|
262261
|
- |
|
xyssl
|
xyssl
|
The ssl_parse_client_key_exchange function in XySSL before 0.9 does not protect against certain Bleichenbacher attacks using chosen ciphertext, which allows remote attackers to recover keys via unspe…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7128
|
2017-08-17 10:29 |
2009-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262262
|
- |
|
xyssl
|
xyssl
|
XySSL before 0.9 allows remote attackers to cause a denial of service (infinite loop) via an X.509 certificate that does not pass the RSA signature check during verification.
|
CWE-399
Resource Management Errors
|
CVE-2008-7129
|
2017-08-17 10:29 |
2009-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262263
|
- |
|
peter_kohlmann
|
db2_monitoring_console
|
Unspecified vulnerability in DB2 Monitoring Console 2.2.4 and earlier allows remote attackers to upload arbitrary files via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2008-7130
|
2017-08-17 10:29 |
2009-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262264
|
- |
|
peter_kohlmann
|
db2_monitoring_console
|
Unspecified vulnerability in DB2 Monitoring Console 2.2.4 and earlier allows remote attackers to gain access to a database via a link to a victim who is already connected to the database.
|
NVD-CWE-noinfo
|
CVE-2008-7131
|
2017-08-17 10:29 |
2009-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262265
|
- |
|
nuked-klan
|
nuked-klan
|
Cross-site scripting (XSS) vulnerability in index.php in Nuked-Klan 1.3 beta allows remote attackers to inject arbitrary web script or HTML via the nuked_nude parameter. NOTE: the provenance of this…
|
CWE-79
Cross-site Scripting
|
CVE-2008-7132
|
2017-08-17 10:29 |
2009-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262266
|
- |
|
onlinetools
|
easyimagecatalogue
|
Multiple cross-site scripting (XSS) vulnerabilities in onlinetools.org EasyImageCatalogue 1.3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) search and (2) d index.php pa…
|
CWE-79
Cross-site Scripting
|
CVE-2008-7133
|
2017-08-17 10:29 |
2009-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262267
|
- |
|
redgalaxy
|
download_center
|
Multiple cross-site scripting (XSS) vulnerabilities in the default URI in Chris LaPointe RedGalaxy Download Center 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) file p…
|
CWE-79
Cross-site Scripting
|
CVE-2008-7134
|
2017-08-17 10:29 |
2009-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262268
|
- |
|
icq
|
icq_toolbar
|
toolbaru.dll in ICQ Toolbar (ICQToolbar) 2.3 allows remote attackers to cause a denial of service (toolbar crash) via a long argument to the IsChecked method, a different vector than CVE-2008-7136.
|
CWE-20
Improper Input Validation
|
CVE-2008-7135
|
2017-08-17 10:29 |
2009-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262269
|
- |
|
alexguestbook
|
\@lex_guestbook
|
Multiple cross-site scripting (XSS) vulnerabilities in @lex Guestbook 4.0.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) language_setup parameter to setup.php…
|
CWE-79
Cross-site Scripting
|
CVE-2008-7140
|
2017-08-17 10:29 |
2009-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262270
|
- |
|
alexphpteam
|
\@lex_poll
|
Cross-site scripting (XSS) vulnerability in setup.php in @lex Poll 2.1 allows remote attackers to inject arbitrary web script or HTML via the language_setup parameter. NOTE: the provenance of this i…
|
CWE-79
Cross-site Scripting
|
CVE-2008-7141
|
2017-08-17 10:29 |
2009-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
