|
261481
|
- |
|
netpbm
|
netpbm
|
pamperspective in Netpbm before 10.35.48 does not properly calculate a window height, which allows context-dependent attackers to cause a denial of service (crash) via a crafted image file that trigg…
|
CWE-189
Numeric Errors
|
CVE-2008-4799
|
2017-08-8 10:32 |
2008-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261482
|
- |
|
simple_php_scripts
|
blog
|
Cross-site scripting (XSS) vulnerability in complete.php in Simple PHP Scripts blog 0.3 allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: the provenance of t…
|
CWE-79
Cross-site Scripting
|
CVE-2008-4802
|
2017-08-8 10:32 |
2008-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261483
|
- |
|
simple_php_scripts
|
gallery
|
Cross-site scripting (XSS) vulnerability in index.php in Simple PHP Scripts gallery 0.1, 0.3, and 0.4 allows remote attackers to inject arbitrary web script or HTML via the gallery parameter. NOTE: …
|
CWE-79
Cross-site Scripting
|
CVE-2008-4803
|
2017-08-8 10:32 |
2008-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261484
|
- |
|
ibm
|
lotus_connections
|
Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Connections 2.x before 2.0.1 allow remote attackers to inject arbitrary web script or HTML via (1) the community title, (2) API input,…
|
CWE-79
Cross-site Scripting
|
CVE-2008-4805
|
2017-08-8 10:32 |
2008-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261485
|
- |
|
ibm
|
lotus_connections
|
Multiple SQL injection vulnerabilities in IBM Lotus Connections 2.x before 2.0.1 allow remote attackers to execute arbitrary SQL commands via the sortField parameter to unspecified components. NOTE:…
|
CWE-89
SQL Injection
|
CVE-2008-4806
|
2017-08-8 10:32 |
2008-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261486
|
- |
|
ibm
|
lotus_connections
|
IBM Lotus Connections 2.x before 2.0.1 stores the password for the administrative user in the trace.log file, which allows local users to obtain sensitive information by reading this file. NOTE: the…
|
CWE-255
Credentials Management
|
CVE-2008-4807
|
2017-08-8 10:32 |
2008-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261487
|
- |
|
ibm
|
lotus_connections
|
IBM Lotus Connections 2.x before 2.0.1 allows attackers to discover passwords via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third…
|
CWE-200
Information Exposure
|
CVE-2008-4808
|
2017-08-8 10:32 |
2008-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261488
|
- |
|
ibm
|
lotus_connections
|
Multiple unspecified vulnerabilities in the Profiles search pages in IBM Lotus Connections 2.x before 2.0.1 have unknown impact and attack vectors related to "Active" content. NOTE: the provenance o…
|
NVD-CWE-noinfo
|
CVE-2008-4809
|
2017-08-8 10:32 |
2008-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261489
|
- |
|
smarty
|
smarty
|
The _expand_quoted_text function in libs/Smarty_Compiler.class.php in Smarty 2.6.20 before r2797 allows remote attackers to execute arbitrary PHP code via vectors related to templates and (1) a dolla…
|
CWE-94
Code Injection
|
CVE-2008-4810
|
2017-08-8 10:32 |
2008-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261490
|
- |
|
smarty
|
smarty
|
The _expand_quoted_text function in libs/Smarty_Compiler.class.php in Smarty 2.6.20 r2797 and earlier allows remote attackers to execute arbitrary PHP code via vectors related to templates and a \ (b…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-4811
|
2017-08-8 10:32 |
2008-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
