|
256421
|
- |
|
newearthpt
|
imgupload
|
Unrestricted file upload vulnerability in uploadp.php in New Earth Programming Team (NEPT) imgupload (aka Image Uploader) 1.0 allows remote attackers to execute arbitrary code by uploading a file wit…
|
NVD-CWE-Other
|
CVE-2008-6822
|
2017-09-29 10:33 |
2009-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256422
|
- |
|
trixbox
|
trixbox
|
Directory traversal vulnerability in user/index.php in Fonality trixbox CE 2.6.1 and earlier allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the langChoice parame…
|
CWE-22
Path Traversal
|
CVE-2008-6825
|
2017-09-29 10:33 |
2009-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256423
|
- |
|
mhfmedia
|
ads_pro
|
dhtml.pl in MHF Media Pro allows remote attackers to execute arbitrary commands via shell metacharacters in the page parameter, as demonstrated using the (1) advert_top.htm or (2) advert_login.htm pa…
|
CWE-20
Improper Input Validation
|
CVE-2008-6826
|
2017-09-29 10:33 |
2009-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256424
|
- |
|
vicftps
|
vicftps
|
VicFTPS 5.0 allows remote attackers to cause a denial of service (crash) via a LIST command that starts with a "/\/" (forward slash, backward slash, forward slash). NOTE: this might be the same issu…
|
CWE-20
Improper Input Validation
|
CVE-2008-6829
|
2017-09-29 10:33 |
2009-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256425
|
- |
|
fuzzylime
|
fuzzylime_\(cms\)
|
Directory traversal vulnerability in commsrss.php in fuzzylime (cms) before 3.01b allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in a files array element for …
|
CWE-22
Path Traversal
|
CVE-2008-6833
|
2017-09-29 10:33 |
2009-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256426
|
- |
|
fuzzylime
|
fuzzylime_\(cms\)
|
Multiple directory traversal vulnerabilities in fuzzylime (cms) 3.01 and 3.01a allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the s parameter to code/co…
|
CWE-22
Path Traversal
|
CVE-2008-6834
|
2017-09-29 10:33 |
2009-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256427
|
- |
|
gmitc
|
com_dbquery
|
PHP remote file inclusion vulnerability in the Green Mountain Information Technology and Consulting Database Query (com_dbquery) component 1.4.1.1 and earlier for Joomla! allows remote attackers to e…
|
CWE-94
Code Injection
|
CVE-2008-6841
|
2017-09-29 10:33 |
2009-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256428
|
- |
|
pluck-cms
|
pluck
|
Directory traversal vulnerability in data/modules/blog/module_pages_site.php in Pluck 4.6.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the post paramet…
|
CWE-22
Path Traversal
|
CVE-2008-6842
|
2017-09-29 10:33 |
2009-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256429
|
- |
|
ez
|
ez_publish
|
The registration view (/user/register) in eZ Publish 3.5.6 and earlier, and possibly other versions before 3.9.5, 3.10.1, and 4.0.1, allows remote attackers to gain privileges as other users via modi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6844
|
2017-09-29 10:33 |
2009-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256430
|
- |
|
w2b
|
phpgreetcards
|
Cross-site scripting (XSS) vulnerability in index.php in phpGreetCards 3.7 allows remote attackers to inject arbitrary web script or HTML via the category parameter in a select action.
|
CWE-79
Cross-site Scripting
|
CVE-2008-6848
|
2017-09-29 10:33 |
2009-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
