CVE-2008-6251

This is an entry in the Common Vulnerability Index under number CVE-2008-6251. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2008-6251

Description: PHP remote file inclusion vulnerability in includes/init.php in phpFan 3.3.4 allows remote attackers to execute arbitrary PHP code via a URL in the includepath parameter.

Continue Reading …

CVE-2008-6726

This is an entry in the Common Vulnerability Index under number CVE-2008-6726. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2008-6726

Description: Multiple directory traversal vulnerabilities in CMScout 2.06, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a ..

Continue Reading …

CVE-2008-2112

This is an entry in the Common Vulnerability Index under number CVE-2008-2112. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2008-2112

Description: Unspecified vulnerability in Sun Ray Kiosk Mode 4.0 allows local and remote authenticated Sun Ray administrators to gain root privileges via unknown vectors related to utconfig.

Continue Reading …

CVE-2008-0851

This is an entry in the Common Vulnerability Index under number CVE-2008-0851. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2008-0851

Description: Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.4 allow remote attackers to inject arbitrary web script or HTML via the (1) username parameter to inscription.php,

Continue Reading …

CVE-2008-0787

This is an entry in the Common Vulnerability Index under number CVE-2008-0787. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2008-0787

Description: SQL injection vulnerability in inc/datahandlers/pm.php in MyBB before 1.2.12 allows remote authenticated users to execute arbitrary SQL commands via the options[disablesmilies] parameter to private.php.

Continue Reading …

CVE-2008-1658

This is an entry in the Common Vulnerability Index under number CVE-2008-1658. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2008-1658

Description: Format string vulnerability in the grant helper (polkit-grant-helper.c) in PolicyKit 0.7 and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in a password.

Continue Reading …

CVE-2008-1008

This is an entry in the Common Vulnerability Index under number CVE-2008-1008. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2008-1008

Description: Cross-site scripting (XSS) vulnerability in WebCore, as used in Apple Safari before 3.1, allows remote attackers to inject arbitrary web script or HTML via the document.domain property.

Continue Reading …

CVE-2008-0646

This is an entry in the Common Vulnerability Index under number CVE-2008-0646. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2008-0646

Description: The bdecode_recursive function in include/libtorrent/bencode.hpp in Rasterbar Software libtorrent before 0.12.1, as used in Deluge before 0.5.8.3 and other products, allows context-dependent attackers to cause a denial of service (stack exhaustion and crash) via a crafted bencoded message.

Continue Reading …

CVE-2008-4498

This is an entry in the Common Vulnerability Index under number CVE-2008-4498. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2008-4498

Description: SQL injection vulnerability in searchresults.php in PHP Autos 2.9.1 allows remote attackers to execute arbitrary SQL commands via the catid parameter.

Status: Candidate

Note for CVEs with status “Candidate”: Candidates must be reviewed and accepted by the CVE Editorial Board before they can be added to the official CVE list.Continue Reading …

CVE-2008-0541

This is an entry in the Common Vulnerability Index under number CVE-2008-0541. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2008-0541

Description: Multiple cross-site scripting (XSS) vulnerabilities in forum.php in Gerd Tentler Simple Forum 3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) open and (2) date_show parameters.

Continue Reading …