|
258251
|
- |
|
mx-system
|
mxbb
|
PHP remote file inclusion vulnerability in includes/functions_weblog.php in mxBB mx_blogs 2.0.0 beta allows remote attackers to execute arbitrary PHP code via a URL in the mx_root_path parameter.
|
CWE-94
Code Injection
|
CVE-2008-1712
|
2017-09-29 10:30 |
2008-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258252
|
- |
|
noticeware
|
email_server
|
MailServer.exe in NoticeWare Email Server 4.6.1.0 allows remote attackers to cause a denial of service (application crash) via a long string to IMAP port (143/tcp).
|
NVD-CWE-Other
|
CVE-2008-1713
|
2017-09-29 10:30 |
2008-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258253
|
- |
|
fascript
|
faphoto
|
SQL injection vulnerability in show.php in FaScript FaPhoto 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2008-1714
|
2017-09-29 10:30 |
2008-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258254
|
- |
|
auracms
|
auracms
|
SQL injection vulnerability in content/user.php in AuraCMS 2.2.1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the country parameter.
|
CWE-89
SQL Injection
|
CVE-2008-1715
|
2017-09-29 10:30 |
2008-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258255
|
- |
|
nsoftware
|
ibiz_e-banking_integrator
|
The IBizEBank.FIProfile.1 ActiveX control in fiprofile20.ocx in IBiz E-Banking Integrator (formerly IBiz OFX Integrator) 2.0.2932 exposes the unsafe WriteOFXDataFile method, which allows remote attac…
|
NVD-CWE-Other
|
CVE-2008-1725
|
2017-09-29 10:30 |
2008-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258256
|
- |
|
myknowledgequest
|
knowledgequest
|
Multiple SQL injection vulnerabilities in KnowledgeQuest 2.6, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) kqid parameter to (a) articletext…
|
CWE-89
SQL Injection
|
CVE-2008-1726
|
2017-09-29 10:30 |
2008-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258257
|
- |
|
myknowledgequest
|
knowledgequest
|
KnowledgeQuest 2.5 and 2.6 does not require authentication for access to admincheck.php, which allows remote attackers to create arbitrary admin accounts.
|
CWE-287
Improper Authentication
|
CVE-2008-1727
|
2017-09-29 10:30 |
2008-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258258
|
- |
|
predictionfootball
|
predictionfootball
|
SQL injection vulnerability in showpredictionsformatch.php in Prediction Football 1.x allows remote attackers to execute arbitrary SQL commands via the matchid parameter in a dupa action.
|
CWE-89
SQL Injection
|
CVE-2008-1732
|
2017-09-29 10:30 |
2008-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258259
|
- |
|
livecart
|
livecart
|
SQL injection vulnerability in Integry Systems LiveCart 1.1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter to the /category URI.
|
CWE-89
SQL Injection
|
CVE-2008-1750
|
2017-09-29 10:30 |
2008-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258260
|
- |
|
ksemail
|
ksemail
|
Multiple directory traversal vulnerabilities in index.php in Ksemail allow remote attackers to read arbitrary local files via a .. (dot dot) in the (1) language and (2) lang parameters.
|
CWE-22
Path Traversal
|
CVE-2008-1751
|
2017-09-29 10:30 |
2008-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
