|
256751
|
- |
|
steve_dawson
|
pokermax_poker_league_tournament_script
|
configure.php in PokerMax Poker League Tournament Script 0.13 allows remote attackers to bypass authentication and gain administrative access by setting the ValidUserAdmin cookie.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-4600
|
2017-09-29 10:32 |
2008-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256752
|
- |
|
qualityunit
|
post_affiliate_pro
|
Directory traversal vulnerability in index.php in Post Affiliate Pro 2.0 allows remote authenticated users to read and possibly execute arbitrary local files via a .. (dot dot) in the md parameter.
|
CWE-22
Path Traversal
|
CVE-2008-4602
|
2017-09-29 10:32 |
2008-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256753
|
- |
|
igaming
|
cms
|
SQL injection vulnerability in search.php in iGaming CMS 2.0 Alpha 1 allows remote attackers to execute arbitrary SQL commands via the keywords parameter in a search_games action.
|
CWE-89
SQL Injection
|
CVE-2008-4603
|
2017-09-29 10:32 |
2008-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256754
|
- |
|
cafeengine
|
easycafeengine
|
SQL injection vulnerability in index.php in Easy CafeEngine 1.1 allows remote attackers to execute arbitrary SQL commands via the itemid parameter.
|
CWE-89
SQL Injection
|
CVE-2008-4604
|
2017-09-29 10:32 |
2008-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256755
|
- |
|
cafeengine
|
easycafeengine
|
SQL injection vulnerability in CafeEngine allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) dish.php and (2) menu.php.
|
CWE-89
SQL Injection
|
CVE-2008-4605
|
2017-09-29 10:32 |
2008-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256756
|
- |
|
ip_reg
|
ip_reg
|
Multiple SQL injection vulnerabilities in IP Reg 0.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) location_id parameter to locationdel.php and (2) vlan_id paramete…
|
CWE-89
SQL Injection
|
CVE-2008-4606
|
2017-09-29 10:32 |
2008-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256757
|
- |
|
portalapp
|
portalapp
|
SQL injection vulnerability in forums.asp in PortalApp 4.0 allows remote attackers to execute arbitrary SQL commands via the sortby parameter.
|
CWE-89
SQL Injection
|
CVE-2008-4613
|
2017-09-29 10:32 |
2008-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256758
|
- |
|
portalapp
|
portalapp
|
PortalApp 4.0 does not require authentication for (1) forums.asp and (2) content.asp, which allows remote attackers to create and delete forums, topics, and replies.
|
CWE-287
Improper Authentication
|
CVE-2008-4614
|
2017-09-29 10:32 |
2008-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256759
|
- |
|
pyxicom
|
actualite
|
SQL injection vulnerability in the actualite module 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2008-4617
|
2017-09-29 10:32 |
2008-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256760
|
- |
|
mrbs
|
mrbs
|
SQL injection vulnerability in Meeting Room Booking System (MRBS) before 1.4 allows remote attackers to execute arbitrary SQL commands via the area parameter to (1) month.php, and possibly (2) day.ph…
|
CWE-89
SQL Injection
|
CVE-2008-4620
|
2017-09-29 10:32 |
2008-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
