|
257271
|
- |
|
scriptsez
|
easy_image_downloader
|
Directory traversal vulnerability in main.php in ScriptsEz Easy Image Downloader allows remote attackers to read arbitrary files via a .. (dot dot) in the id parameter in a download action.
|
CWE-22
Path Traversal
|
CVE-2008-6089
|
2017-09-29 10:32 |
2009-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257272
|
- |
|
scriptsez
|
mini_hosting_panel
|
Directory traversal vulnerability in members.php in ScriptsEz Mini Hosting Panel allows remote attackers to read arbitrary local files via a .. (dot dot) in the dir parameter in a view action.
|
CWE-22
Path Traversal
|
CVE-2008-6090
|
2017-09-29 10:32 |
2009-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257273
|
- |
|
bmforum
|
bmforum
|
SQL injection vulnerability in plugins.php in BMForum 5.6, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the tagname parameter.
|
CWE-89
SQL Injection
|
CVE-2008-6091
|
2017-09-29 10:32 |
2009-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257274
|
- |
|
phpscripts
|
ranking-script
|
phpscripts Ranking Script allows remote attackers to bypass authentication and gain administrative access by sending an admin=ja cookie.
|
CWE-287
Improper Authentication
|
CVE-2008-6092
|
2017-09-29 10:32 |
2009-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257275
|
- |
|
noname-cms
|
noname_cms
|
SQL injection vulnerability in index.php in Noname CMS 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the (1) file_id parameter in a detailansic…
|
CWE-89
SQL Injection
|
CVE-2008-6093
|
2017-09-29 10:32 |
2009-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257276
|
- |
|
berlios
|
discussion_forum_2k
|
Multiple SQL injection vulnerabilities in Discussion Forums 2k 3.3, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) CatID parameter to (a) RSS1…
|
CWE-89
SQL Injection
|
CVE-2008-6100
|
2017-09-29 10:32 |
2009-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257277
|
- |
|
ezonescripts
|
adult_banner_exchange_website
|
SQL injection vulnerability in click.php in Adult Banner Exchange Website allows remote attackers to execute arbitrary SQL commands via the targetid parameter.
|
CWE-89
SQL Injection
|
CVE-2008-6101
|
2017-09-29 10:32 |
2009-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257278
|
- |
|
ezonescripts
|
link_trader_script
|
SQL injection vulnerability in ratelink.php in Link Trader Script allows remote attackers to execute arbitrary SQL commands via the lnkid parameter.
|
CWE-89
SQL Injection
|
CVE-2008-6102
|
2017-09-29 10:32 |
2009-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257279
|
- |
|
gwm
|
galatolo_webmanager
|
Cross-site scripting (XSS) vulnerability in result.php in Galatolo WebManager (GWM) 1.0 allows remote attackers to inject arbitrary web script or HTML via the key parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-6108
|
2017-09-29 10:32 |
2009-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257280
|
- |
|
netart_media
|
vlog_system
|
SQL injection vulnerability in blog.php in NetArt Media Vlog System 1.1 allows remote attackers to execute arbitrary SQL commands via the note parameter.
|
CWE-89
SQL Injection
|
CVE-2008-6111
|
2017-09-29 10:32 |
2009-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
