Export limit exceeded: 363759 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363759 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-4716 1 Scriptdemo 1 Php-lance 2026-04-23 N/A
SQL injection vulnerability in show.php in BitmixSoft PHP-Lance 1.52 allows remote attackers to execute arbitrary SQL commands via the catid parameter.
CVE-2008-4713 1 212cafe 1 212cafeboard 2026-04-23 N/A
SQL injection vulnerability in view.php in 212cafe Board 0.07 allows remote attackers to execute arbitrary SQL commands via the qID parameter.
CVE-2008-4715 1 Jpad Project 1 Jpad 2026-04-23 N/A
SQL injection vulnerability in the Jpad (com_jpad) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter to index.php.
CVE-2008-4743 1 Quidascript 1 Faq Management Script 2026-04-23 N/A
SQL injection vulnerability in index.php in QuidaScript FAQ Management Script allows remote attackers to execute arbitrary SQL commands via the catid parameter.
CVE-2008-4744 1 Dxproscripts 1 Dxshopcart 2026-04-23 N/A
SQL injection vulnerability in product_detail.php in DXShopCart 4.30mc allows remote attackers to execute arbitrary SQL commands via the pid parameter.
CVE-2008-4751 1 Epistream 1 Ipei Guestbook 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.php in iPei Guestbook 2.0 allows remote attackers to inject arbitrary web script or HTML via the pg parameter, a different vector than CVE-2005-4597.
CVE-2008-4753 1 Aj Square Inc 1 Rss Reader 2026-04-23 N/A
SQL injection vulnerability in EditUrl.php in AJ Square RSS Reader allows remote attackers to execute arbitrary SQL commands via the url parameter.
CVE-2008-4754 1 Scripts-for-sites 1 Ez Forum 2026-04-23 N/A
SQL injection vulnerability in forum.php in Scripts for Sites (SFS) Ez Forum allows remote attackers to execute arbitrary SQL commands via the forum parameter.
CVE-2008-4763 1 Wikidsystems 1 Wclient-php 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in sample.php in WiKID wClient-PHP 3.0-2 and earlier allow remote attackers to inject arbitrary web script or HTML via the PHP_SELF variable.
CVE-2007-6609 1 Coolplayer 1 Coolplayer 2026-04-23 N/A
Multiple stack-based buffer overflows in the CPLI_ReadTag_OGG function in CPI_PlaylistItem.c in CoolPlayer 217 and earlier allow user-assisted remote attackers to execute arbitrary code via a long (1) cTag or (2) cValue field in an OGG Vorbis file.
CVE-2008-4779 1 Tguzip 1 Tguzip 2026-04-23 N/A
Stack-based buffer overflow in TUGzip 3.5.0.0 allows remote attackers to denial of service (crash) or execute arbitrary code via a long filename in a .zip file.
CVE-2008-4790 1 Drupal 1 Drupal 2026-04-23 N/A
The core upload module in Drupal 5.x before 5.11 allows remote authenticated users to bypass intended access restrictions and read "files attached to content" via unknown vectors.
CVE-2008-4791 1 Drupal 1 Drupal 2026-04-23 N/A
The user module in Drupal 5.x before 5.11 and 6.x before 6.5 might allow remote authenticated users to bypass intended login access rules and successfully login via unknown vectors.
CVE-2008-4793 1 Drupal 1 Drupal 2026-04-23 N/A
The node module API in Drupal 5.x before 5.11 allows remote attackers to bypass node validation and have unspecified other impact via unknown vectors related to contributed modules.
CVE-2008-4811 1 Smarty 1 Smarty 2026-04-23 N/A
The _expand_quoted_text function in libs/Smarty_Compiler.class.php in Smarty 2.6.20 r2797 and earlier allows remote attackers to execute arbitrary PHP code via vectors related to templates and a \ (backslash) before a dollar-sign character.
CVE-2008-4224 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
UDF in Apple Mac OS X before 10.5.6 allows user-assisted attackers to cause a denial of service (system crash) via a malformed UDF volume in a crafted ISO file.
CVE-2008-4223 1 Apple 1 Mac Os X Server 2026-04-23 N/A
Podcast Producer in Apple Mac OS X 10.5 before 10.5.6 allows remote attackers to bypass authentication and gain administrative access via unspecified vectors.
CVE-2008-3890 2 Amd, Freebsd 2 Amd64, Freebsd 2026-04-23 N/A
The kernel in FreeBSD 6.3 through 7.0 on amd64 platforms can make an extra swapgs call after a General Protection Fault (GPF), which allows local users to gain privileges by triggering a GPF during the kernel's return from (1) an interrupt, (2) a trap, or (3) a system call.
CVE-2008-3900 1 Intel 1 Bios 2026-04-23 N/A
Intel firmware PE94510M.86A.0050.2007.0710.1559 stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer after use, which allows local users to obtain sensitive information by reading the physical memory locations associated with this buffer.
CVE-2008-3907 1 Newsbeuter 1 Newsbeuter 2026-04-23 N/A
The open-in-browser command in newsbeuter before 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in a feed URL.