-
Badware
- CVE-2008-2092 (SPA-2102 Phone Adapter)
- CVE-2008-2092 (SPA-2102 Phone Adapter)
- CVE-2008-2080 (Common Data Format)
- CVE-2008-2090 (Solaris)
- CVE-2008-2093 (community_builder, com_comprofiler)
- CVE-2008-2093 (community_builder, com_comprofiler)
- CVE-2008-2080 (Common Data Format)
- CVE-2008-2089 (Solaris)
- CVE-2008-2080 (Common Data Format)
- CVE-2008-2080 (Common Data Format)
- CVE-2008-2093 (community_builder, com_comprofiler)
- CVE-2008-2080 (Common Data Format)
- CVE-2008-2092 (SPA-2102 Phone Adapter)
- CVE-2008-2080 (Common Data Format)
- CVE-2008-2091 (kubelance)
- CVE-2008-2089 (Solaris)
- CVE-2008-2092 (SPA-2102 Phone Adapter)
- CVE-2008-2093 (community_builder, com_comprofiler)
- CVE-2008-2092 (SPA-2102 Phone Adapter)
- CVE-2008-2092 (SPA-2102 Phone Adapter)
- CVE-2008-2092 (SPA-2102 Phone Adapter)
- CVE-2008-2089 (Solaris)
- CVE-2008-2080 (Common Data Format)
- CVE-2008-2092 (SPA-2102 Phone Adapter)
- CVE-2008-2092 (SPA-2102 Phone Adapter)
Categories
Monthly Archives: April 2008
CVE-2008-1971 (phshoutbox_final)
phShoutBox Final 1.5 and earlier only checks passwords when specified in $_POST, which allows remote attackers to gain privileges by setting the (1) phadmin cookie to admin.php, or (2) in 1.4 and earlier, the ssbadmin cookie to shoutadmin.php.
Posted in Badware
Leave a comment
CVE-2008-1971 (phshoutbox_final)
phShoutBox Final 1.5 and earlier only checks passwords when specified in $_POST, which allows remote attackers to gain privileges by setting the (1) phadmin cookie to admin.php, or (2) in 1.4 and earlier, the ssbadmin cookie to shoutadmin.php.
Posted in Badware
Leave a comment
CVE-2008-1986 (Pixel Motion Blog)
Cross-site scripting (XSS) vulnerability in liste_article.php in Blog Pixel Motion (aka PixelMotion) allows remote attackers to inject arbitrary web script or HTML via the jours parameter.
Posted in Badware
Leave a comment
CVE-2008-1971 (phshoutbox_final)
phShoutBox Final 1.5 and earlier only checks passwords when specified in $_POST, which allows remote attackers to gain privileges by setting the (1) phadmin cookie to admin.php, or (2) in 1.4 and earlier, the ssbadmin cookie to shoutadmin.php.
Posted in Badware
Leave a comment
CVE-2008-1984 (Secure Content Manager)
The eTrust Common Services (Transport) Daemon (eCSqdmn) in CA Secure Content Manager 8.0.28000.511 and earlier allows remote attackers to cause a denial of service (crash or CPU consumption) via a malformed packet to TCP port 1882.
Posted in Badware
Leave a comment
CVE-2008-1973 (subedit_player)
Heap-based buffer overflow in SubEdit Player build 4056 and 4066 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long subtitle file.
Posted in Badware
Leave a comment
CVE-2008-1971 (phshoutbox_final)
phShoutBox Final 1.5 and earlier only checks passwords when specified in $_POST, which allows remote attackers to gain privileges by setting the (1) phadmin cookie to admin.php, or (2) in 1.4 and earlier, the ssbadmin cookie to shoutadmin.php.
Posted in Badware
Leave a comment
CVE-2008-1984 (Secure Content Manager)
The eTrust Common Services (Transport) Daemon (eCSqdmn) in CA Secure Content Manager 8.0.28000.511 and earlier allows remote attackers to cause a denial of service (crash or CPU consumption) via a malformed packet to TCP port 1882.
Posted in Badware
Leave a comment
CVE-2008-1986 (Pixel Motion Blog)
Cross-site scripting (XSS) vulnerability in liste_article.php in Blog Pixel Motion (aka PixelMotion) allows remote attackers to inject arbitrary web script or HTML via the jours parameter.
Posted in Badware
Leave a comment
CVE-2008-1975 (e_reserve)
SQL injection vulnerability in index.php in E-RESERV 2.1 allows remote attackers to execute arbitrary SQL commands via the ID_loc parameter.
Posted in Badware
Leave a comment