Cross-site scripting (XSS) vulnerability in PolyPager 1.0 rc2 and earlier allows remote attackers to inject arbitrary web script or HTML via the nr parameter to the default URI. Date published : 2008-08-06 http://www.securityfocus.com/bid/29975 https://www.exploit-db.com/exploits/5941
Unspecified vulnerability in mask PHP File Manager (mPFM) before 2.3 has unknown impact and remote attack vectors related to "manipulation of cookies." Date published : 2008-08-06 http://www.securityfocus.com/bid/29926 http://sourceforge.net/project/shownotes.php?release_id=608915
RSSFromParent in Plain Black WebGUI before 7.5.13 does not restrict view access to Collaboration System (CS) RSS feeds, which allows remote attackers to obtain sensitive information (CS data). Date published : 2008-08-06 http://www.securityfocus.com/bid/29927 http://www.webgui.org/getwebgui/advisories/webgui-7_5_13-beta-released
Unspecified vulnerability in Best Practical Solutions RT 3.0.0 through 3.6.6 allows remote authenticated users to cause a denial of service (CPU or memory consumption) via unspecified vectors related to the Devel::StackTrace module for Perl....
Cross-site scripting (XSS) vulnerability in the WebAccess simple interface in Novell Groupwise 7.0.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Date published : 2008-08-06 http://www.securityfocus.com/bid/29922 http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5028200.html
Cross-site scripting (XSS) vulnerability in the Suggested Terms module 5.x before 5.x-1.2 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via crafted Taxonomy terms. Date published : 2008-08-06 http://www.securityfocus.com/bid/29953...
Unspecified vulnerability in "a page in the workarea folder" in Ektron CMS400.NET 7.00 through 7.04 and 7.50 through 7.52 has unknown impact and attack vectors. Date published : 2008-08-06 http://dev.ektron.com/kb_article.aspx?id=18294 http://secunia.com/advisories/30858
SQL injection vulnerability in the nBill (com_netinvoice) component 1.2.0 SP1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter in an orders action to index.php. NOTE: some of these...
SQL injection vulnerability in pages.php in MyPHP CMS 0.3.1 allows remote attackers to execute arbitrary SQL commands via the pid parameter. Date published : 2008-08-06 http://www.securityfocus.com/bid/29940 https://www.exploit-db.com/exploits/5937
Buffer overflow in format descriptor parsing in the uvc_parse_format function in drivers/media/video/uvc/uvc_driver.c in uvcvideo in the video4linux (V4L) implementation in the Linux kernel before 2.6.26.1 has unknown impact and attack vectors. Date published :...
SQL injection vulnerability in kategori.asp in Pcshey Portal allows remote attackers to execute arbitrary SQL commands via the kid parameter. Date published : 2008-08-06 http://www.securityfocus.com/bid/30534 http://downloads.securityfocus.com/vulnerabilities/exploits/30534.pl
8e6 R3000 Internet Filter 2.0.12.10 allows remote attackers to bypass intended restrictions via an extra HTTP Host header with additional leading text placed before the real Host header. Date published : 2008-08-06 http://www.securityfocus.com/bid/30541 http://www.securityfocus.com/archive/1/495117/100/0/threaded
vncviewer.exe in RealVNC Windows Client 4.1.2.0 allows remote VNC servers to cause a denial of service (application crash) via a crafted frame buffer update packet. Date published : 2008-08-06 http://www.securityfocus.com/bid/30499 https://www.exploit-db.com/exploits/6181
America’s Army (aka AA or Army Game Project) 2.8.3.1 and earlier allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted UDP packet, probably involving a VoiceIndex...