|
261541
|
- |
|
sourceforge
|
emule_x-ray
|
Buffer overflow in Uploadlist in eMule X-Ray before 1.4 has unknown impact and remote attack vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-2503
|
2017-08-8 10:31 |
2008-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261542
|
- |
|
tr_script_news
|
tr_script_news
|
Cross-site scripting (XSS) vulnerability in news.php in Tr Script News 2.1 allows remote attackers to inject arbitrary web script or HTML via the "nb" parameter in voir mode.
|
CWE-79
Cross-site Scripting
|
CVE-2008-2508
|
2017-08-8 10:31 |
2008-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261543
|
- |
|
symantec
|
backupexec_system_recovery
|
Directory traversal vulnerability in Symantec Backup Exec System Recovery Manager 7.x before 7.0.4 and 8.x before 8.0.2 allows remote attackers to read arbitrary files via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2008-2512
|
2017-08-8 10:31 |
2008-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261544
|
- |
|
libpam-pgsql
|
libpam-pgsql
|
pam_sm_authenticate in pam_pgsql.c in libpam-pgsql 0.6.3 does not properly consider operator precedence when evaluating the success of a pam_get_pass function call, which allows local users to gain p…
|
CWE-287
Improper Authentication
|
CVE-2008-2516
|
2017-08-8 10:31 |
2008-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261545
|
- |
|
sarab
|
sarab
|
The sarab.sh script in SaraB before 0.2.4 places the dar program's encryption key on the command line, which allows local users to obtain sensitive information by listing the process.
|
CWE-200
Information Exposure
|
CVE-2008-2517
|
2017-08-8 10:31 |
2008-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261546
|
- |
|
sun
|
java_system_web_server
|
Cross-site scripting (XSS) vulnerability in the advanced search mechanism (webapps/search/advanced.jsp) in Sun Java System Web Server 6.1 before SP9 and 7.0 before Update 3 allows remote attackers to…
|
CWE-79
Cross-site Scripting
|
CVE-2008-2518
|
2017-08-8 10:31 |
2008-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261547
|
- |
|
core_ftp
|
core_ftp
|
Directory traversal vulnerability in Core FTP client 2.1 Build 1565 allows remote FTP servers to create or overwrite arbitrary files via .. (dot dot) sequences in responses to LIST commands, a relate…
|
CWE-22
Path Traversal
|
CVE-2008-2519
|
2017-08-8 10:31 |
2008-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261548
|
- |
|
raknet
|
autopatcher_server
|
SQL injection vulnerability in the Autopatcher server plugin in RakNet before 3.23 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2008-2523
|
2017-08-8 10:31 |
2008-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261549
|
- |
|
blogphp
|
blogphp
|
BlogPHP 2.0 allows remote attackers to bypass authentication, and post (1) messages or (2) comments as an arbitrary user, via a modified blogphp_username field in a cookie.
|
CWE-287
Improper Authentication
|
CVE-2008-2524
|
2017-08-8 10:31 |
2008-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261550
|
- |
|
typo3
|
rlmp_eventdb
|
Cross-site scripting (XSS) vulnerability in the Event Database (aka rlmp_eventdb) extension before 1.1.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vecto…
|
CWE-79
Cross-site Scripting
|
CVE-2008-2525
|
2017-08-8 10:31 |
2008-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
