|
262321
|
- |
|
redgalaxy
|
download_center
|
Multiple cross-site scripting (XSS) vulnerabilities in the default URI in Chris LaPointe RedGalaxy Download Center 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) file p…
|
CWE-79
Cross-site Scripting
|
CVE-2008-7134
|
2017-08-17 10:29 |
2009-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262322
|
- |
|
icq
|
icq_toolbar
|
toolbaru.dll in ICQ Toolbar (ICQToolbar) 2.3 allows remote attackers to cause a denial of service (toolbar crash) via a long argument to the IsChecked method, a different vector than CVE-2008-7136.
|
CWE-20
Improper Input Validation
|
CVE-2008-7135
|
2017-08-17 10:29 |
2009-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262323
|
- |
|
alexguestbook
|
\@lex_guestbook
|
Multiple cross-site scripting (XSS) vulnerabilities in @lex Guestbook 4.0.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) language_setup parameter to setup.php…
|
CWE-79
Cross-site Scripting
|
CVE-2008-7140
|
2017-08-17 10:29 |
2009-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262324
|
- |
|
alexphpteam
|
\@lex_poll
|
Cross-site scripting (XSS) vulnerability in setup.php in @lex Poll 2.1 allows remote attackers to inject arbitrary web script or HTML via the language_setup parameter. NOTE: the provenance of this i…
|
CWE-79
Cross-site Scripting
|
CVE-2008-7141
|
2017-08-17 10:29 |
2009-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262325
|
- |
|
rarlab
|
winrar
|
Multiple unspecified vulnerabilities in RARLAB WinRAR before 3.71 have unknown impact and attack vectors related to crafted (1) ACE, (2) ARJ, (3) BZ2, (4) CAB, (5) GZ, (6) LHA, (7) RAR, (8) TAR, or (…
|
NVD-CWE-noinfo
|
CVE-2008-7144
|
2017-08-17 10:29 |
2009-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262326
|
- |
|
ber_kessels
|
refine_by_taxo
|
Cross-site scripting (XSS) vulnerability in Refine by Taxonomy 5.x before 5.x-0.1, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via a taxonomy term, which is no…
|
CWE-79
Cross-site Scripting
|
CVE-2008-7150
|
2017-08-17 10:29 |
2009-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262327
|
- |
|
gurpartap_singh
|
live
|
Cross-site request forgery (CSRF) vulnerability in Live 5.x before 5.x-0.1, a module for Drupal, allows remote attackers to hijack the authentication of unspecified privileged users for requests that…
|
CWE-352
Origin Validation Error
|
CVE-2008-7151
|
2017-08-17 10:29 |
2009-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262328
|
- |
|
simon_rycroft
|
sid
|
Multiple PHP remote file inclusion vulnerabilities in Specimen Image Database (SID), when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the dir parame…
|
CWE-94
Code Injection
|
CVE-2008-7152
|
2017-08-17 10:29 |
2009-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262329
|
- |
|
phprisk
|
netrisk
|
NetRisk 1.9.7 does not properly restrict access to admin/change_submit.php, which allows remote attackers to change the password of arbitrary users via a direct request.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7155
|
2017-08-17 10:29 |
2009-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262330
|
- |
|
numarasoftware
|
footprints
|
Numara FootPrints 7.5a through 7.5a1 and 8.0 through 8.0a allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) transcriptFile parameter to MRcgi/MRchat.pl or (2) …
|
CWE-78
OS Command
|
CVE-2008-7158
|
2017-08-17 10:29 |
2009-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
