CVE-2008-5177 (yosemite_backup) Stack-based buffer overflow in the DtbClsLogin function in Yosemite Backup 8.7 allows remote attackers to (1) execute arbitrary code on a Linux platform, related to...
CVE-2008-5180 (office_communicator) Microsoft Communicator allows remote attackers to cause a denial of service (memory consumption) via a large number of SIP INVITE requests, which trigger the creation...
CVE-2008-5178 (opera) Heap-based buffer overflow in Opera 9.62 on Windows allows remote attackers to execute arbitrary code via a long file:// URI.
CVE-2008-5176 (wincom_mpd_total) Multiple buffer overflows in Client Software WinCom LPD Total 3.0.2.623 and earlier allow remote attackers to execute arbitrary code via (1) a long 0x02 command...
CVE-2008-5181 (office_communicator) Microsoft Communicator allows remote attackers to cause a denial of service (application or device outage) via instant messages containing large numbers of emoticons.
CVE-2008-5170 (cheats_complete_website) SQL injection vulnerability in item.php in Cheats Complete Website 1.1.1 allows remote attackers to execute arbitrary SQL commands via the itemid parameter.
CVE-2008-5168 (tips_complete_website) SQL injection vulnerability in tip.php in Tips Complete Website 1.2.0 allows remote attackers to execute arbitrary SQL commands via the tipid parameter.
CVE-2008-5164 (the_rat_cms) Multiple cross-site scripting (XSS) vulnerabilities in The Rat CMS Pre-Alpha 2 allow remote attackers to inject arbitrary web script or HTML via the (1) id...
CVE-2008-5166 (riddles_website) SQL injection vulnerability in riddle.php in Riddles Website 1.2.1 allows remote attackers to execute arbitrary SQL commands via the riddleid parameter.
CVE-2008-5171 (phpblaster_cms) Multiple directory traversal vulnerabilities in admin/minibb/index.php in phpBLASTER CMS 1.0 RC1, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files...
CVE-2008-5175 (aceftp) Directory traversal vulnerability in the FTP client in AceFTP Freeware 3.80.3 and AceFTP Pro 3.80.3 allows remote FTP servers to create or overwrite arbitrary files...
CVE-2008-5169 (drinks_complete_website) SQL injection vulnerability in drinks/drink.php in Drinks Complete Website 2.1.0 allows remote attackers to execute arbitrary SQL commands via the drinkid parameter.
CVE-2008-5174 (jokes_complete_website) SQL injection vulnerability in joke.php in Jokes Complete Website 2.1.3 allows remote attackers to execute arbitrary SQL commands via the jokeid parameter.
CVE-2008-5167 (orca) PHP remote file inclusion vulnerability in layout/default/params.php in Boonex Orca 2.0 and 2.0.2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code...
CVE-2008-5173 (testmaker) Unspecified vulnerability in testMaker before 3.0p16 allows remote authenticated users to execute arbitrary PHP code via unspecified attack vectors.
Latest Exploits
cambridge-sql.txt VisitCambridge.org suffers from a remote SQL injection vulnerability.
verlihub-exec.txt Verlihub versions 0.9.8d-RC2 and below suffer from a remote command execution vulnerability due to a lack of input sanitization.
joomlathyme-sql.txt The Joomla Thyme component version 1.0 suffers from a remote SQL injection vulnerability.
BitDefenderDOS.zip Proof of concept malicious pdf file that causes a denial of service and infinite loop in BitDefender using the pdf.xmd module.
kvirc-exec.txt KVIrc version 3.4.2 Shiny URI handler remote code execution exploit.
SANS Security Policy
WebShag v.1.00
OWSA Assistant
Zodiac 0.4.9
PuttyHijack 1.0
Packetstorm 2007 Exploits Collection (4)
