|
256811
|
- |
|
kvirc
|
kvirc
|
Format string vulnerability in the URI handler in KVirc 3.4.0, when set as the default application for processing IRC URIs, allows remote attackers to cause a denial of service (application crash) an…
|
CWE-20
Improper Input Validation
|
CVE-2008-4748
|
2017-09-29 10:32 |
2008-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256812
|
- |
|
db_soft_lab
|
vimp_x
|
Multiple insecure method vulnerabilities in the VImpX.VImpAX ActiveX control (VImpX.ocx) 4.8.8.0 in DB Software Laboratory VImp X, possibly 4.7.7, allow remote attackers to overwrite arbitrary files …
|
NVD-CWE-Other
|
CVE-2008-4749
|
2017-09-29 10:32 |
2008-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256813
|
- |
|
dbsoftlab
|
vimp_x
|
Stack-based buffer overflow in the VImpX.VImpAX ActiveX control (VImpX.ocx) 4.8.8.0 in DB Software Laboratory VImp X, possibly 4.7.7, allows remote attackers to execute arbitrary code via a long LogF…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-4750
|
2017-09-29 10:32 |
2008-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256814
|
- |
|
tech_logic
|
tlnews
|
TlNews 2.2 allows remote attackers to bypass authentication and gain administrative access by setting the tlNews_login cookie to admin.
|
CWE-287
Improper Authentication
|
CVE-2008-4752
|
2017-09-29 10:32 |
2008-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256815
|
- |
|
aj_square_inc
|
rss_reader
|
SQL injection vulnerability in EditUrl.php in AJ Square RSS Reader allows remote attackers to execute arbitrary SQL commands via the url parameter.
|
CWE-89
SQL Injection
|
CVE-2008-4753
|
2017-09-29 10:32 |
2008-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256816
|
- |
|
scripts-for-sites
|
ez_forum
|
SQL injection vulnerability in forum.php in Scripts for Sites (SFS) Ez Forum allows remote attackers to execute arbitrary SQL commands via the forum parameter.
|
CWE-89
SQL Injection
|
CVE-2008-4754
|
2017-09-29 10:32 |
2008-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256817
|
- |
|
pozscripts
|
classified_auctions_script
|
SQL injection vulnerability in gotourl.php in PozScripts Classified Auctions Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2008-4755
|
2017-09-29 10:32 |
2008-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256818
|
- |
|
php-daily
|
php-daily
|
Cross-site scripting (XSS) vulnerability in add_prest_date.php in PHP-Daily allows remote attackers to inject arbitrary web script or HTML via the date parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-4756
|
2017-09-29 10:32 |
2008-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256819
|
- |
|
php-daily
|
php-daily
|
Multiple SQL injection vulnerabilities in PHP-Daily allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) add_postit.php (b) delete.php, and (c) mod_prest_date.php;…
|
CWE-89
SQL Injection
|
CVE-2008-4757
|
2017-09-29 10:32 |
2008-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256820
|
- |
|
php-daily
|
php-daily
|
Directory traversal vulnerability in download_file.php in PHP-Daily allows remote attackers to read arbitrary local files via a .. (dot dot) in the fichier parameter.
|
CWE-22
Path Traversal
|
CVE-2008-4758
|
2017-09-29 10:32 |
2008-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
