CVE-2008-1xxx

There are 984 CVE in this subgroup.
Last updated: 
← Back to 2008
ID Summary Flags Max Score
CVE-2008-1000 Directory traversal vulnerability in ContentServer.py in the Wiki Server in Apple Mac OS X 10.5.2 (a...
S
CVE-2008-1001 Cross-site scripting (XSS) vulnerability in Apple Safari before 3.1, when running on Windows XP or V...
S
CVE-2008-1002 Cross-site scripting (XSS) vulnerability in Apple Safari before 3.1 allows remote attackers to injec...
S
CVE-2008-1003 Cross-site scripting (XSS) vulnerability in WebCore, as used in Apple Safari before 3.1, allows remo...
S
CVE-2008-1004 Cross-site scripting (XSS) vulnerability in WebCore, as used in Apple Safari before 3.1, allows remo...
S
CVE-2008-1005 WebCore, as used in Apple Safari before 3.1, does not properly mask the password field when reverse ...
CVE-2008-1006 Cross-site scripting (XSS) vulnerability in WebCore, as used in Apple Safari before 3.1, allows remo...
S
CVE-2008-1007 WebCore, as used in Apple Safari before 3.1, does not enforce the frame navigation policy for Java a...
CVE-2008-1008 Cross-site scripting (XSS) vulnerability in WebCore, as used in Apple Safari before 3.1, allows remo...
S
CVE-2008-1009 Cross-site scripting (XSS) vulnerability in WebCore, as used in Apple Safari before 3.1, allows remo...
S
CVE-2008-1010 Buffer overflow in WebKit, as used in Apple Safari before 3.1, allows remote attackers to execute ar...
S
CVE-2008-1011 Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple Safari before 3.1, allows remot...
S
CVE-2008-1012 Unspecified vulnerability in Apple AirPort Extreme Base Station Firmware 7.3.1 allows remote attacke...
CVE-2008-1013 Apple QuickTime before 7.4.5 enables deserialization of QTJava objects by untrusted Java applets, wh...
S
CVE-2008-1014 Apple QuickTime before 7.4.5 does not properly handle external URLs in movies, which allows remote a...
S
CVE-2008-1015 Buffer overflow in the data reference atom handling in Apple QuickTime before 7.4.5 allows remote at...
S
CVE-2008-1016 Apple QuickTime before 7.4.5 does not properly handle movie media tracks, which allows remote attack...
S
CVE-2008-1017 Heap-based buffer overflow in clipping region (aka crgn) atom handling in quicktime.qts in Apple Qui...
S
CVE-2008-1018 Heap-based buffer overflow in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitr...
S
CVE-2008-1019 Heap-based buffer overflow in quickTime.qts in Apple QuickTime before 7.4.5 allows remote attackers ...
S
CVE-2008-1020 Heap-based buffer overflow in quickTime.qts in Apple QuickTime before 7.4.5 on Windows allows remote...
S
CVE-2008-1021 Heap-based buffer overflow in Animation codec content handling in Apple QuickTime before 7.4.5 on Wi...
S
CVE-2008-1022 Stack-based buffer overflow in Apple QuickTime before 7.4.5 allows remote attackers to execute arbit...
S
CVE-2008-1023 Heap-based buffer overflow in Clip opcode parsing in Apple QuickTime before 7.4.5 on Windows allows ...
S
CVE-2008-1024 Apple Safari before 3.1.1, when running on Windows XP or Vista, allows remote attackers to cause a d...
CVE-2008-1025 Cross-site scripting (XSS) vulnerability in Apple WebKit, as used in Safari before 3.1.1, allows rem...
CVE-2008-1026 Integer overflow in the PCRE regular expression compiler (JavaScriptCore/pcre/pcre_compile.cpp) in A...
S
CVE-2008-1027 Apple Filing Protocol (AFP) Server in Apple Mac OS X before 10.5.3 does not verify that requested fi...
CVE-2008-1028 Unspecified vulnerability in AppKit in Apple Mac OS X before 10.5 allows user-assisted remote attack...
CVE-2008-1030 Integer overflow in the CFDataReplaceBytes function in the CFData API in CoreFoundation in Apple Mac...
CVE-2008-1031 CoreGraphics in Apple Mac OS X before 10.5.3 allows remote attackers to execute arbitrary code or ca...
CVE-2008-1032 Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X before 10.5.3 allows user-assisted...
S
CVE-2008-1033 The scheduler in CUPS in Apple Mac OS X 10.5 before 10.5.3, when debug logging is enabled and a prin...
