Search Results (363668 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-6410 1 Brian Wilson 1 Ol\'bookmarks 2026-04-23 N/A
Directory traversal vulnerability in show.php in ol'bookmarks manager 0.7.5 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the show parameter.
CVE-2008-4506 1 Ibm 1 Lotus Quickr 2026-04-23 N/A
Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 (8.1.0.1) allows a place manager to "demote or delete a place superuser group" via unknown vectors.
CVE-2008-6414 1 Aj Square 1 Aj Auction 2026-04-23 N/A
SQL injection vulnerability in detail.php in AJ Auction Pro Platinum Skin 2 allows remote attackers to execute arbitrary SQL commands via the item_id parameter.
CVE-2008-4507 1 Ibm 1 Lotus Quickr 2026-04-23 N/A
Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 (8.1.0.1) allows editors to delete pages that were created by a different author via unknown vectors.
CVE-2008-6468 1 Dieselscripts 1 Diesel Pay 2026-04-23 N/A
SQL injection vulnerability in index.php in Diesel Pay allows remote attackers to execute arbitrary SQL commands via the area parameter in a browse action.
CVE-2008-6469 1 Plaincart 1 Plaincart 2026-04-23 N/A
SQL injection vulnerability in index.php in PlainCart 1.1.2 allows remote attackers to execute arbitrary SQL commands via the p parameter.
CVE-2008-7014 1 Fhttpd 1 Fhttpd 2026-04-23 N/A
fhttpd 0.4.2 allows remote attackers to cause a denial of service (crash) via an Authorization HTTP header with an invalid character after the Basic value.
CVE-2008-7019 1 Esqlanelapse 1 Esqlanelapse 2026-04-23 N/A
Esqlanelapse 2.6.1 and 2.6.2 allows remote attackers to bypass authentication and gain privileges via modified (1) enombre and (2) euri cookies.
CVE-2008-7021 1 Availscript 1 Jobs Portal Script 2026-04-23 N/A
Unrestricted file upload vulnerability in editlogo.php in AvailScript Jobs Portal Script allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as an image or logo, then accessing it via a direct request to the file in an unspecified directory.
CVE-2008-6403 1 Openrat 1 Openrat 2026-04-23 N/A
PHP remote file inclusion vulnerability in themes/default/include/html/insert.inc.php in OpenRat 0.8-beta4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the tpl_dir parameter.
CVE-2008-3875 1 Sun 2 Opensolaris, Solaris 2026-04-23 N/A
The kernel in Sun Solaris 8 through 10 and OpenSolaris before snv_90 allows local users to bypass chroot, zones, and the Solaris Trusted Extensions multi-level security policy, and establish a covert communication channel, via unspecified vectors involving system calls.
CVE-2008-2705 1 Sun 1 Java System Access Manager 2026-04-23 N/A
Unspecified vulnerability in Sun Java System Access Manager (AM) 7.1, when used with certain versions and configurations of Sun Directory Server Enterprise Edition (DSEE), allows remote attackers to bypass authentication via unspecified vectors.
CVE-2008-6401 1 Jetik 1 Jetik-web 2026-04-23 N/A
SQL injection vulnerability in sayfa.php in JETIK-WEB allows remote attackers to execute arbitrary SQL commands via the kat parameter.
CVE-2008-4881 1 Yourfreeworld 1 Reminder Service Script 2026-04-23 N/A
SQL injection vulnerability in tr.php in YourFreeWorld Reminder Service Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-2696 1 Exiv2 1 Exiv2 2026-04-23 N/A
Exiv2 0.16 allows user-assisted remote attackers to cause a denial of service (divide-by-zero and application crash) via a zero value in Nikon lens information in the metadata of an image, related to "pretty printing" and the RationalValue::toLong function.
CVE-2008-6042 1 Netartmedia 1 Real Estate Portal 2026-04-23 N/A
SQL injection vulnerability in the re_search module in NetArtMedia Real Estate Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the ad parameter to index.php.
CVE-2008-2684 1 Blackice 1 Black Ice Barcode Sdk 2026-04-23 N/A
The BIDIB.BIDIBCtrl.1 ActiveX control in BIDIB.ocx 10.9.3.0 in Black Ice Barcode SDK 5.01 allows remote attackers to execute arbitrary code via long strings in the two arguments to the DownloadImageFileURL method, which trigger memory corruption. NOTE: some of these details are obtained from third party information.
CVE-2008-6031 1 Wsn Links 1 Wsn Links 2026-04-23 N/A
SQL injection vulnerability in vote.php in WSN Links 2.22 and 2.23 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: it was later reported that 2.34 is also vulnerable.
CVE-2008-6030 1 Netartmedia 1 Jobs Portal 2026-04-23 N/A
Multiple SQL injection vulnerabilities in NetArtMedia Jobs Portal 1.3 allow remote attackers to execute arbitrary SQL commands via (1) the job parameter to index.php in the search module or (2) the news_id parameter to index.php.
CVE-2008-4872 1 Itechscripts 1 Itechbids 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in bidhistory.php in iTechBids Gold 5.0 allows remote attackers to inject arbitrary web script or HTML via the item_id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.