|
263741
|
- |
|
typo3
|
air_filemanager
|
Cross-site scripting (XSS) vulnerability in the air_filemanager 0.6.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2008-2344
|
2017-08-8 10:30 |
2008-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263742
|
- |
|
typo3
|
air_filemanager
|
Unspecified vulnerability in the air_filemanager 0.6.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary PHP code via unspecified vectors related to "insufficient file filt…
|
CWE-94
Code Injection
|
CVE-2008-2345
|
2017-08-8 10:30 |
2008-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263743
|
- |
|
bcoos
|
bcoos
|
Directory traversal vulnerability in highlight.php in bcoos 1.0.9 through 1.0.13 allows remote attackers to read arbitrary files via (1) .. (dot dot) or (2) C: folder sequences in the file parameter.
|
CWE-22
Path Traversal
|
CVE-2008-2350
|
2017-08-8 10:30 |
2008-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263744
|
- |
|
testmaker
|
testmaker
|
Unspecified vulnerability in the data export function in testMaker before 3.0p10 allows test authors to obtain access to export data via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2008-2354
|
2017-08-8 10:30 |
2008-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263745
|
- |
|
fedora_8
redhat
|
consolehelper
fedora_8
|
The default configuration of consolehelper in system-config-network before 1.5.10-1 on Fedora 8 lacks the USER=root directive, which allows local users of the workstation console to gain privileges a…
|
CWE-16
Configuration
|
CVE-2008-2359
|
2017-08-8 10:30 |
2008-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263746
|
- |
|
pan
|
pan
|
The PartsBatch class in Pan 0.132 and earlier does not properly manage the data structures for Parts batches, which allows remote attackers to cause a denial of service (application crash) and possib…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-2363
|
2017-08-8 10:30 |
2008-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263747
|
- |
|
redhat
|
certificate_system
|
Red Hat Certificate System 7.2 uses world-readable permissions for password.conf and unspecified other configuration files, which allows local users to discover passwords by reading these files.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-2367
|
2017-08-8 10:30 |
2009-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263748
|
- |
|
redhat
|
certificate_system
|
Red Hat Certificate System 7.2 stores passwords in cleartext in the UserDirEnrollment log, the RA wizard installer log, and unspecified other debug log files, and uses weak permissions for these file…
|
CWE-255
Credentials Management
|
CVE-2008-2368
|
2017-08-8 10:30 |
2009-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263749
|
- |
|
gnu
|
gnutls
|
Use-after-free vulnerability in the _gnutls_handshake_hash_buffers_clear function in lib/gnutls_handshake.c in libgnutls in GnuTLS 2.3.5 through 2.4.0 allows remote attackers to cause a denial of ser…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-2377
|
2017-08-8 10:30 |
2008-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263750
|
- |
|
hf
|
hf
|
Untrusted search path vulnerability in hfkernel in hf 0.7.3 and 0.8 allows local users to gain privileges via a Trojan horse killall program in a directory in the PATH, related to improper handling o…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-2378
|
2017-08-8 10:30 |
2008-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
