Accueil » Vulnérabilités & Alertes » Page 1
CVE-2008-5838 SQL injection vulnerability in search_results.php in E-Php Scripts E-Shop Shopping Cart Script allows remote attackers to execute arbitrary SQL commands via the cid parameter.
Éditeur Ephpscripts - CVSS Score 7.5
0 commentaire
0 commentaire CVE-2008-5839 Buffer overflow in Foxmail 6.5 allows remote attackers to execute arbitrary code via a long mailto URI in the HREF attribute of an A element.
Éditeur Foxmail - CVSS Score 9.3
0 commentaire
0 commentaire CVE-2008-5840 PHP iCalendar 2.24 and earlier allows remote attackers to bypass authentication by setting the phpicalendar and phpicalendar_login cookies to 1.
Éditeur Phpicalendar - CVSS Score 7.5
0 commentaire
0 commentaire CVE-2008-5841 Multiple SQL injection vulnerabilities in iGaming 1.5 and earlier allow remote attackers to execute arbitrary SQL commands via the browse parameter to (1) previews.php and (2) reviews.php, and the...
Éditeur Igamingcms - CVSS Score 7.5
0 commentaire
0 commentaire CVE-2006-7236 The default configuration of xterm on Debian GNU/Linux sid and possibly Ubuntu enables the allowWindowOps resource, which allows user-assisted attackers to execute arbitrary code or have...
Éditeur Invisible-island - CVSS Score 10.0
0 commentaire
0 commentaire
CVE-2008-2383 CRLF injection vulnerability in xterm allows user-assisted attackers to execute arbitrary commands via LF (aka \n) characters surrounding a command name within a Device Control Request Status...
Éditeur Unknown
0 commentaire
0 commentaire
CVE-2008-5808 Cross-site scripting (XSS) vulnerability in Six Apart Movable Type Enterprise (MTE) 1.x before 1.56; Movable Type (MT) 3.x before 3.38; and Movable Type, Movable Type Open Source (MTOS), and...
Éditeur Unknown
0 commentaire
0 commentaire
CVE-2008-5809 futomi CGI Cafe Access Analyzer CGI Standard 4.0.1 and earlier and Access Analyzer CGI Professional 4.11.3 and earlier use a predictable session id, which makes it easier for remote attackers to...
Éditeur Unknown
0 commentaire
0 commentaire CVE-2008-5810 WBPublish (aka WBPublish.exe) in Fujitsu-Siemens WebTransactions 7.0, 7.1, and possibly other versions allows remote attackers to execute arbitrary commands via shell metacharacters in input that...
Éditeur Fujitsu-siemens - CVSS Score 10.0
0 commentaire
0 commentaire CVE-2008-5811 SQL injection vulnerability in the PaxGallery (com_paxgallery) component 0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gid parameter in a table action to index.php.
Éditeur Joomla - CVSS Score 7.5
0 commentaire
0 commentaire CVE-2008-5812 Multiple unspecified vulnerabilities in SPIP 1.8 before 1.8.3b, 1.9 before 1.9.2g, and 2.0 before 2.0.2 have unknown impact and attack vectors.
Éditeur Spip - CVSS Score 10.0
0 commentaire
0 commentaire CVE-2008-5813 SQL injection vulnerability in inc/rubriques.php in SPIP 1.8 before 1.8.3b, 1.9 before 1.9.2g, and 2.0 before 2.0.2 allows remote attackers to execute arbitrary SQL commands via the ID parameter....
Éditeur Spip - CVSS Score 7.5
0 commentaire
0 commentaire
CVE-2008-5814 Cross-site scripting (XSS) vulnerability in PHP, possibly 5.2.7 and earlier, when display_errors is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors....
Éditeur Php - CVSS Score 2.6
0 commentaire
0 commentaire CVE-2008-5815 SQL injection vulnerability in Acomment.php in phpAlumni allows remote attackers to execute arbitrary SQL commands via the id parameter.
Éditeur Phpalumni - CVSS Score 7.5
0 commentaire
0 commentaire CVE-2008-5816 SQL injection vulnerability in repository.php in ILIAS 3.7.4 and earlier allows remote attackers to execute arbitrary SQL commands via the ref_id parameter.
Éditeur Ilias - CVSS Score 7.5
0 commentaire
0 commentaire