Total
5663 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-2832 | 1 Fullrevolution | 1 Aspwebcalendar2008 | 2025-04-09 | N/A |
| Unrestricted file upload vulnerability in calendar_admin.asp in Full Revolution aspWebCalendar 2008 allows remote attackers to upload and execute arbitrary code via the FILE1 parameter in an uploadfileprocess action, probably followed by a direct request to the file in calendar/eventimages/. | ||||
| CVE-2008-2769 | 1 Phpraider | 1 Phpraider | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in authentication/smf/smf.functions.php in Simple Machines phpRaider 1.0.6 and 1.0.7 allows remote attackers to execute arbitrary PHP code via a URL in the pConfig_auth[smf_path] parameter. | ||||
| CVE-2007-6057 | 1 Datecomm | 1 Social Networking Script | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in index.php in datecomm Social Networking Script (aka Myspace Clone Script) allows remote attackers to execute arbitrary PHP code via a URL in the pg parameter. | ||||
| CVE-2008-2689 | 1 Browsercrm | 1 Browsercrm | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in pub/clients.php in BrowserCRM 5.002.00 allows remote attackers to execute arbitrary PHP code via a URL in the bcrm_pub_root parameter. | ||||
| CVE-2009-2531 | 1 Microsoft | 7 Internet Explorer, Windows 2000, Windows 7 and 4 more | 2025-04-09 | N/A |
| Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-2530. | ||||
| CVE-2008-2649 | 1 Don3 | 1 Desktoponnet | 2025-04-09 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in DesktopOnNet 3 Beta allow remote attackers to execute arbitrary PHP code via a URL in the app_path parameter to (1) don3_requiem.don3app/don3_requiem.php and (2) frontpage.don3app/frontpage.php. | ||||
| CVE-2008-2480 | 1 Plusphp | 1 Plusphp Short Url Multi-user Script | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in plus.php in plusPHP Short URL Multi-User Script 1.6 allows remote attackers to execute arbitrary PHP code via a URL in the _pages_dir parameter. | ||||
| CVE-2008-2436 | 1 Novell | 1 Iprint Client | 2025-04-09 | N/A |
| Multiple heap-based buffer overflows in the IppCreateServerRef function in nipplib.dll in Novell iPrint Client 4.x before 4.38 and 5.x before 5.08 allow remote attackers to execute arbitrary code via a long argument to the (1) GetPrinterURLList, (2) GetPrinterURLList2, or (3) GetFileList2 function in the Novell iPrint ActiveX control in ienipp.ocx. | ||||
| CVE-2007-6082 | 1 Sciurus | 1 Sciurus Hosting Panel | 2025-04-09 | N/A |
| Direct static code injection vulnerability in acp/savenews.php in Sciurus Hosting Panel, possibly 2.0.3, allows remote attackers to inject arbitrary PHP code via the filecontents parameter, which can be executed by accessing includes/news.php. | ||||
| CVE-2007-6088 | 1 Phpbbviet | 1 Phpbbviet | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in includes/functions_mod_user.php in phpBBViet 02.03.07 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | ||||
| CVE-2007-6089 | 1 Mebiblio | 1 Mebiblio | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in index.php in meBiblio 0.4.5 allows remote attackers to execute arbitrary PHP code via a URL in the action parameter. | ||||
| CVE-2008-2390 | 1 Hp | 1 Software Update | 2025-04-09 | N/A |
| Hpufunction.dll 4.0.0.1 in HP Software Update exposes the unsafe (1) ExecuteAsync and (2) Execute methods, which allows remote attackers to execute arbitrary code via an absolute pathname in the first argument. | ||||
| CVE-2008-2341 | 1 Avalonnet | 1 News Manager | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in ch_readalso.php in News Manager 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the read_xml_include parameter. | ||||
| CVE-2008-2345 | 1 Typo3 | 1 Air Filemanager | 2025-04-09 | N/A |
| Unspecified vulnerability in the air_filemanager 0.6.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary PHP code via unspecified vectors related to "insufficient file filtering." | ||||
| CVE-2008-2270 | 1 Phpway | 1 Kostenloses Linkmanagementscript | 2025-04-09 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in PHPWAY Kostenloses Linkmanagementscript allow remote attackers to execute arbitrary PHP code via a URL in the (1) main_page_directory and (2) page_to_include parameters in template\index.php. | ||||
| CVE-2008-2198 | 1 Kmita Tellfriend | 1 Tellfriend | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in kmitaadmin/kmitat/htmlcode.php in Kmita Tellfriend 2.0 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the file parameter. | ||||
| CVE-2008-2195 | 1 Deluxebb | 1 Deluxebb | 2025-04-09 | N/A |
| Static code injection vulnerability in admincp.php in DeluxeBB 1.2 and earlier allows remote authenticated administrators to inject arbitrary PHP code into logs/cp.php via the URI. | ||||
| CVE-2007-4009 | 1 Parallels | 1 Confixx | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in admin/business_inc/saveserver.php in SWSoft Confixx Pro 2.0.12 through 3.3.1 allows remote attackers to execute arbitrary PHP code via a URL in the thisdir parameter. | ||||
| CVE-2009-3019 | 1 Microsoft | 3 Internet Explorer, Windows Vista, Windows Xp | 2025-04-09 | N/A |
| Microsoft Internet Explorer 6 on Windows XP SP2 and SP3, and Internet Explorer 7 on Vista, allows remote attackers to cause a denial of service (application crash) via JavaScript code that calls createElement to create an instance of the LI element, and then calls setAttribute to set the value attribute. | ||||
| CVE-2008-2074 | 1 Successkid | 1 Harris Wap Chat | 2025-04-09 | N/A |
| Multiple PHP remote file inclusion vulnerabilities Harris Yusuf Arifin Harris Wap Chat 1.0, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the sysFileDir parameter to (1) eng.writeMsg.php, (2) eng.adCreate.php, (3) eng.adCreateSave.php, (4) eng.adDispByTypeOptions.php, (5) eng.createRoom.php, (6) eng.forward.php, (7) eng.pageLogout.php, (8) eng.resultMember.php, (9) eng.roomDeleteConfirm.php, (10) eng.saveNewRoom.php, and (11) eng.searchMember.php in src/. | ||||