|
261511
|
- |
|
dotcms
|
dotcms
|
Cross-site scripting (XSS) vulnerability in search-results.dot in dotCMS 1.x allows remote attackers to inject arbitrary web script or HTML via the search_query parameter. NOTE: the provenance of th…
|
CWE-79
Cross-site Scripting
|
CVE-2008-2397
|
2017-08-8 10:31 |
2008-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261512
|
- |
|
stunnel
|
stunnel
|
Unspecified vulnerability in stunnel before 4.23, when running as a service on Windows, allows local users to gain privileges via unknown attack vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-2400
|
2017-08-8 10:31 |
2008-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261513
|
- |
|
sun
|
java_active_server
|
The Admin Server in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to append to arbitrary new or existing files via the first argument to a certain file that is includ…
|
CWE-20
Improper Input Validation
|
CVE-2008-2401
|
2017-08-8 10:31 |
2008-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261514
|
- |
|
sun
|
java_asp_server
|
The Admin Server in Sun Java Active Server Pages (ASP) Server before 4.0.3 stores sensitive information under the web root with insufficient access control, which allows remote attackers to read pass…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-2402
|
2017-08-8 10:31 |
2008-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261515
|
- |
|
sun
|
java_asp_server
|
Multiple directory traversal vulnerabilities in unspecified ASP applications in Sun Java Active Server Pages (ASP) Server before 4.0.3 allow remote attackers to read or delete arbitrary files via a .…
|
CWE-22
Path Traversal
|
CVE-2008-2403
|
2017-08-8 10:31 |
2008-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261516
|
- |
|
sun
|
java_asp_server
|
Stack-based buffer overflow in the request handling implementation in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to execute arbitrary code via an unspecified strin…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-2404
|
2017-08-8 10:31 |
2008-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261517
|
- |
|
sun
|
java_active_server_pages
|
Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in HTTP requests to unspecified ASP applications.
|
CWE-20
Improper Input Validation
|
CVE-2008-2405
|
2017-08-8 10:31 |
2008-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261518
|
- |
|
sun
|
java_asp_server
|
The administration application server in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to bypass authentication via direct requests on TCP port 5102.
|
CWE-287
Improper Authentication
|
CVE-2008-2406
|
2017-08-8 10:31 |
2008-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261519
|
- |
|
ceruleanstudios
|
trillian_pro
|
Heap-based buffer overflow in the XML parsing functionality in talk.dll in Cerulean Studios Trillian Pro before 3.1.10.0 allows remote attackers to execute arbitrary code via a malformed attribute in…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-2408
|
2017-08-8 10:31 |
2008-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261520
|
- |
|
cerulean_studios
|
trillian
|
Stack-based buffer overflow in Cerulean Studios Trillian before 3.1.10.0 allows remote attackers to execute arbitrary code via unspecified attributes in the X-MMS-IM-FORMAT header in an MSN message.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-2409
|
2017-08-8 10:31 |
2008-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
