|
258731
|
- |
|
sun
|
solaris
|
Unspecified vulnerability in libdevinfo in Sun Solaris 10 allows local users to access files and gain privileges via unknown vectors, related to login device permissions.
|
NVD-CWE-noinfo
|
CVE-2008-0242
|
2017-09-29 10:30 |
2008-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258732
|
- |
|
uploadscript
|
uploadimage
uploadscript
|
admin.php in UploadImage 1.0 does not check for the original password before making a change to a new password, which allows remote attackers to gain administrator privileges via the pass parameter i…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-0245
|
2017-09-29 10:30 |
2008-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258733
|
- |
|
uploadscript
|
uploadimage
uploadscript
|
admin.php in UploadScript 1.0 does not check for the original password before making a change to a new password, which allows remote attackers to gain administrator privileges via the pass parameter …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-0246
|
2017-09-29 10:30 |
2008-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258734
|
- |
|
streamaudio
|
chaincast_proxymanager_activex_control
|
Buffer overflow in an ActiveX control in ccpm_0237.dll for StreamAudio ChainCast ProxyManager allows remote attackers to execute arbitrary code via a long URL argument to the InternalTuneIn method.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-0248
|
2017-09-29 10:30 |
2008-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258735
|
- |
|
microsoft
|
visual_interdev
|
Buffer overflow in Microsoft Visual InterDev 6.0 (SP6) allows user-assisted attackers to execute arbitrary code via a Studio Solution (.SLN) file with a long Project line.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-0250
|
2017-09-29 10:30 |
2008-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258736
|
- |
|
wavelink_media
|
tutorialcms
|
SQL injection vulnerability in activate.php in TutorialCMS (aka Photoshop Tutorials) 1.02, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the userNam…
|
CWE-89
SQL Injection
|
CVE-2008-0254
|
2017-09-29 10:30 |
2008-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258737
|
- |
|
igamingcms
|
igaming_cms
|
SQL injection vulnerability in archive.php in iGaming 1.5, and 1.3.1 and earlier, allows remote attackers to execute arbitrary SQL commands via the section parameter.
|
CWE-89
SQL Injection
|
CVE-2008-0255
|
2017-09-29 10:30 |
2008-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258738
|
- |
|
matteo_binda
|
asp_photo_gallery
|
Multiple SQL injection vulnerabilities in Matteo Binda ASP Photo Gallery 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) Imgbig.asp, (b) thumb.asp, and (c…
|
CWE-89
SQL Injection
|
CVE-2008-0256
|
2017-09-29 10:30 |
2008-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258739
|
- |
|
minimal_design
|
minimal_gallery
|
Multiple directory traversal vulnerabilities in _mg/php/mg_thumbs.php in minimal Gallery 0.8 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) thumbcat and (2) thumb parame…
|
CWE-22
Path Traversal
|
CVE-2008-0259
|
2017-09-29 10:30 |
2008-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258740
|
- |
|
minimal_design
|
minimal_gallery
|
minimal Gallery 0.8 allows remote attackers to obtain configuration information via a direct request to php_info.php, which calls the phpinfo function.
|
CWE-20
Improper Input Validation
|
CVE-2008-0260
|
2017-09-29 10:30 |
2008-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
