|
258351
|
- |
|
minibb
|
minibb
|
miniBB 2.2, and possibly earlier, when register_globals is enabled, allows remote attackers to obtain the full path via a direct request to the glang parameter in a registernew action to index.php, w…
|
CWE-200
Information Exposure
|
CVE-2008-2028
|
2017-09-29 10:30 |
2008-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258352
|
- |
|
minibb
|
minibb
|
Multiple SQL injection vulnerabilities in (1) setup_mysql.php and (2) setup_options.php in miniBB 2.2 and possibly earlier, when register_globals is enabled, allow remote attackers to execute arbitra…
|
CWE-89
SQL Injection
|
CVE-2008-2029
|
2017-09-29 10:30 |
2008-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258353
|
- |
|
aspindir
|
angelo-emlak
|
Multiple SQL injection vulnerabilities in Angelo-Emlak 1.0 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) hpz/profil.asp and (2) hpz/prodetail.asp.
|
CWE-89
SQL Injection
|
CVE-2008-2047
|
2017-09-29 10:30 |
2008-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258354
|
- |
|
aspindir
|
angelo-emlak
|
Cross-site scripting (XSS) vulnerability in hpz/admin/Default.asp in Angelo-Emlak 1.0 allows remote attackers to inject arbitrary web script or HTML via the sayfa parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-2048
|
2017-09-29 10:30 |
2008-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258355
|
- |
|
joovili
|
joovili
|
SQL injection vulnerability in browse.videos.php in Joovili 3.1 allows remote attackers to execute arbitrary SQL commands via the category parameter.
|
CWE-89
SQL Injection
|
CVE-2008-2063
|
2017-09-29 10:30 |
2008-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258356
|
- |
|
yourfreeworld
|
jokes_site_script
|
SQL injection vulnerability in jokes.php in YourFreeWorld Jokes Site Script allows remote attackers to execute arbitrary SQL commands via the catagorie parameter.
|
CWE-89
SQL Injection
|
CVE-2008-2065
|
2017-09-29 10:30 |
2008-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258357
|
- |
|
xzero_scripts
|
xzero_community_classifieds
|
PHP remote file inclusion vulnerability in config.inc.php in XZero Community Classifieds 4.95.11 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path_escape paramet…
|
CWE-94
Code Injection
|
CVE-2007-6568
|
2017-09-29 10:30 |
2007-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258358
|
- |
|
brand039
|
mmslamp
|
SQL injection vulnerability in default.php in MMSLamp allows remote attackers to execute arbitrary SQL commands via the idpro parameter in a prodotti_dettaglio action.
|
CWE-89
SQL Injection
|
CVE-2007-6575
|
2017-09-29 10:30 |
2007-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258359
|
- |
|
adultscript
|
adultscript
|
Multiple SQL injection vulnerabilities in Adult Script 1.6.5 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) videolink_count.php or (2) links.php.
|
CWE-89
SQL Injection
|
CVE-2007-6576
|
2017-09-29 10:30 |
2007-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258360
|
- |
|
zsuite
|
zblog
|
Multiple SQL injection vulnerabilities in index.php in zBlog 1.2 allow remote attackers to execute arbitrary SQL commands via (1) the categ parameter in a categ action or (2) the article parameter in…
|
CWE-89
SQL Injection
|
CVE-2007-6577
|
2017-09-29 10:30 |
2007-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
