CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
12751 CVE-2008-7248 20 Bypass CSRF 2009-12-15 2019-08-08
6.8
None Remote Medium Not required Partial Partial Partial
Ruby on Rails 2.1 before 2.1.3 and 2.2.x before 2.2.2 does not verify tokens for requests with certain content types, which allows remote attackers to bypass cross-site request forgery (CSRF) protection for requests to applications that rely on this protection, as demonstrated using text/plain.
12752 CVE-2008-7247 59 Bypass 2009-11-30 2018-01-04
6.0
None Remote Medium Single system Partial Partial Partial
sql/sql_table.cc in MySQL 5.0.x through 5.0.88, 5.1.x through 5.1.41, and 6.0 before 6.0.9-alpha, when the data home directory contains a symlink to a different filesystem, allows remote authenticated users to bypass intended access restrictions by calling CREATE TABLE with a (1) DATA DIRECTORY or (2) INDEX DIRECTORY argument referring to a subdirectory that requires following this symlink.
12753 CVE-2008-7243 352 CSRF 2009-09-17 2018-10-11
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in page 34 in MODx CMS 0.9.6.1 and 0.9.6.1p1 allows remote attackers to hijack the authentication of other users for requests that modify passwords via manager/index.php. NOTE: due to the lack of details, it is not clear whether this is related to CVE-2008-5941.
12754 CVE-2008-7241 352 CSRF 2009-09-17 2009-09-18
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in PunBB before 1.2.17 allows remote attackers to hijack the authentication of unspecified users for requests related to a logout, probably a forced logout.
12755 CVE-2008-7238 2009-09-14 2012-10-22
6.0
None Remote Medium Single system Partial Partial Partial
Multiple unspecified vulnerabilities in Oracle E-Business Suite 12.0.3 allow (1) local users to affect confidentiality and integrity via unknown vectors related to the Mobile Application Server component (APP01); (2) remote attackers to affect confidentiality via unknown vectors related to the Oracle Applications Framework (APP03); remote authenticated users to affect confidentiality and integrity via unknown vectors related to the (3) CRM Technical Foundation (APP05) and (4) Oracle Application Object Library (APP06); and remote authenticated users to affect integrity and availability via unknown vectors related to (5) Oracle Applications Technology Stack (APP07).
12756 CVE-2008-7234 2009-09-14 2012-10-22
6.8
None Remote Medium Not required Partial Partial Partial
Unspecified vulnerability in the Oracle BPEL Worklist Application component in Oracle Application Server 10.1.2.2 and 10.1.3.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, aka AS03.
12757 CVE-2008-7221 352 CSRF 2009-09-14 2018-10-11
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in RunCMS 1.6.1 allows remote attackers to hijack the authentication of administrators for requests that (1) add new administrators or (2) modify user profiles via a crafted request to system/admin.php.
12758 CVE-2008-7214 352 XSS CSRF 2009-09-11 2018-10-11
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in administrator/index2.php in MOStlyCE before 2.4, as used in Mambo 4.6.3 and earlier, allows remote attackers to hijack the authentication of administrators for requests that add new administrator accounts via the save task in a com_users action, as demonstrated using a separate XSS vulnerability in mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/connector.php.
12759 CVE-2008-7211 +Priv 2009-09-11 2018-10-11
6.9
Admin Local Medium Not required Complete Complete Complete
CreativeLabs es1371mp.sys 5.1.3612.0 WDM audio driver, as used in Ensoniq PCI 1371 sound cards and when running on Windows Vista, does not create a Functional Device Object (FDO) to prevent user-moade access to the Physical Device Object (PDO), which allows local users to gain SYSTEM privileges via a crafted IRP request that dereferences a NULL FsContext pointer.
12760 CVE-2008-7208 89 Exec Code Sql 2009-09-11 2018-10-11
6.8
None Remote Medium Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in OneCMS 2.4, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the (1) username parameter ($usernameb variable) to a_login.php or (2) user parameter to staff.php.
12761 CVE-2008-7204 352 CSRF 2009-09-11 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in VirtueMart 1.0.13a and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
12762 CVE-2008-7193 352 CSRF 2009-09-09 2018-10-11
6.8
None Remote Medium Not required Partial Partial Partial
PHPKIT 1.6.4 PL1 includes the session ID in the URL, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks by reading the PHPKITSID parameter from the HTTP Referer and using it in a request to (1) modify the user profile via upload_files/include.php or (2) create a new administrator via upload_files/pk/include.php.
