|
256611
|
- |
|
customcms
|
gaming_portal
|
SQL injection vulnerability in print.php in CustomCms (CCMS) Gaming Portal 4.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2008-4156
|
2017-09-29 10:32 |
2008-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256612
|
- |
|
vastal
|
phpvid
|
SQL injection vulnerability in groups.php in Vastal I-Tech phpVID 1.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter, a different vector than CVE-2007-3610. NOTE: it…
|
CWE-89
SQL Injection
|
CVE-2008-4157
|
2017-09-29 10:32 |
2008-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256613
|
- |
|
zanfi_solutions
|
zanfi_cms_lite
|
Multiple directory traversal vulnerabilities in index.php in Zanfi CMS lite 1.2 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) flag and (2) inc para…
|
CWE-22
Path Traversal
|
CVE-2008-4158
|
2017-09-29 10:32 |
2008-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256614
|
- |
|
zanfi_solutions
|
jaw_portal
zanfi_cms_lite
|
SQL injection vulnerability in index.php in Jaw Portal and Zanfi CMS lite and allows remote attackers to execute arbitrary SQL commands via the page (pageid) parameter.
|
CWE-89
SQL Injection
|
CVE-2008-4159
|
2017-09-29 10:32 |
2008-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256615
|
- |
|
sun
|
opensolaris
solaris
|
Unspecified vulnerability in the UFS module in Sun Solaris 8 through 10 and OpenSolaris allows local users to cause a denial of service (NULL pointer dereference and kernel panic) via unknown vectors…
|
CWE-399
Resource Management Errors
|
CVE-2008-4160
|
2017-09-29 10:32 |
2008-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256616
|
- |
|
assetman
|
assetman
|
SQL injection vulnerability in search_inv.php in Assetman 2.5b allows remote attackers to execute arbitrary SQL commands and conduct session fixation attacks via a combination of crafted order and or…
|
CWE-89
SQL Injection
|
CVE-2008-4161
|
2017-09-29 10:32 |
2008-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256617
|
- |
|
memht
|
memht_portal
|
cron.php in MemHT Portal 3.9.0 and earlier allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message.
|
CWE-200
Information Exposure
|
CVE-2008-4164
|
2017-09-29 10:32 |
2008-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256618
|
- |
|
ezphotogallery
|
ezphotogallery
|
useradmin.php in Easy Photo Gallery (aka Ezphotogallery) 2.1 does not require administrative authentication, which allows remote attackers to (1) add or (2) remove an Administrator account.
|
CWE-287
Improper Authentication
|
CVE-2008-4167
|
2017-09-29 10:32 |
2008-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256619
|
- |
|
iscripts
|
easyindex
|
SQL injection vulnerability in detaillist.php in iScripts EasyIndex, possibly 1.0, allows remote attackers to execute arbitrary SQL commands via the produid parameter.
|
CWE-89
SQL Injection
|
CVE-2008-4169
|
2017-09-29 10:32 |
2008-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256620
|
- |
|
proarcadescript
|
proarcadescript
|
SQL injection vulnerability in ProArcadeScript 1.3 allows remote attackers to execute arbitrary SQL commands via the random parameter to the default URI.
|
CWE-89
SQL Injection
|
CVE-2008-4173
|
2017-09-29 10:32 |
2008-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
