Export limit exceeded: 346580 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346580 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-6359 | 1 Phpf1 | 1 Max\'s Guestbook | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Max's Guestbook allows remote attackers to inject arbitrary web script or HTML via the (1) name, (2) email, and (3) message parameters. | ||||
| CVE-2008-6361 | 1 Insun Podcast | 1 Feedcms | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in InSun Feed CMS 1.7.3 19Beta allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the lang parameter. | ||||
| CVE-2008-6362 | 1 Ezonelink | 1 Multiple Membership Script | 2026-04-23 | N/A |
| SQL injection vulnerability in sitepage.php in Multiple Membership Script 2.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-6363 | 1 Capilano | 1 Designworks | 2026-04-23 | N/A |
| Stack-based buffer overflow in DesignWorks Professional 4.3.1 and 5.0.7 allows remote attackers to execute arbitrary code via a crafted .cct file. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-6364 | 1 Adserversolutions | 1 Banner Exchange Software | 2026-04-23 | N/A |
| SQL injection vulnerability in logon_process.jsp in Ad Server Solutions Banner Exchange Solution Java allows remote attackers to execute arbitrary SQL commands via the (1) username (uname parameter) and (2) password (pass parameter). NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-6366 | 1 Adserversolutions | 1 Affiliate Software Java | 2026-04-23 | N/A |
| SQL injection vulnerability in logon.jsp in Ad Server Solutions Affiliate Software Java 4.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password, possibly related to the uname and pass parameters to logon_process.jsp. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-6369 | 1 Ocean12tech | 1 Contact Manager Pro | 2026-04-23 | N/A |
| SQL injection vulnerability in default.asp in Ocean12 Contact Manager Pro 1.02 allows remote attackers to execute arbitrary SQL commands via the Sort parameter. | ||||
| CVE-2008-6378 | 1 Mxmania | 1 Calendar Mx Professional | 2026-04-23 | N/A |
| SQL injection vulnerability in calendar_Eventupdate.asp in Calendar Mx Professional 2.0.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. | ||||
| CVE-2008-6379 | 1 Mxmania | 1 Gallery Mx | 2026-04-23 | N/A |
| SQL injection vulnerability in pics_pre.asp in Gallery MX 2.0.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. | ||||
| CVE-2008-6380 | 1 Activewebsoftwares | 1 Active Web Helpdesk | 2026-04-23 | N/A |
| SQL injection vulnerability in default.aspx in Active Web Helpdesk 2.0 allows remote attackers to execute arbitrary SQL commands via the CategoryID parameter. | ||||
| CVE-2008-6381 | 1 Bcoos | 1 Bcoos | 2026-04-23 | N/A |
| SQL injection vulnerability in modules/adresses/viewcat.php in bcoos 1.0.13, and possibly earlier, allows remote authenticated users with Addresses module permissions to execute arbitrary SQL commands via the cid parameter. | ||||
| CVE-2008-6382 | 1 Aspportal | 1 Aspportal | 2026-04-23 | N/A |
| ASP Portal 3.2.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to ASPPortal.mdb. | ||||
| CVE-2008-6387 | 1 Activewebsoftwares | 1 Quick Tree View .net | 2026-04-23 | N/A |
| Quick Tree View .NET 3.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to qtv.mdb. | ||||
| CVE-2008-6388 | 1 4u2ges | 1 Rapid Classified | 2026-04-23 | N/A |
| Rapid Classified 3.1 and 3.15 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to cldb.mdb. | ||||
| CVE-2008-6389 | 1 Aliensoftcorp | 1 Rae Media Contact Management | 2026-04-23 | N/A |
| SQL injection vulnerability in asadmin/default.asp in Rae Media Contact Management Software SOHO, Standard, and Enterprise allows remote attackers to execute arbitrary SQL commands via the Password parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-0859 | 1 Linux | 1 Linux Kernel | 2026-04-23 | N/A |
| The shm_get_stat function in ipc/shm.c in the shm subsystem in the Linux kernel before 2.6.28.5, when CONFIG_SHMEM is disabled, misinterprets the data type of an inode, which allows local users to cause a denial of service (system hang) via an SHM_INFO shmctl call, as demonstrated by running the ipcs program. | ||||
| CVE-2008-6396 | 1 Celerondude | 1 Uploader | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in account.php in Celerondude Uploader 6.1 allows remote attackers to inject arbitrary web script or HTML via the username parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-6397 | 1 Alcovebook | 1 Sgml2x | 2026-04-23 | N/A |
| rlatex in AlcoveBook sgml2x 1.0.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | ||||
| CVE-2008-6398 | 1 Eric Raymond | 1 Sng | 2026-04-23 | N/A |
| sng_regress in SNG 1.0.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/recompiled$$.png, (2) /tmp/decompiled$$.sng, and (3) /tmp/canonicalized$$.sng temporary files. | ||||
| CVE-2008-6400 | 1 Refbase | 1 Refbase | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in refbase before 0.9.5 allows remote attackers to inject arbitrary web script or HTML via the headerMsg parameter to (1) show.php and (2) search.php. NOTE: some of these details are obtained from third party information. | ||||