256641
|
- |
|
redhat
|
enterprise_linux enterprise_linux_desktop
|
tog-pegasus in OpenGroup Pegasus 2.7.0 on Red Hat Enterprise Linux (RHEL) 5, Fedora 9, and Fedora 10 does not log failed authentication attempts to the OpenPegasus CIM server, which makes it easier f…
|
NVD-CWE-Other
|
CVE-2008-4315
|
2017-09-29 10:32 |
2008-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
256642
|
- |
|
project-observer
|
observer
|
Observer 0.3.2.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the query parameter to (1) whois.php or (2) netcmd.php.
|
CWE-20
Improper Input Validation
|
CVE-2008-4318
|
2017-09-29 10:32 |
2008-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
256643
|
- |
|
libra_file_manager
|
php_filemanager
|
fileadmin.php in Libra File Manager (aka Libra PHP File Manager) 1.18 and earlier allows remote attackers to bypass authentication, and read arbitrary files, modify arbitrary files, and list arbitrar…
|
CWE-287
Improper Authentication
|
CVE-2008-4319
|
2017-09-29 10:32 |
2008-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
256644
|
- |
|
flashget
|
flashget_ftp
|
Buffer overflow in FlashGet (formerly JetCar) FTP 1.9 allows remote FTP servers to execute arbitrary code via a long response to the PWD command.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-4321
|
2017-09-29 10:32 |
2008-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
256645
|
- |
|
microsoft
|
windows_xp
|
Windows Explorer in Microsoft Windows XP SP3 allows user-assisted attackers to cause a denial of service (application crash) via a crafted .ZIP file.
|
NVD-CWE-noinfo
|
CVE-2008-4323
|
2017-09-29 10:32 |
2008-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
256646
|
- |
|
openengine
|
openengine
|
PHP remote file inclusion vulnerability in cms/system/openengine.php in openEngine 2.0 beta4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the oe_classpath parameter.
|
CWE-20
Improper Input Validation
|
CVE-2008-4329
|
2017-09-29 10:32 |
2008-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
256647
|
- |
|
lansuite
|
lansuite
|
Directory traversal vulnerability in index.php in LanSuite 3.3.2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the design parameter.
|
CWE-22
Path Traversal
|
CVE-2008-4330
|
2017-09-29 10:32 |
2008-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
256648
|
- |
|
phpocs
|
phpocs
|
Directory traversal vulnerability in library/pagefunctions.inc.php in phpOCS 0.1 beta3 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the act p…
|
CWE-22
Path Traversal
|
CVE-2008-4331
|
2017-09-29 10:32 |
2008-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
256649
|
- |
|
cannot
|
php_infoboard
|
SQL injection vulnerability in the showjavatopic function in func.php in PHP infoBoard V.7 Plus allows remote attackers to execute arbitrary SQL commands via the idcat parameter to showtopic.php.
|
CWE-89
SQL Injection
|
CVE-2008-4332
|
2017-09-29 10:32 |
2008-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
256650
|
- |
|
cannot
|
php_infoboard
|
Cross-site scripting (XSS) vulnerability in PHP infoBoard V.7 Plus allows remote attackers to inject arbitrary web script or HTML via the isname parameter in a newtopic action.
|
CWE-79
Cross-site Scripting
|
CVE-2008-4333
|
2017-09-29 10:32 |
2008-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|