|
260991
|
- |
|
drupal
|
localization_client
localization_server
|
Cross-site request forgery (CSRF) vulnerability in the Localization client 5.x before 5.x-1.1 and 6.x before 6.x-1.6 and the Localization server 5.x before 5.x-1.0-alpha5 and 6.x before 6.x-alpha2, m…
|
CWE-352
Origin Validation Error
|
CVE-2008-6169
|
2017-08-17 10:29 |
2009-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260992
|
- |
|
drupal
|
drupal
|
Cross-site scripting (XSS) vulnerability in Drupal 5.x before 5.12 and 6.x before 6.6 allows remote authenticated users with create book content or edit node book hierarchy permissions to inject arbi…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6170
|
2017-08-17 10:29 |
2009-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260993
|
- |
|
drupal
|
drupal
|
includes/bootstrap.inc in Drupal 5.x before 5.12 and 6.x before 6.6, when the server is configured for "IP-based virtual hosts," allows remote attackers to include and execute arbitrary files via the…
|
CWE-16
CWE-20
Configuration
Improper Input Validation
|
CVE-2008-6171
|
2017-08-17 10:29 |
2009-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260994
|
- |
|
clip-share
|
clipshare
|
Cross-site scripting (XSS) vulnerability in fullscreen.php in ClipShare Pro 4.0 allows remote attackers to inject arbitrary web script or HTML via the title parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-6173
|
2017-08-17 10:29 |
2009-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260995
|
- |
|
jetbox
|
jetbox_cms
|
Cross-site scripting (XSS) vulnerability in admin/postlister/index.php in Jetbox CMS 2.1 allows remote attackers to inject arbitrary web script or HTML via the liste parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-6174
|
2017-08-17 10:29 |
2009-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260996
|
- |
|
gforge
|
gforge
|
SQL injection vulnerability in GForge 4.5.19 allows remote attackers to execute arbitrary SQL commands via the offset parameter to (1) new/index.php, (2) news/index.php, and (3) top/topusers.php, whi…
|
CWE-89
SQL Injection
|
CVE-2008-6189
|
2017-08-17 10:29 |
2009-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260997
|
- |
|
eeb-welt
|
eebcms
|
Cross-site scripting (XSS) vulnerability in index.php in EEBCMS 0.95 allows remote attackers to inject arbitrary web script or HTML via the content parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-6190
|
2017-08-17 10:29 |
2009-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260998
|
- |
|
intrinsic
|
swimage_encore
|
Conductor.exe in Intrinsic Swimage Encore before 5.0.1.21 contains a hardcoded password, which might allow local users to decrypt certain .bin files. NOTE: it is not clear whether this issue crosses…
|
CWE-255
Credentials Management
|
CVE-2008-6191
|
2017-08-17 10:29 |
2009-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260999
|
- |
|
sun
|
java_system_portal_server
|
Multiple cross-site scripting (XSS) vulnerabilities in unspecified Portlets in Sun Java System Portal Server 7.0 and 7.1 allow remote attackers to inject arbitrary web script or HTML via unknown vect…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6192
|
2017-08-17 10:29 |
2009-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261000
|
- |
|
philippe_crochat
|
easysite
|
Multiple PHP remote file inclusion vulnerabilities in Philippe CROCHAT EasySite 2.0 allow remote attackers to execute arbitrary PHP code via a URL in the EASYSITE_BASE parameter to (1) browser.php, (…
|
CWE-94
Code Injection
|
CVE-2008-6196
|
2017-08-17 10:29 |
2009-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
