Export limit exceeded: 364070 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364070 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-4486 1 Yerba 1 Yerba 2026-04-23 N/A
Directory traversal vulnerability in index.php in SAC.php (SACphp), as used in Yerba 6.3 and earlier, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the mod parameter.
CVE-2008-4794 1 Opera 1 Opera 2026-04-23 N/A
Opera before 9.62 allows remote attackers to execute arbitrary commands via the History Search results page, a different vulnerability than CVE-2008-4696.
CVE-2008-4495 1 Select Development Solutions 1 Php Auto Dealer 2026-04-23 N/A
SQL injection vulnerability in view_cat.php in PHP Auto Dealer 2.7 allows remote attackers to execute arbitrary SQL commands via the v_cat parameter.
CVE-2008-4517 1 Geccbblite 1 Geccbblite 2026-04-23 N/A
SQL injection vulnerability in leggi.php in geccBBlite 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-4520 1 Autonessus 1 Autonessus 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in bulk_update.pl in AutoNessus before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the remark parameter.
CVE-2008-4522 1 Jesse-web 1 Jmweb Mp3 Music Audio Search And Download Script 2026-04-23 N/A
Multiple directory traversal vulnerabilities in JMweb MP3 Music Audio Search and Download Script allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the src parameter to (1) listen.php and (2) download.php.
CVE-2008-4523 1 Ip Reg 1 Ip Reg 2026-04-23 N/A
SQL injection vulnerability in login.php in IP Reg 0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the user_name parameter.
CVE-2008-4530 1 Drupal 1 Brilliant Gallery 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in Brilliant Gallery 5.x before 5.x-4.2, a module for Drupal, allows remote authenticated users with permissions to inject arbitrary web script or HTML via unspecified vectors related to posting of answers.
CVE-2008-4552 2 Nfs, Redhat 2 Nfs-utils, Enterprise Linux 2026-04-23 N/A
The good_client function in nfs-utils 1.0.9, and possibly other versions before 1.1.3, invokes the hosts_ctl function with the wrong order of arguments, which causes TCP Wrappers to ignore netgroups and allows remote attackers to bypass intended access restrictions.
CVE-2008-4560 1 Hp 1 Openview Network Node Manager 2026-04-23 N/A
HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to obtain sensitive information via (1) a crafted request to the nnmRptConfig.exe CGI program, which reveals the pathname of log directories; or (2) a crafted parameter in a request to the ovlaunch.exe CGI program, which reveals configuration details. NOTE: this issue may be partially covered by CVE-2009-0205.
CVE-2008-4571 1 Plone 1 Plone 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the LiveSearch module in Plone before 3.0.4 allows remote attackers to inject arbitrary web script or HTML via the Description field for search results, as demonstrated using the onerror Javascript even in an IMG tag.
CVE-2008-4579 2 Gentoo, Redhat 4 Cman, Fence, Enterprise Linux and 1 more 2026-04-23 N/A
The (1) fence_apc and (2) fence_apc_snmp programs, as used in (a) fence 2.02.00-r1 and possibly (b) cman, when running in verbose mode, allows local users to append to arbitrary files via a symlink attack on the apclog temporary file.
CVE-2008-4580 1 Gentoo 2 Cman, Fence 2026-04-23 N/A
fence_manual, as used in fence 2.02.00-r1 and possibly cman, allows local users to modify arbitrary files via a symlink attack on the fence_manual.fifo temporary file.
CVE-2008-4592 1 Sportspanel 1 Sports Clubs Web Portal 2026-04-23 N/A
Directory traversal vulnerability in index.php in Sports Clubs Web Panel 0.0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the p parameter.
CVE-2008-4599 1 Mosaic Commerce 1 Mosaic Commerce 2026-04-23 N/A
SQL injection vulnerability in category.php in Mosaic Commerce allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2008-4615 1 Portalapp 1 Portalapp 2026-04-23 N/A
Unspecified vulnerability in i_utils.asp in PortalApp before 4.01a has unknown impact and attack vectors.
CVE-2008-4627 2 Rgallery, Woltlab 2 Rgallery Plugin, Woltlab Burning Board 2026-04-23 N/A
SQL injection vulnerability in the rGallery plugin 1.09 for WoltLab Burning Board (WBB) allows remote attackers to execute arbitrary SQL commands via the itemID parameter in the RGalleryImageWrapper page in index.php.
CVE-2008-4628 1 Mywebland 1 Minibloggie 2026-04-23 N/A
SQL injection vulnerability in del.php in myWebland miniBloggie 1.0 allows remote attackers to execute arbitrary SQL commands via the post_id parameter.
CVE-2008-4629 1 Usagi 1 Mynets 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in Usagi Project MyNETS 1.2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-4630 1 Midgard 1 Midgard Components Framework 2026-04-23 N/A
Multiple unspecified vulnerabilities in Midgard Components (MidCOM) Framework before 8.09.1 have unknown impact and attack vectors.