12763 CVE-2008-7192 352 CSRF 2009-09-09 2018-10-11
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in index.php in WoltLab Burning Board (wBB) 3.0.1, and possibly other 3.x versions, allows remote attackers to hijack the authentication of users for requests that delete private messages via the pmID parameter in a delete action in a PM page, a different vulnerability than CVE-2008-0472.
12764 CVE-2008-7183 94 Exec Code File Inclusion 2009-09-08 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in eva/index.php in EVA CMS 2.3.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the eva[caminho] parameter to index.php.
12765 CVE-2008-7176 22 Dir. Trav. 2009-09-08 2017-09-28
6.8
User Remote Medium Not required Partial Partial Partial
Multiple directory traversal vulnerabilities in Facil CMS 0.1RC allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) change_lang parameter to index.php or (2) modload parameter to modules.php.
12766 CVE-2008-7165 352 CSRF 2009-09-04 2018-10-11
6.8
User Remote Medium Not required Partial Partial Partial
Cross-site request forgery in cp06_wifi_m_nocifr.cgi in the administrator panel in TELECOM ITALIA Alice Gate2 Plus Wi-Fi allows remote attackers to hijack the authentication of administrators for requests that disable Wi-Fi encryption via certain values for the wlChannel and wlRadioEnable parameters.
12767 CVE-2008-7163 22 Dir. Trav. 2009-09-04 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in mods/Integrated/index.php in SineCMS 2.3.5 and earlier, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via the sine[config][index_main] parameter.
12768 CVE-2008-7157 264 Exec Code 2009-09-02 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
Unrestricted file upload vulnerability in EkinBoard 1.1.0 and earlier allows remote attackers to execute arbitrary code by uploading an avatar file with an executable extension followed by a safe extension, then accessing it via a direct request to the file in uploaded/avatars/.
12769 CVE-2008-7156 287 +Priv Bypass 2009-09-02 2017-09-28
6.8
User Remote Medium Not required Partial Partial Partial
EkinBoard 1.1.0 and earlier, when register_globals is enabled, allows remote attackers to bypass authorization and gain administrator privileges by setting the _groups[] parameter to 2, as demonstrated via backup.php.
12770 CVE-2008-7152 94 Exec Code File Inclusion 2009-09-01 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Multiple PHP remote file inclusion vulnerabilities in Specimen Image Database (SID), when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the dir parameter to (1) client.php or (2) taxonservice.php.
12771 CVE-2008-7151 352 Exec Code CSRF 2009-09-01 2017-08-16
6.8
User Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in Live 5.x before 5.x-0.1, a module for Drupal, allows remote attackers to hijack the authentication of unspecified privileged users for requests that can be leveraged to execute arbitrary PHP code.
12772 CVE-2008-7143 200 +Info 2009-09-01 2018-10-11
6.8
None Remote Medium Not required Partial Partial Partial
phpBB 2.0.23 includes the session ID in a request to modcp.php when the moderator or administrator closes a thread, which allows remote attackers to hijack the session via a post in the thread containing a URL to a remotely hosted image, which might include the session ID in the Referer header.
12773 CVE-2008-7139 352 CSRF 2009-09-01 2018-10-11
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in WS-Proxy in Eye-Fi 1.1.2 allow remote attackers to hijack the authentication of users for requests that modify configuration via a SOAPAction parameter of (1) urn:SetOptions for autostart, (2) urn:SetDesktopSync for file upload, or (3) urn:SetFolderConfig for file download location or modification of authentication credentials; and (4) urn:AddNetwork for adding an arbitrary Service Set Identifier (SSID) to hijack the image upload.
12774 CVE-2008-7131 2009-08-31 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Unspecified vulnerability in DB2 Monitoring Console 2.2.4 and earlier allows remote attackers to gain access to a database via a link to a victim who is already connected to the database.
12775 CVE-2008-7123 94 Bypass 2009-08-31 2017-09-28
6.8
User Remote Medium Not required Partial Partial Partial
Static code injection vulnerability in admin/configuration/modifier.php in zKup CMS 2.0 through 2.3 allows remote attackers to inject arbitrary PHP code into fichiers/config.php via a null byte (%00) in the login parameter in an ajout action, which bypasses the regular expression check.
