|
257611
|
- |
|
phplizardo
|
imperialbb
|
Unrestricted file upload vulnerability in ImperialBB 2.3.5 and earlier allows remote authenticated users to upload and execute arbitrary PHP code by placing a .php filename in the Upload_Avatar param…
|
CWE-94
Code Injection
|
CVE-2008-3093
|
2017-09-29 10:31 |
2008-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257612
|
- |
|
phpmotion
|
phpmotion
|
Unrestricted file upload vulnerability in update_profile.php in PHPmotion 2.0 and earlier allows remote authenticated users to execute arbitrary code by uploading a .php file with a content type of (…
|
CWE-20
Improper Input Validation
|
CVE-2008-3117
|
2017-09-29 10:31 |
2008-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257613
|
- |
|
phpmotion
|
phpmotion
|
Information from the vendor and further analysis show that the application is not affected by these issues.
|
CWE-20
Improper Input Validation
|
CVE-2008-3117
|
2017-09-29 10:31 |
2008-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257614
|
- |
|
phpmotion
|
phpmotion
|
SQL injection vulnerability in play.php in PHPmotion 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the vid parameter.
|
CWE-89
SQL Injection
|
CVE-2008-3118
|
2017-09-29 10:31 |
2008-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257615
|
- |
|
phpmotion
|
phpmotion
|
RETIRED: Information from the vendor and further analysis show that the application is not affected by these issues.
|
CWE-89
SQL Injection
|
CVE-2008-3118
|
2017-09-29 10:31 |
2008-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257616
|
- |
|
dreamlevels
|
dream_pics_builder
|
SQL injection vulnerability in index.php in DreamPics Builder allows remote attackers to execute arbitrary SQL commands via the page parameter.
|
CWE-89
SQL Injection
|
CVE-2008-3119
|
2017-09-29 10:31 |
2008-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257617
|
- |
|
mole_group
|
real_estate_script
|
SQL injection vulnerability in index.php in Mole Group Real Estate Script 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the listing_id parameter in a listings action.
|
CWE-89
SQL Injection
|
CVE-2008-3123
|
2017-09-29 10:31 |
2008-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257618
|
- |
|
mole_group
|
hotel_script
|
SQL injection vulnerability in index.php in Mole Group Hotel Script 1.0 allows remote attackers to execute arbitrary SQL commands via the file parameter.
|
CWE-89
SQL Injection
|
CVE-2008-3124
|
2017-09-29 10:31 |
2008-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257619
|
- |
|
hiox_india
|
banner_rotator
|
PHP remote file inclusion vulnerability in hioxBannerRotate.php in HIOX Banner Rotator (HBR) 1.3, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in …
|
CWE-20
Improper Input Validation
|
CVE-2008-3127
|
2017-09-29 10:31 |
2008-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257620
|
- |
|
pivot
|
pivot
|
Directory traversal vulnerability in search.php in Pivot 1.40.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the t parameter.
|
CWE-22
Path Traversal
|
CVE-2008-3128
|
2017-09-29 10:31 |
2008-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
