|
276121
|
- |
|
liferay
|
liferay_enterprise_portal
|
Cross-site request forgery (CSRF) vulnerability in the Admin portlet in Liferay Portal before 4.4.0 allows remote authenticated users to perform unspecified actions as unspecified other authenticated…
|
CWE-352
Origin Validation Error
|
CVE-2008-0182
|
2008-09-6 06:34 |
2008-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276122
|
- |
|
ngircd
|
ngircd
|
ngIRCd 0.10.x before 0.10.4 and 0.11.0 before 0.11.0-pre2 allows remote attackers to cause a denial of service (crash) via crafted IRC PART message, which triggers an invalid dereference.
|
NVD-CWE-Other
|
CVE-2008-0285
|
2008-09-6 06:34 |
2008-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276123
|
- |
|
pmachine
|
pmachine_pro
|
Cross-site scripting (XSS) vulnerability in pm/language/spanish/preferences.php in PMachine Pro 2.4.1 allows remote attackers to inject arbitrary web script or HTML via the L_PREF_NAME[855] parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-0334
|
2008-09-6 06:34 |
2008-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276124
|
- |
|
mahara
|
mahara
|
Unspecified vulnerability in Mahara before 0.9.1 has unknown impact and remote attack vectors, probably related to cross-site scripting (XSS) in uploaded files.
|
CWE-79
Cross-site Scripting
|
CVE-2008-0381
|
2008-09-6 06:34 |
2008-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276125
|
- |
|
bcoos
|
event_calendar
|
Cross-site scripting (XSS) vulnerability in modules/ecal/display.php in the Event Calendar in bcoos 1.0.10 allows remote attackers to inject arbitrary web script or HTML via the month parameter. NOT…
|
CWE-79
Cross-site Scripting
|
CVE-2007-6365
|
2008-09-6 06:33 |
2007-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276126
|
- |
|
e-xoops
|
e-xoops
|
Multiple SQL injection vulnerabilities in e-Xoops (exoops) 1.08, and 1.05 Rev 1 through 3, allow remote attackers to execute arbitrary SQL commands via the (1) lid parameter to (a) mylinks/ratelink.p…
|
CWE-89
SQL Injection
|
CVE-2007-6380
|
2008-09-6 06:33 |
2007-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276127
|
- |
|
serendipity
|
serendipity
|
Cross-site request forgery (CSRF) vulnerability in the mycalendar plugin before 0.13 for Serendipity allows remote attackers to perform actions as blog administrators, which can be leveraged to condu…
|
CWE-352
Origin Validation Error
|
CVE-2007-6390
|
2008-09-6 06:33 |
2007-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276128
|
- |
|
debian
|
debian_linux
|
scponly 4.6 and earlier allows remote authenticated users to bypass intended restrictions and execute arbitrary code by invoking scp, as implemented by OpenSSH, with the -F and -o options.
|
CWE-94
Code Injection
|
CVE-2007-6415
|
2008-09-6 06:33 |
2008-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276129
|
- |
|
anon_proxy_server
|
anon_proxy_server
|
Multiple cross-site scripting (XSS) vulnerabilities in Anon Proxy Server before 0.101 allow remote attackers to inject arbitrary web script or HTML via the URI, which is later displayed by (1) log.ph…
|
CWE-79
Cross-site Scripting
|
CVE-2007-6460
|
2008-09-6 06:33 |
2007-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276130
|
- |
|
phprpg
|
phprpg
|
SQL injection vulnerability in index.php in phpRPG 0.8, when magic_qutoes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these d…
|
CWE-89
SQL Injection
|
CVE-2007-6469
|
2008-09-6 06:33 |
2007-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