12776 CVE-2008-7114 89 Exec Code Sql 2009-08-28 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in members_search.php in iFusion Services iFdate 2.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the name field.
12777 CVE-2008-7113 310 2009-08-28 2017-08-16
6.4
None Remote Low Not required Partial Partial None
The Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 uses a small space of predictable user identification numbers for access control, which allows remote attackers to upload documents via a brute force attack.
12778 CVE-2008-7100 +Priv Bypass 2009-08-27 2017-08-16
6.5
User Remote Low Single system Partial Partial Partial
Unspecified vulnerability in DotNetNuke 4.4.1 through 4.8.4 allows remote authenticated users to bypass authentication and gain privileges via unknown vectors related to a "unique id" for user actions and improper validation of a "user identity."
12779 CVE-2008-7099 Exec Code 2009-08-27 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
Unspecified vulnerability in the Manage Templates feature in Qsoft K-Rate Premium allows remote attackers to execute arbitrary PHP code via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
12780 CVE-2008-7096 264 +Priv 2009-08-27 2017-08-16
6.9
None Local Medium Not required Complete Complete Complete
Intel Desktop and Intel Mobile Boards with BIOS firmware DQ35JO, DQ35MP, DP35DP, DG33FB, DG33BU, DG33TL, MGM965TW, D945GCPE, and DX38BT allows local administrators with ring 0 privileges to gain additional privileges and modify code that is running in System Management Mode, or access hypervisory memory as demonstrated at Black Hat 2008 by accessing certain remapping registers in Xen 3.3.
12781 CVE-2008-7093 22 Dir. Trav. 2009-08-26 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Multiple directory traversal vulnerabilities in Unica Affinium Campaign 7.2.1.0.55 allow remote attackers to (1) create arbitrary directories or files via a .. (dot dot) in the folder name in the new folder functionality or (2) list arbitrary files via a crafted request to Campaign/CampaignListener.
12782 CVE-2008-7088 20 Exec Code 2009-08-26 2017-09-28
6.5
None Remote Low Single system Partial Partial Partial
Unrestricted file upload vulnerability in upload.php in PhotoPost vBGallery 2.4.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension followed by a safe extension, then accessing it via a direct request to the file in a certain path. NOTE: this may be the same vulnerability as CVE-2008-0251, but this is not clear due to lack of details from the vendor.
12783 CVE-2008-7082 352 Bypass CSRF 2009-08-25 2018-10-11
6.8
None Remote Medium Not required Partial Partial Partial
MyBB (aka MyBulletinBoard) 1.4.3 includes the sensitive my_post_key parameter in URLs to moderation.php with the (1) mergeposts, (2) split, and (3) deleteposts actions, which allows remote attackers to steal the token and bypass the cross-site request forgery (CSRF) protection mechanism to hijack the authentication of moderators by reading the token from the HTTP Referer header.
12784 CVE-2008-7076 264 Exec Code 2009-08-25 2017-09-28
6.5
None Remote Low Single system Partial Partial Partial
Unrestricted file upload vulnerability in user.modify.profile.php in Kalptaru Infotech Ltd. Star Articles 6.0 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a profile photo, then accessing it via a direct request to the file in authorphoto/.
12785 CVE-2008-7073 94 Exec Code File Inclusion 2009-08-25 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in lib/action/rss.php in RSS module 0.1 for Pie Web M{a,e}sher, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the lib parameter.
12786 CVE-2008-7068 20 DoS 2009-08-25 2018-10-30
6.4
None Remote Low Not required None Partial Partial
The dba_replace function in PHP 5.2.6 and 4.x allows context-dependent attackers to cause a denial of service (file truncation) via a key with the NULL byte. NOTE: this might only be a vulnerability in limited circumstances in which the attacker can modify or add database entries but does not have permissions to truncate the file.
12787 CVE-2008-7062 264 Exec Code 2009-08-25 2017-09-28
6.8
User Remote Medium Not required Partial Partial Partial
Unrestricted file upload vulnerability in admin/index.php in Download Manager module 1.0 for LoveCMS 1.6.2 Final allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in uploads/.
