|
256551
|
- |
|
memcode
|
i.scribe
|
Format string vulnerability in MemeCode Software i.Scribe 1.88 through 2.00 before Beta9 allows remote SMTP servers to cause a denial of service (crash) and possibly execute arbitrary code via format…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2008-7074
|
2017-09-29 10:33 |
2009-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256552
|
- |
|
kalptaru_infotech
|
stararticles
|
Multiple SQL injection vulnerabilities in Kalptaru Infotech Ltd. Star Articles 6.0 allow remote attackers to inject arbitrary SQL commands via (1) the subcatid parameter to article.list.php; or the a…
|
CWE-89
SQL Injection
|
CVE-2008-7075
|
2017-09-29 10:33 |
2009-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256553
|
- |
|
kalptaru_infotech
|
stararticles
|
Unrestricted file upload vulnerability in user.modify.profile.php in Kalptaru Infotech Ltd. Star Articles 6.0 allows remote authenticated users to execute arbitrary code by uploading a file with an e…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7076
|
2017-09-29 10:33 |
2009-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256554
|
- |
|
relative
|
sailplanner
|
Multiple SQL injection vulnerabilities in SailPlanner 0.3a allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields.
|
CWE-89
SQL Injection
|
CVE-2008-7077
|
2017-09-29 10:33 |
2009-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256555
|
- |
|
nero
|
showtime
|
Buffer overflow in Nero ShowTime 5.0.15.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long entry in a .M3U playlist file. NOTE: this issue …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-7079
|
2017-09-29 10:33 |
2009-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256556
|
- |
|
phpclassifiedsscript
|
php_classifieds_script
|
Team PHP PHP Classifieds Script stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain database credentials via a direct request for…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7080
|
2017-09-29 10:33 |
2009-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256557
|
- |
|
revou
|
micro_blogging_twitter_clone
|
Multiple SQL injection vulnerabilities in ReVou Micro Blogging Twitter clone allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields.
|
CWE-89
SQL Injection
|
CVE-2008-7083
|
2017-09-29 10:33 |
2009-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256558
|
- |
|
thehockeystop
|
hockeystats_online
|
Multiple SQL injection vulnerabilities in TheHockeyStop HockeySTATS Online 2.0 Basic and Advanced allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in the viewpage act…
|
CWE-89
SQL Injection
|
CVE-2008-7085
|
2017-09-29 10:33 |
2009-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256559
|
- |
|
maianscriptworld
|
maian_greetings
|
Maian Greetings 2.1 allows remote attackers to bypass authentication and gain administrative privileges by setting the mecard_admin_cookie cookie to admin.
|
CWE-287
Improper Authentication
|
CVE-2008-7086
|
2017-09-29 10:33 |
2009-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256560
|
- |
|
photopost
|
photopost_vbgallery
|
Unrestricted file upload vulnerability in upload.php in PhotoPost vBGallery 2.4.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension followed…
|
CWE-20
Improper Input Validation
|
CVE-2008-7088
|
2017-09-29 10:33 |
2009-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
