWE-89
SQL Injection
|
CVE-2008-6968
|
2017-08-17 10:29 |
2009-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260673
|
- |
|
pentasoft_corp.
|
avactis_shopping_cart
|
Multiple cross-site scripting (XSS) vulnerabilities in checkout.php in Avactis Shopping Cart 1.8.0 and 1.8.1 allow remote attackers to inject arbitrary web script or HTML via the (1) step_id and (2) …
|
CWE-79
Cross-site Scripting
|
CVE-2008-6969
|
2017-08-17 10:29 |
2009-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260674
|
- |
|
ubbcentral
|
ubb.threads
|
SQL injection vulnerability in dosearch.inc.php in UBB.threads 7.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the Forum[] array parameter.
|
CWE-89
SQL Injection
|
CVE-2008-6970
|
2017-08-17 10:29 |
2009-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260675
|
- |
|
karen_stevenson
yves_chedemois
|
cck
|
Multiple cross-site scripting (XSS) vulnerabilities in Drupal Content Construction Kit (CCK) 5.x through 5.x-1.8 allow remote authenticated users with "administer content" permissions to inject arbit…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6972
|
2017-08-17 10:29 |
2009-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260676
|
- |
|
ibm
|
websphere_commerce
|
Multiple unspecified vulnerabilities in IBM WebSphere Commerce 6.0 before 6.0.0.7 have unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2008-6973
|
2017-08-17 10:29 |
2009-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260677
|
- |
|
parallels
|
plesk
|
Plesk 8.6.0, when short mail login names (SHORTNAMES) are enabled, allows remote attackers to bypass authentication and send spam e-mail via a message with (1) a base64-encoded username that begins w…
|
CWE-287
Improper Authentication
|
CVE-2008-6984
|
2017-08-17 10:29 |
2009-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260678
|
- |
|
ezonescripts
|
dating_website_script
|
Unrestricted file upload vulnerability in eZoneScripts Dating Website script allows remote attackers to execute arbitrary code via unknown vectors. NOTE: the provenance of this information is unknow…
|
NVD-CWE-Other
|
CVE-2008-6987
|
2017-08-17 10:29 |
2009-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260679
|
- |
|
phpauction
|
phpauction
|
phpAuction 3.2, and possibly 3.3.0 GPL Basic edition, allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function.
|
CWE-200
Information Exposure
|
CVE-2008-6999
|
2017-08-17 10:29 |
2009-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260680
|
- |
|
phpauction
|
phpauction
|
PHP remote file inclusion vulnerability in index.php in PHPAuction 3.2 allows remote attackers to execute arbitrary PHP code via a URL in the lan parameter. NOTE: this might be related to CVE-2005-2…
|
CWE-94
Code Injection
|
CVE-2008-7000
|
2017-08-17 10:29 |
2009-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
