261501
|
- |
|
logz
|
logz
|
Cross-site scripting (XSS) vulnerability in fichiers/add_url.php in Logz CMS 1.3.1 allows remote attackers to inject arbitrary web script or HTML via the art parameter. NOTE: the provenance of this …
|
CWE-79
Cross-site Scripting
|
CVE-2008-4896
|
2017-08-8 10:32 |
2008-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261502
|
- |
|
planetluc
|
rateme
|
Cross-site scripting (XSS) vulnerability in planetluc RateMe 1.3.3 allows remote attackers to inject arbitrary web script or HTML via the rate parameter in a submit rate action.
|
CWE-79
Cross-site Scripting
|
CVE-2008-4898
|
2017-08-8 10:32 |
2008-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261503
|
- |
|
planetluc
|
rateme
|
Cross-site request forgery (CSRF) vulnerability in Planetluc RateMe 1.3.3 allows remote attackers to perform unauthorized actions as other users via unspecified vectors.
|
CWE-352
Origin Validation Error
|
CVE-2008-4899
|
2017-08-8 10:32 |
2008-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261504
|
- |
|
typosphere
|
typo
|
Cross-site scripting (XSS) vulnerability in the leave comment (feedback) feature in Typo 5.1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) comment[author] (…
|
CWE-79
Cross-site Scripting
|
CVE-2008-4903
|
2017-08-8 10:32 |
2008-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261505
|
- |
|
typosphere
|
typo
|
SQL injection vulnerability in the "Manage pages" feature (admin/pages) in Typo 5.1.3 and earlier allows remote authenticated users with "blog publisher" rights to execute arbitrary SQL commands via …
|
CWE-89
SQL Injection
|
CVE-2008-4904
|
2017-08-8 10:32 |
2008-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261506
|
- |
|
dovecot
|
dovecot
|
The message parsing feature in Dovecot 1.1.4 and 1.1.5, when using the FETCH ENVELOPE command in the IMAP client, allows remote attackers to cause a denial of service (persistent crash) via an email …
|
CWE-20
Improper Input Validation
|
CVE-2008-4907
|
2017-08-8 10:32 |
2008-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261507
|
- |
|
crossfire
|
crossfire
|
maps/Info/combine.pl in CrossFire crossfire-maps 1.11.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
|
CWE-59
Link Following
|
CVE-2008-4908
|
2017-08-8 10:32 |
2008-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261508
|
- |
|
compact_cms
|
compact_cms
|
Cross-site request forgery (CSRF) vulnerability in CompactCMS 1.1 and earlier allows remote attackers to perform unauthorized actions as legitimate users via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2008-4909
|
2017-08-8 10:32 |
2008-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261509
|
- |
|
chattaitaliano
|
istant-replay
|
PHP remote file inclusion vulnerability in read.php in Chattaitaliano Istant-Replay allows remote attackers to execute arbitrary PHP code via a URL in the data parameter.
|
CWE-94
Code Injection
|
CVE-2008-4911
|
2017-08-8 10:32 |
2008-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261510
|
- |
|
gforge
|
gforge
|
SQL injection vulnerability in the create function in common/include/GroupJoinRequest.class in GForge 4.5 and 4.6 allows remote attackers to execute arbitrary SQL commands via the comments variable.
|
CWE-89
SQL Injection
|
CVE-2008-2381
|
2017-08-8 10:31 |
2009-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|