|
262011
|
- |
|
drupal
|
drupal
|
The core upload module in Drupal 5.x before 5.11 allows remote authenticated users to bypass intended access restrictions and read "files attached to content" via unknown vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-4790
|
2017-08-8 10:32 |
2008-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262012
|
- |
|
drupal
|
drupal
|
The node module API in Drupal 5.x before 5.11 allows remote attackers to bypass node validation and have unspecified other impact via unknown vectors related to contributed modules.
|
NVD-CWE-noinfo
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-4793
|
2017-08-8 10:32 |
2008-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262013
|
- |
|
opera
|
opera
|
Opera before 9.62 allows remote attackers to execute arbitrary commands via the History Search results page, a different vulnerability than CVE-2008-4696.
|
CWE-20
Improper Input Validation
|
CVE-2008-4794
|
2017-08-8 10:32 |
2008-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262014
|
- |
|
opera
|
opera
|
The links panel in Opera before 9.62 processes Javascript within the context of the "outermost page" of a frame, which allows remote attackers to inject arbitrary web script or HTML via cross-site sc…
|
CWE-79
Cross-site Scripting
|
CVE-2008-4795
|
2017-08-8 10:32 |
2008-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262015
|
- |
|
arihiro_kurta
|
kantan_web_server
|
Directory traversal vulnerability in Arihiro Kurata Kantan WEB Server 1.8 and earlier allows remote attackers to read arbitrary files via unknown vectors.
|
CWE-22
Path Traversal
|
CVE-2008-4797
|
2017-08-8 10:32 |
2008-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262016
|
- |
|
webgui
|
webgui
|
The loadModule function in lib/WebGUI/Asset.pm in WebGUI before 7.5.30 (stable) allows remote attackers to execute arbitrary code by uploading a Perl module and accessing it via a crafted URL.
|
CWE-94
Code Injection
|
CVE-2008-4798
|
2017-08-8 10:32 |
2008-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262017
|
- |
|
netpbm
|
netpbm
|
pamperspective in Netpbm before 10.35.48 does not properly calculate a window height, which allows context-dependent attackers to cause a denial of service (crash) via a crafted image file that trigg…
|
CWE-189
Numeric Errors
|
CVE-2008-4799
|
2017-08-8 10:32 |
2008-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262018
|
- |
|
simple_php_scripts
|
blog
|
Cross-site scripting (XSS) vulnerability in complete.php in Simple PHP Scripts blog 0.3 allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: the provenance of t…
|
CWE-79
Cross-site Scripting
|
CVE-2008-4802
|
2017-08-8 10:32 |
2008-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262019
|
- |
|
simple_php_scripts
|
gallery
|
Cross-site scripting (XSS) vulnerability in index.php in Simple PHP Scripts gallery 0.1, 0.3, and 0.4 allows remote attackers to inject arbitrary web script or HTML via the gallery parameter. NOTE: …
|
CWE-79
Cross-site Scripting
|
CVE-2008-4803
|
2017-08-8 10:32 |
2008-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262020
|
- |
|
ibm
|
lotus_connections
|
Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Connections 2.x before 2.0.1 allow remote attackers to inject arbitrary web script or HTML via (1) the community title, (2) API input,…
|
CWE-79
Cross-site Scripting
|
CVE-2008-4805
|
2017-08-8 10:32 |
2008-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
