|
261091
|
- |
|
preprojects.com
|
pre_courier_and_cargo_business
|
PreProjects Pre Courier and Cargo Business stores dbcourior.mdb under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6054
|
2017-08-8 10:33 |
2009-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261092
|
- |
|
webkit
|
webkit
|
xml/XMLHttpRequest.cpp in WebCore in WebKit before r38566 does not properly restrict access from web pages to the (1) Set-Cookie and (2) Set-Cookie2 HTTP response headers, which allows remote attacke…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6059
|
2017-08-8 10:33 |
2009-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261093
|
- |
|
meet\#web
|
meet\#web
|
Multiple PHP remote file inclusion vulnerabilities in Meet#Web 0.8 allow remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) modules.php, (2) ManagerResource.cl…
|
CWE-94
Code Injection
|
CVE-2008-6066
|
2017-08-8 10:33 |
2009-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261094
|
- |
|
graphicsmagick
|
graphicsmagick
|
Multiple heap-based buffer underflows in the ReadPALMImage function in coders/palm.c in GraphicsMagick before 1.2.3 allow remote attackers to cause a denial of service (crash) or possibly execute arb…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-6070
|
2017-08-8 10:33 |
2009-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261095
|
- |
|
graphicsmagick
|
graphicsmagick
|
Heap-based buffer overflow in the DecodeImage function in coders/pict.c in GraphicsMagick before 1.1.14, and 1.2.x before 1.2.3, allows remote attackers to cause a denial of service (crash) or possib…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-6071
|
2017-08-8 10:33 |
2009-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261096
|
- |
|
magic2003
|
storagecrypt
|
StorageCrypt 2.0.1 does not properly encrypt disks, which allows local users to obtain sensitive information via unspecified vectors. NOTE: the provenance of this information is unknown; the details…
|
CWE-310
Cryptographic Issues
|
CVE-2008-6073
|
2017-08-8 10:33 |
2009-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261097
|
- |
|
enlightenment
|
imlib2
|
imlib2 before 1.4.2 allows context-dependent attackers to have an unspecified impact via a crafted (1) ARGB, (2) BMP, (3) JPEG, (4) LBM, (5) PNM, (6) TGA, or (7) XPM file, related to "several heap an…
|
NVD-CWE-noinfo
|
CVE-2008-6079
|
2017-08-8 10:33 |
2009-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261098
|
- |
|
f-secure
|
f-secure_anti-virus
f-secure_anti-virus_for_citrix_servers
f-secure_anti-virus_for_microsoft_exchange
f-secure_anti-virus_for_mimesweeper
f-secure_anti-virus_for_windows_servers
f-secu…
|
Integer overflow in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, when configured to scan inside compressed archives,…
|
CWE-189
Numeric Errors
|
CVE-2008-6085
|
2017-08-8 10:33 |
2009-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261099
|
- |
|
celoxis
|
celoxis
|
Cross-site scripting (XSS) vulnerability in user.do in Celoxis Technologies Celoxis allows remote attackers to inject arbitrary web script or HTML via the ni.smessage parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-6094
|
2017-08-8 10:33 |
2009-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261100
|
- |
|
opennms
|
opennms
|
Cross-site scripting (XSS) vulnerability in surveillanceView.htm in OpenNMS 1.5.94 allows remote attackers to inject arbitrary web script or HTML via the viewName parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-6095
|
2017-08-8 10:33 |
2009-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