12788 CVE-2008-7058 352 CSRF 2009-08-24 2017-09-28
6.8
User Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in BandSite CMS 1.1.4 allows remote attackers to hijack the authentication of administrators and force a logout via adminpanel/logout.php.
12789 CVE-2008-7052 20 Exec Code 2009-08-24 2017-09-28
6.5
None Remote Low Single system Partial Partial Partial
Unrestricted file upload vulnerability in profile.php in Pre Projects Pre Real Estate Listings allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a profile logo, then accessing it via a direct request to the file in re_images/.
12790 CVE-2008-7046 287 Bypass 2009-08-24 2009-08-24
6.4
None Remote Low Not required Partial Partial None
AJ Square Free Polling Script (AJPoll) allows remote attackers to bypass authentication and create new polls via a direct request to admin/include/newpoll.php, a different vector than CVE-2008-7045. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
12791 CVE-2008-7045 287 Bypass 2009-08-24 2017-09-28
6.4
None Remote Low Not required Partial Partial None
AJ Square Free Polling Script (AJPoll) Database version allows remote attackers to bypass authentication and reset poll votes via a direct request to admin/resetvote.php.
12792 CVE-2008-7032 352 Exec Code CSRF 2009-08-24 2018-10-11
6.8
None Remote Medium Not required Partial Partial Partial
Web Management Console Cross-site request forgery (CSRF) vulnerability in the web management console in F5 BIG-IP 9.4.3 allows remote attackers to hijack the authentication of administrators for requests that create new administrators and execute shell commands, as demonstrated using tmui/Control/form.
12793 CVE-2008-7029 20 Exec Code 2009-08-24 2018-10-11
6.0
None Remote Medium Single system Partial Partial Partial
Unrestricted file upload vulnerability in usercp.php in AlilG Application AliBoard Beta allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as an avatar, then accessing it via a direct request to the file in uploads/avatars/.
12794 CVE-2008-7026 264 Exec Code 2009-08-21 2018-10-11
6.8
None Remote Medium Not required Partial Partial Partial
Unrestricted file upload vulnerability in filesystem3.class.php in eFront 3.5.1 build 2710 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension as an avatar, then accessing it via a direct request to the file in (1) student/avatars/ or (2) professor/avatars/.
12795 CVE-2008-7024 264 +Priv Bypass 2009-08-21 2018-10-11
6.8
User Remote Medium Not required Partial Partial Partial
admin.php in Arz Development The Gemini Portal 4.7 and earlier allows remote attackers to bypass authentication and gain administrator privileges by setting the user cookie to "admin" and setting the name parameter to "users."
12796 CVE-2008-7021 Exec Code 2009-08-21 2017-09-28
6.0
None Remote Medium Single system Partial Partial Partial
Unrestricted file upload vulnerability in editlogo.php in AvailScript Jobs Portal Script allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as an image or logo, then accessing it via a direct request to the file in an unspecified directory.
12797 CVE-2008-7016 352 CSRF 2009-08-21 2017-08-16
6.8
User Remote Medium Not required Partial Partial Partial
tnftpd before 20080929 splits large command strings into multiple commands, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks via unknown vectors, probably involving a crafted ftp:// link to a tnftpd server.
12798 CVE-2008-7009 119 Exec Code Overflow 2009-08-19 2018-10-11
6.9
None Local Medium Not required Complete Complete Complete
Buffer overflow in multiscan.exe in Check Point ZoneAlarm Security Suite 7.0.483.000 and 8.0.020.000 allows local users to execute arbitrary code via a file or directory with a long path. NOTE: some of these details are obtained from third party information.
12799 CVE-2008-6986 89 Exec Code Sql 2009-08-19 2018-10-11
6.8
None Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in the actionMultipleAddProduct function in includes/classes/shopping_cart.php in Zen Cart 1.3.0 through 1.3.8a, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the products_id array parameter in a multiple_products_add_product action, a different vulnerability than CVE-2008-6985.
12800 CVE-2008-6985 89 Exec Code Sql 2009-08-19 2018-10-11
6.8
None Remote Medium Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in includes/classes/shopping_cart.php in Zen Cart 1.2.0 through 1.3.8a, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the id parameter when (1) adding or (2) updating the shopping cart.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.