Export limit exceeded: 346547 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346547 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-6209 | 1 Vastal | 1 Software Zone | 2026-04-23 | N/A |
| SQL injection vulnerability in view_product.php in Vastal I-Tech Software Zone allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | ||||
| CVE-2008-6218 | 1 Libpng | 1 Libpng | 2026-04-23 | N/A |
| Memory leak in the png_handle_tEXt function in pngrutil.c in libpng before 1.2.33 rc02 and 1.4.0 beta36 allows context-dependent attackers to cause a denial of service (memory exhaustion) via a crafted PNG file. | ||||
| CVE-2008-6219 | 1 Emc | 5 Networker Client, Networker Module, Networker Powersnap and 2 more | 2026-04-23 | N/A |
| nsrexecd.exe in multiple EMC Networker products including EMC NetWorker Server, Storage Node, and Client 7.3.x and 7.4, 7.4.1, 7.4.2, Client and Storage Node for Open VMS 7.3.2 ECO6 and earlier, Module for Microsoft Exchange 5.1 and earlier, Module for Microsoft Applications 2.0 and earlier, Module for Meditech 2.0 and earlier, and PowerSnap 2.4 SP1 and earlier does not properly control the allocation of memory, which allows remote attackers to cause a denial of service (memory exhaustion) via multiple crafted RPC requests. | ||||
| CVE-2008-6221 | 2 Dadamailproject, Joomla | 2 Dada Mail Manager, Joomla | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in config.dadamail.php in the Dada Mail Manager (com_dadamail) component 2.6 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[mosConfig_absolute_path] parameter. | ||||
| CVE-2008-6222 | 2 Joomla, Joomlashowroom | 2 Joomla, Pro Desk Support Center | 2026-04-23 | N/A |
| Directory traversal vulnerability in the Pro Desk Support Center (com_pro_desk) component 1.0 and 1.2 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the include_file parameter to index.php. | ||||
| CVE-2008-6223 | 1 Wotw | 1 Way Of The Warrior | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in visualizza.php in Way Of The Warrior (WOTW) 5.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the plancia parameter to crea.php. | ||||
| CVE-2007-5147 | 1 Puzzle Apps Cms | 1 Puzzle Apps Cms | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Puzzle Apps CMS 2.2.1 allow remote attackers to execute arbitrary PHP code via a URL in the MODULEDIR parameter to (1) core/modules/my/my.module.php or (2) core/modules/xml/xml.module.php; the COREROOT parameter to (3) config.loader.php, (4) platform.loader.php, (5) core.loader.php, (6) person.loader.php, or (7) module.loader.php in core/ or (8) install/steps/step_3.php; or the THISDIR parameter to (9) people.lib.php, (10) general.lib.php, (11) content.lib.php, or (12) templates.lib.php in core/modules/admin/libs/ or (13) core/modules/webstat/MEC/index.php. | ||||
| CVE-2008-6226 | 1 Preproject | 1 Php Auto Listings Script | 2026-04-23 | N/A |
| SQL injection vulnerability in moreinfo.php in Pre Projects PHP Auto Listings Script, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the itemno parameter. | ||||
| CVE-2008-6227 | 1 Preproject | 1 Pre Multi-vendor Shopping Malls | 2026-04-23 | N/A |
| SQL injection vulnerability in buyer_detail.php in Pre Multi-Vendor Shopping Malls allows remote attackers to execute arbitrary SQL commands via the (1) sid and (2) cid parameters. | ||||
| CVE-2008-6229 | 1 Drupal | 1 Content Construction Kit | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the administrative interface in Drupal Content Construction Kit (CCK) 5.x before 5.x-1.10 and 6.x before 6.x-2.0, a module for Drupal, allows remote authenticated users with "administer content" permissions to inject arbitrary web script or HTML via (1) field labels and (2) content-type names. | ||||
| CVE-2008-6234 | 2 Joomla, Mambo-foundation | 4 Com Musica, Joomla, Com Musica and 1 more | 2026-04-23 | N/A |
| SQL injection vulnerability in the com_musica module in Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | ||||
| CVE-2009-0768 | 1 Yapbb | 1 Yapbb | 2026-04-23 | N/A |
| SQL injection vulnerability in forumhop.php in YapBB 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the forumID parameter in a next action. | ||||
| CVE-2008-3937 | 1 Opendb | 1 Opendb | 2026-04-23 | 6.1 Medium |
| Multiple cross-site scripting (XSS) vulnerabilities in Open Media Collectors Database (OpenDb) 1.0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) user_id parameter in an edit action to user_admin.php, the (2) title parameter to listings.php, and the (3) redirect_url parameter to user_profile.php. | ||||
| CVE-2008-6235 | 2 Redhat, Vim | 2 Enterprise Linux, Vim | 2026-04-23 | N/A |
| The Netrw plugin (netrw.vim) in Vim 7.0 and 7.1 allows user-assisted attackers to execute arbitrary commands via shell metacharacters in a filename used by the (1) "D" (delete) command or (2) b:netrw_curdir variable, as demonstrated using the netrw.v4 and netrw.v5 test cases. | ||||
| CVE-2008-3942 | 1 Ozsari | 1 Full Php Emlak Script | 2026-04-23 | N/A |
| SQL injection vulnerability in landsee.php in Full PHP Emlak Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-6236 | 1 Cafuego | 1 Simple Document Management System | 2026-04-23 | N/A |
| SQL injection vulnerability in login.php in Simple Document Management System (SDMS) 1.1.5 and 1.1.4, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the login parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-6243 | 1 Scripts For Sites | 1 Ez Hotscripts-likesite | 2026-04-23 | N/A |
| SQL injection vulnerability in showcategory.php in Scripts For Sites (SFS) Hotscripts-like Site allows remote attackers to execute arbitrary SQL commands via the cid parameter. | ||||
| CVE-2008-6244 | 1 Scripts-for-sites | 1 Ez Gaming Cheats | 2026-04-23 | N/A |
| SQL injection vulnerability in view_reviews.php in Scripts for Sites (SFS) EZ Gaming Cheats allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-6245 | 1 Scripts-for-sites | 1 Ez Biz Pro | 2026-04-23 | N/A |
| SQL injection vulnerability in track.php in Scripts For Sites (SFS) EZ BIZ PRO allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-6247 | 1 Scripts-for-sites | 1 Ez Top Sites | 2026-04-23 | N/A |
| SQL injection vulnerability in topsite.php in Scripts For Sites (SFS) EZ Top Sites allows remote attackers to execute arbitrary SQL commands via the ts parameter. | ||||