|
262081
|
- |
|
sarab
|
sarab
|
The sarab.sh script in SaraB before 0.2.4 places the dar program's encryption key on the command line, which allows local users to obtain sensitive information by listing the process.
|
CWE-200
Information Exposure
|
CVE-2008-2517
|
2017-08-8 10:31 |
2008-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262082
|
- |
|
sun
|
java_system_web_server
|
Cross-site scripting (XSS) vulnerability in the advanced search mechanism (webapps/search/advanced.jsp) in Sun Java System Web Server 6.1 before SP9 and 7.0 before Update 3 allows remote attackers to…
|
CWE-79
Cross-site Scripting
|
CVE-2008-2518
|
2017-08-8 10:31 |
2008-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262083
|
- |
|
core_ftp
|
core_ftp
|
Directory traversal vulnerability in Core FTP client 2.1 Build 1565 allows remote FTP servers to create or overwrite arbitrary files via .. (dot dot) sequences in responses to LIST commands, a relate…
|
CWE-22
Path Traversal
|
CVE-2008-2519
|
2017-08-8 10:31 |
2008-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262084
|
- |
|
raknet
|
autopatcher_server
|
SQL injection vulnerability in the Autopatcher server plugin in RakNet before 3.23 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2008-2523
|
2017-08-8 10:31 |
2008-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262085
|
- |
|
blogphp
|
blogphp
|
BlogPHP 2.0 allows remote attackers to bypass authentication, and post (1) messages or (2) comments as an arbitrary user, via a modified blogphp_username field in a cookie.
|
CWE-287
Improper Authentication
|
CVE-2008-2524
|
2017-08-8 10:31 |
2008-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262086
|
- |
|
typo3
|
rlmp_eventdb
|
Cross-site scripting (XSS) vulnerability in the Event Database (aka rlmp_eventdb) extension before 1.1.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vecto…
|
CWE-79
Cross-site Scripting
|
CVE-2008-2525
|
2017-08-8 10:31 |
2008-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262087
|
- |
|
typo3
|
wt_gallery
|
Cross-site scripting (XSS) vulnerability in the WT Gallery (aka wt_gallery) extension 2.6.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vector…
|
CWE-79
Cross-site Scripting
|
CVE-2008-2526
|
2017-08-8 10:31 |
2008-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262088
|
- |
|
citrix
|
access_gateway
|
Unspecified vulnerability in Citrix Access Gateway Standard Edition 4.5.7 and earlier and Advanced Edition 4.5 HF2 and earlier allows attackers to bypass authentication and gain "access to network re…
|
NVD-CWE-noinfo
CWE-287
Improper Authentication
|
CVE-2008-2528
|
2017-08-8 10:31 |
2008-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262089
|
- |
|
buildanichestore3
|
bans
|
Cross-site scripting (XSS) vulnerability in the search script in Build A Niche Store (BANS) 3.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter.
|
CWE-352
Origin Validation Error
|
CVE-2008-2531
|
2017-08-8 10:31 |
2008-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262090
|
- |
|
sun
|
cluster
|
The Sun Cluster Global File System in Sun Cluster 3.1 on Sun Solaris 8 through 10, when an underlying ufs filesystem is used, might allow local users to read data from arbitrary deleted files, or cor…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-2539
|
2017-08-8 10:31 |
2008-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
