|
256711
|
- |
|
microsoft
|
digital_image
|
Microsoft PicturePusher ActiveX control (PipPPush.DLL 7.00.0709), as used in Microsoft Digital Image 2006 Starter Edition, allows remote attackers to force the upload of arbitrary files by using the …
|
NVD-CWE-noinfo
CWE-20
Improper Input Validation
|
CVE-2008-4493
|
2017-09-29 10:32 |
2008-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256712
|
- |
|
torrenttrader
|
torrenttrader
|
SQL injection vulnerability in completed-advance.php in TorrentTrader Classic 1.08 and 1.04 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2008-4494
|
2017-09-29 10:32 |
2008-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256713
|
- |
|
select_development_solutions
|
php_auto_dealer
|
SQL injection vulnerability in view_cat.php in PHP Auto Dealer 2.7 allows remote attackers to execute arbitrary SQL commands via the v_cat parameter.
|
CWE-89
SQL Injection
|
CVE-2008-4495
|
2017-09-29 10:32 |
2008-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256714
|
- |
|
select_development_solutions
|
php_realtor
|
SQL injection vulnerability in view_cat.php in PHP Realtor 1.5 allows remote attackers to execute arbitrary SQL commands via the v_cat parameter.
|
CWE-89
SQL Injection
|
CVE-2008-4496
|
2017-09-29 10:32 |
2008-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256715
|
- |
|
built2go
|
real_estate_listings
|
SQL injection vulnerability in event_detail.php in Built2Go Real Estate Listings 1.5 allows remote attackers to execute arbitrary SQL commands via the event_id parameter.
|
CWE-89
SQL Injection
|
CVE-2008-4497
|
2017-09-29 10:32 |
2008-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256716
|
- |
|
phpautos
|
phpautos
|
SQL injection vulnerability in searchresults.php in PHP Autos 2.9.1 allows remote attackers to execute arbitrary SQL commands via the catid parameter.
|
CWE-89
SQL Injection
|
CVE-2008-4498
|
2017-09-29 10:32 |
2008-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256717
|
- |
|
datafeedfile
|
dff_framework_api
|
Multiple PHP remote file inclusion vulnerabilities in DataFeedFile (DFF) PHP Framework API allow remote attackers to execute arbitrary PHP code via a URL in the DFF_config[dir_include] parameter to (…
|
CWE-94
Code Injection
|
CVE-2008-4502
|
2017-09-29 10:32 |
2008-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256718
|
- |
|
foss_gallery
|
foss_gallery
|
Unrestricted file upload vulnerability in processFiles.php in FOSS Gallery Admin and FOSS Gallery Public 1.0 beta allows remote attackers to execute arbitrary code by uploading a file with an executa…
|
CWE-20
Improper Input Validation
|
CVE-2008-4509
|
2017-09-29 10:32 |
2008-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256719
|
- |
|
microsoft
|
windows_vista
|
Microsoft Windows Vista Home and Ultimate Edition SP1 and earlier allows local users to cause a denial of service (page fault and system crash) via multiple attempts to access a virtual address in a …
|
CWE-399
Resource Management Errors
|
CVE-2008-4510
|
2017-09-29 10:32 |
2008-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256720
|
- |
|
konqueror
|
konqueror
|
The HTML parser in KDE Konqueror 3.5.9 allows remote attackers to cause a denial of service (application crash) via a font tag with a long color value, which triggers an assertion error.
|
CWE-20
Improper Input Validation
|
CVE-2008-4514
|
2017-09-29 10:32 |
2008-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
