|
260691
|
- |
|
e-xoops
bcoos
|
e-xoops
devtracker
bcoos
|
Multiple cross-site scripting (XSS) vulnerabilities in index.php in DevTracker module 3.0 for bcoos 1.1.11 and earlier, and DevTracker module 0.20 for E-XooPS 1.0.8 and earlier, allow remote attacker…
|
CWE-79
Cross-site Scripting
|
CVE-2008-7036
|
2017-08-17 10:29 |
2009-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260692
|
- |
|
itn
|
itn_news_gadget
|
The Sidebar gadget in ITN News Gadget (aka ITN Hub Gadget) 1.06 for Windows Vista, and possibly other versions before 1.23, allows remote web servers or man-in-the-middle attackers to execute arbitra…
|
CWE-20
Improper Input Validation
|
CVE-2008-7037
|
2017-08-17 10:29 |
2009-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260693
|
- |
|
gelatocms
|
gelatocms
|
Cross-site scripting (XSS) vulnerability in admin/comments.php in Gelato CMS 0.95 allows remote attackers to inject arbitrary web script or HTML via the content parameter in a comment. NOTE: some of…
|
CWE-79
Cross-site Scripting
|
CVE-2008-7039
|
2017-08-17 10:29 |
2009-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260694
|
- |
|
yellowswordfish
|
simple_forum
|
SQL injection vulnerability in ahah/sf-profile.php in the Yellow Swordfish Simple Forum module for Wordpress allows remote attackers to execute arbitrary SQL commands via the u parameter. NOTE: this…
|
CWE-89
SQL Injection
|
CVE-2008-7040
|
2017-08-17 10:29 |
2009-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260695
|
- |
|
natterchat
|
natterchat
|
Multiple cross-site scripting (XSS) vulnerabilities in NatterChat 1.12 allow remote attackers to inject arbitrary web script or HTML via the (1) txtUsername parameter to registerDo.asp, as invoked fr…
|
CWE-79
Cross-site Scripting
|
CVE-2008-7048
|
2017-08-17 10:29 |
2009-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260696
|
- |
|
raidsonic
|
icy_box_nas
|
userHandler.cgi in RaidSonic ICY BOX NAS firmware 2.3.2.IB.2.RS.1 allows remote attackers to bypass authentication and gain administrator privileges by setting the login parameter to admin. NOTE: the…
|
CWE-287
Improper Authentication
|
CVE-2008-7081
|
2017-08-17 10:29 |
2009-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260697
|
- |
|
unica
|
affinium_campaign
|
Multiple cross-site scripting (XSS) vulnerabilities in Unica Affinium Campaign 7.2.1.0.55 allow remote attackers to inject arbitrary web script or HTML via a Javascript event in the (1) url, (2) Page…
|
CWE-79
Cross-site Scripting
|
CVE-2008-7092
|
2017-08-17 10:29 |
2009-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260698
|
- |
|
unica
|
affinium_campaign
|
Multiple directory traversal vulnerabilities in Unica Affinium Campaign 7.2.1.0.55 allow remote attackers to (1) create arbitrary directories or files via a .. (dot dot) in the folder name in the new…
|
CWE-22
Path Traversal
|
CVE-2008-7093
|
2017-08-17 10:29 |
2009-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260699
|
- |
|
unica
|
affinium_campaign
|
Campaign/CampaignListener in the listener server in Unica Affinium Campaign 7.2.1.0.55 allows remote attackers to cause a denial of service (server crash) via a crafted length field that triggers (1)…
|
CWE-399
Resource Management Errors
|
CVE-2008-7094
|
2017-08-17 10:29 |
2009-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260700
|
- |
|
intel
|
bios
|
Intel Desktop and Intel Mobile Boards with BIOS firmware DQ35JO, DQ35MP, DP35DP, DG33FB, DG33BU, DG33TL, MGM965TW, D945GCPE, and DX38BT allows local administrators with ring 0 privileges to gain addi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7096
|
2017-08-17 10:29 |
2009-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
