|
262141
|
- |
|
sun
|
java_system_identity_manager
|
Sun Java System Identity Manager 6.0 through 6.0 SP4, 7.0, and 7.1 allows remote attackers to inject frames from arbitrary web sites and conduct phishing attacks via unspecified vectors, related to "…
|
NVD-CWE-Other
|
CVE-2008-5118
|
2017-08-8 10:33 |
2008-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262142
|
- |
|
scripts4profit
|
dxshopcart
|
Cross-site scripting (XSS) vulnerability in search.php in Scripts4Profit DXShopCart 4.30mc allows remote attackers to inject arbitrary web script or HTML via the keyword parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-5119
|
2017-08-8 10:33 |
2008-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262143
|
- |
|
ektron
|
cms4000.net
|
SQL injection vulnerability in WorkArea/ContentRatingGraph.aspx in Ektron CMS400.NET 7.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the res parameter.
|
CWE-89
SQL Injection
|
CVE-2008-5122
|
2017-08-8 10:33 |
2008-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262144
|
- |
|
boutikone
|
boutikone_cms
|
Cross-site scripting (XSS) vulnerability in search.php in BoutikOne CMS allows remote attackers to inject arbitrary web script or HTML via the search_query parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-5126
|
2017-08-8 10:33 |
2008-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262145
|
- |
|
ocean12_technologies
|
membership_manager_pro
|
Ocean12 Membership Manager Pro stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-5128
|
2017-08-8 10:33 |
2008-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262146
|
- |
|
ocean12_technologies
|
poll_manager
|
Ocean12 Poll Manager Pro 1.00 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to o…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-5129
|
2017-08-8 10:33 |
2008-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262147
|
- |
|
ocean12_technologies
|
calendar_manager
|
Ocean12 Calendar Manager Gold 2.04 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-5130
|
2017-08-8 10:33 |
2008-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262148
|
- |
|
sun
|
opensolaris
solaris
|
ipnat in IP Filter in Sun Solaris 10 and OpenSolaris before snv_96, when running on a DNS server with Network Address Translation (NAT) configured, improperly changes the source port of a packet when…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-5133
|
2017-08-8 10:33 |
2008-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262149
|
- |
|
bkleineidam
|
libpam_mount
|
passwdehd in libpam-mount 0.43 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/passwdehd.##### temporary file.
|
CWE-59
Link Following
|
CVE-2008-5138
|
2017-08-8 10:33 |
2008-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262150
|
- |
|
debian
|
mailscanner
|
trend-autoupdate.new in mailscanner 4.55.10 and other versions before 4.74.16-1 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/opr.ini.##### or (2) /tmp/lpt*.zip t…
|
CWE-59
Link Following
|
CVE-2008-5140
|
2017-08-8 10:33 |
2008-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
