|
263711
|
- |
|
webgui
|
plain_black_webgui
|
RSSFromParent in Plain Black WebGUI before 7.5.13 does not restrict view access to Collaboration System (CS) RSS feeds, which allows remote attackers to obtain sensitive information (CS data).
|
CWE-287
Improper Authentication
|
CVE-2008-3503
|
2017-08-8 10:31 |
2008-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263712
|
- |
|
mpfm
|
mask_php_file_manager
|
Unspecified vulnerability in mask PHP File Manager (mPFM) before 2.3 has unknown impact and remote attack vectors related to "manipulation of cookies."
|
CWE-287
Improper Authentication
|
CVE-2008-3504
|
2017-08-8 10:31 |
2008-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263713
|
- |
|
crafty_syntax_live_help
|
crafty_syntax_live_help
|
Cross-site scripting (XSS) vulnerability in livehelp_js.php in Crafty Syntax Live Help (CSLH) 2.14.6 allows remote attackers to inject arbitrary web script or HTML via the department parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-3510
|
2017-08-8 10:31 |
2008-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263714
|
- |
|
softbiz
|
image_gallery
|
Multiple cross-site scripting (XSS) vulnerabilities in Softbiz Image Gallery (Photo Gallery) allow remote attackers to inject arbitrary web script or HTML via the (1) latest parameter to (a) index.ph…
|
CWE-79
Cross-site Scripting
|
CVE-2008-3511
|
2017-08-8 10:31 |
2008-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263715
|
- |
|
redhat
|
jboss_enterprise_application_platform
|
The default configuration of the JBossAs component in Red Hat JBoss Enterprise Application Platform (aka JBossEAP or EAP), possibly 4.2 before CP04 and 4.3 before CP02, when a production environment …
|
CWE-16
Configuration
|
CVE-2008-3519
|
2017-08-8 10:31 |
2008-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263716
|
- |
|
redhat
jasper_project
|
enterprise_virtualization
jasper
|
Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via vectors related to the mif_hdr…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-3522
|
2017-08-8 10:31 |
2008-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263717
|
- |
|
redhat
|
fedora
initscripts
|
rc.sysinit in initscripts before 8.76.3-1 on Fedora 9 and other Linux platforms allows local users to delete arbitrary files via a symlink attack on a file or directory under (1) /var/lock or (2) /va…
|
CWE-59
Link Following
|
CVE-2008-3524
|
2017-08-8 10:31 |
2008-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263718
|
- |
|
freebsd
|
freebsd
|
sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1, NetBSD 3.0 through 4.0, and possibly other operating systems does not properly check the proposed new MTU in an ICMPv6 Packet Too Big Me…
|
CWE-20
Improper Input Validation
|
CVE-2008-3530
|
2017-08-8 10:31 |
2008-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263719
|
- |
|
freebsd
|
freebsd
|
Stack-based buffer overflow in sys/kern/vfs_mount.c in the kernel in FreeBSD 7.0 and 7.1, when vfs.usermount is enabled, allows local users to gain privileges via a crafted (1) mount or (2) nmount sy…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-3531
|
2017-08-8 10:31 |
2008-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263720
|
- |
|
hp
|
enterprise_discovery
|
Unspecified vulnerability in HP Enterprise Discovery 2.0 through 2.52 on Windows allows remote authenticated users to execute arbitrary code via unknown vectors. NOTE: the initial description of thi…
|
NVD-CWE-noinfo
|
CVE-2008-3538
|
2017-08-8 10:31 |
2008-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
