|
263591
|
- |
|
drupal
|
drupal
node_hierarchy_module
|
The Node Hierarchy module 5.x before 5.x-1.1 and 6.x before 6.x-1.0 for Drupal does not properly implement access checks, which allows remote attackers with "access content" permissions to bypass res…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-2771
|
2017-08-8 10:31 |
2008-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263592
|
- |
|
drupal
|
magic_tabs_module
|
The Magic Tabs module 5.x before 5.x-1.1 for Drupal allows remote attackers to execute arbitrary PHP code via unspecified URL arguments, possibly related to a missing "whitelist of callbacks."
|
CWE-94
Code Injection
|
CVE-2008-2772
|
2017-08-8 10:31 |
2008-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263593
|
- |
|
drupal
|
taxonomy_image_module
|
Cross-site scripting (XSS) vulnerability in the Taxonomy Image module 5.x before 5.x-1.3 and 6.x before 6.x-1.3, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML vi…
|
CWE-79
Cross-site Scripting
|
CVE-2008-2773
|
2017-08-8 10:31 |
2008-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263594
|
- |
|
dt_centrepiece
|
dt_centrepiece
|
SQL injection vulnerability in search.asp in DT Centrepiece 4.0 allows remote attackers to execute arbitrary SQL commands via the searchFor parameter. NOTE: the provenance of this information is unk…
|
CWE-89
SQL Injection
|
CVE-2008-2775
|
2017-08-8 10:31 |
2008-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263595
|
- |
|
dt_centrepiece
|
dt_centrepiece
|
Cross-site scripting (XSS) vulnerability in search.asp in DT Centrepiece 4.0 allows remote attackers to inject arbitrary web script or HTML via the searchFor parameter. NOTE: the provenance of this …
|
CWE-79
Cross-site Scripting
|
CVE-2008-2776
|
2017-08-8 10:31 |
2008-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263596
|
- |
|
luca_corbo
|
ortro
|
Cross-site scripting (XSS) vulnerability in Ortro before 1.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2008-2777
|
2017-08-8 10:31 |
2008-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263597
|
- |
|
globalscape
|
cuteftp
|
Directory traversal vulnerability in GlobalSCAPE CuteFTP Home 8.2.0 Build 02.26.2008.4 and CuteFTP Pro 8.2.0 Build 04.01.2008.1 allows remote FTP servers to create or overwrite arbitrary files via ..…
|
CWE-22
Path Traversal
|
CVE-2008-2779
|
2017-08-8 10:31 |
2008-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263598
|
- |
|
albinoloverats
|
anubis_plugin
|
The Anubis (aka Anubis+Ripe160) plugin before 1.3 for encrypt stores the unencrypted file's size in cleartext in the header of the encrypted file, which allows attackers to distinguish between encryp…
|
CWE-310
Cryptographic Issues
|
CVE-2008-2780
|
2017-08-8 10:31 |
2008-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263599
|
- |
|
horde
|
groupware
groupware_webmail_edition
kronolith
|
Multiple cross-site scripting (XSS) vulnerabilities in Horde Groupware, Groupware Webmail Edition, and Kronolith allow remote attackers to inject arbitrary web script or HTML via the timestamp parame…
|
CWE-79
Cross-site Scripting
|
CVE-2008-2783
|
2017-08-8 10:31 |
2008-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263600
|
- |
|
spamdyke
|
spamdyke
|
The smtp_filter function in spamdyke before 3.1.8 does not filter RCPT commands after encountering the first DATA command, which allows remote attackers to use the server as an open mail relay by sen…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-2784
|
2017-08-8 10:31 |
2008-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
