|
261161
|
- |
|
microworld_technologies
|
mailscan
|
Cross-site scripting (XSS) vulnerability in Web Based Administration in MicroWorld Technologies MailScan 5.6.a espatch 1 allows remote attackers to inject arbitrary web script or HTML via the URI.
|
CWE-79
Cross-site Scripting
|
CVE-2008-3726
|
2017-08-8 10:32 |
2008-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261162
|
- |
|
microworld_technologies
|
mailscan
|
Web Based Administration in MicroWorld Technologies MailScan 5.6.a espatch 1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to determi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-3728
|
2017-08-8 10:32 |
2008-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261163
|
- |
|
microworld_technologies
|
mailscan
|
Web Based Administration in MicroWorld Technologies MailScan 5.6.a espatch 1 allows remote attackers to bypass authentication and obtain administrative access via a direct request with (1) an IsAdmin…
|
CWE-287
Improper Authentication
|
CVE-2008-3729
|
2017-08-8 10:32 |
2008-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261164
|
- |
|
nordicwind
|
noah
nordicwind_document_management_system
|
Cross-site scripting (XSS) vulnerability in Nordicwind Document Management System (NOAH) before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2008-3730
|
2017-08-8 10:32 |
2008-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261165
|
- |
|
phpizabi
|
phpizabi
|
Cross-site scripting (XSS) vulnerability in index.php in PHPizabi before 848 Core HotFix Pack 3 allows remote attackers to inject arbitrary web script or HTML via the query parameter in a blogs.searc…
|
CWE-79
Cross-site Scripting
|
CVE-2008-3735
|
2017-08-8 10:32 |
2008-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261166
|
- |
|
spacetag
system_consultants
|
lacoodast
la_cooda_wiz
|
Multiple cross-site request forgery (CSRF) vulnerabilities in (1) System Consultants La!Cooda WIZ 1.4.0 and earlier and (2) SpaceTag LacoodaST 2.1.3 and earlier allow remote attackers to hijack the a…
|
CWE-352
Origin Validation Error
|
CVE-2008-3736
|
2017-08-8 10:32 |
2008-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261167
|
- |
|
spacetag
system_consultants
|
lacoodast
la_cooda_wiz
|
Unspecified vulnerability in (1) System Consultants La!Cooda WIZ 1.4.0 and earlier and (2) SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to execute arbitrary PHP scripts, and delete fi…
|
CWE-94
Code Injection
|
CVE-2008-3737
|
2017-08-8 10:32 |
2008-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261168
|
- |
|
spacetag
system_consultants
|
lacoodast
la_cooda_wiz
|
Cross-site scripting (XSS) vulnerability in (1) System Consultants La!Cooda WIZ 1.4.0 and earlier and (2) SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to inject arbitrary web script o…
|
CWE-79
Cross-site Scripting
|
CVE-2008-3739
|
2017-08-8 10:32 |
2008-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261169
|
- |
|
drupal
|
drupal
|
Cross-site scripting (XSS) vulnerability in the output filter in Drupal 5.x before 5.10 and 6.x before 6.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2008-3740
|
2017-08-8 10:32 |
2008-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261170
|
- |
|
drupal
|
drupal
|
The private filesystem in Drupal 5.x before 5.10 and 6.x before 6.4 trusts the MIME type sent by a web browser, which allows remote authenticated users to conduct cross-site scripting (XSS) attacks b…
|
CWE-79
Cross-site Scripting
|
CVE-2008-3741
|
2017-08-8 10:32 |
2008-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