CVE-2008-1034 Integer underflow in Help Viewer in Apple Mac OS X before 10.5 allows remote attackers to execute ar...
CVE-2008-1035 Use-after-free vulnerability in Apple iCal 3.0.1 on Mac OS X allows remote CalDAV servers, and user-...
E
CVE-2008-1036 The International Components for Unicode (ICU) library in Apple Mac OS X before 10.5.3, Red Hat Ente...
S
CVE-2008-1037 Cross-site scripting (XSS) vulnerability in the file listing function in the web management interfac...
E
CVE-2008-1038 PHP remote file inclusion vulnerability in mod/mod.extmanager.php in DBHcms 1.1.4 and earlier allows...
E
CVE-2008-1039 SQL injection vulnerability in question.asp in PORAR WEBBOARD allows remote attackers to execute arb...
E
CVE-2008-1040 Buffer overflow in the Single Sign-On function in Fujitsu Interstage Application Server 8.0.0 throug...
CVE-2008-1041 Cross-site scripting (XSS) vulnerability in mwhois.php in Matt Wilson Matt's Whois (MWhois) allows r...
E
CVE-2008-1042 Directory traversal vulnerability in include/body.inc.php in Linux Web Shop (LWS) php Download Manag...
E
CVE-2008-1043 PHP remote file inclusion vulnerability in templates/default/header.inc.php in Linux Web Shop (LWS) ...
E
CVE-2008-1044 Stack-based buffer overflow in the Quantum Streaming Player (Quantum Streaming IE Player) ActiveX co...
E
CVE-2008-1045 Cross-site scripting (XSS) vulnerability in the file tree navigation function in system/workplace/vi...
E
CVE-2008-1046 PHP remote file inclusion vulnerability in footer.php in Quinsonnas Mail Checker 1.55 allows remote ...
E
CVE-2008-1047 Cross-site scripting (XSS) vulnerability in tiki-edit_article.php in TikiWiki before 1.9.10.1 allows...
S
CVE-2008-1048 Cross-site scripting (XSS) vulnerability in manager/xmedia.php in Plume CMS 1.2.2 allows remote atta...
E
CVE-2008-1049 Unspecified vulnerability in Parallels SiteStudio before 1.7.2, and 1.8.x before 1.8b, as used in Pa...
S
CVE-2008-1050 SQL injection vulnerability in index.php in Softbiz Jokes & Funny Pics Script allows remote attacker...
E
CVE-2008-1051 PHP remote file inclusion vulnerability in include/body_comm.inc.php in phpProfiles 4.5.2 BETA allow...
E
CVE-2008-1052 The administration web interface in NetWin SurgeFTP 2.3a2 and earlier allows remote attackers to cau...
CVE-2008-1053 Multiple SQL injection vulnerabilities in the Kose_Yazilari module for PHP-Nuke allow remote attacke...
E
CVE-2008-1054 Stack-based buffer overflow in the _lib_spawn_user_getpid function in (1) swatch.exe and (2) surgema...
E
CVE-2008-1055 Format string vulnerability in webmail.exe in NetWin SurgeMail 38k4 and earlier and beta 39a, and We...
E
CVE-2008-1056 Multiple stack-based buffer overflows in Symark PowerBroker 2.8 through 5.0.1 allow local users to g...
E S
CVE-2008-1057 The ip6_check_rh0hdr function in netinet6/ip6_input.c in OpenBSD 4.2 allows attackers to cause a den...
S
CVE-2008-1058 The tcp_respond function in netinet/tcp_subr.c in OpenBSD 4.1 and 4.2 allows attackers to cause a de...
S
CVE-2008-1059 PHP remote file inclusion vulnerability in modules/syntax_highlight.php in the Sniplets 1.1.2 and 1....
E
CVE-2008-1060 Eval injection vulnerability in modules/execute.php in the Sniplets 1.1.2 and 1.2.2 plugin for WordP...
E
CVE-2008-1061 Multiple cross-site scripting (XSS) vulnerabilities in the Sniplets 1.1.2 and 1.2.2 plugin for WordP...
E
CVE-2008-1062 InterVideo IMC Server (aka IMCSvr.exe) and InterVideo Home Theater (aka IHT.exe) in InterVideo WinDV...
CVE-2008-1063 Cross-site scripting (XSS) vulnerability index.php in the XM-Memberstats (xmmemberstats) module for ...
E
CVE-2008-1064 Cross-site scripting (XSS) vulnerability in images.php in the Red Mexico RMSOFT Gallery System (GS) ...
E
CVE-2008-1065 Multiple SQL injection vulnerabilities in index.php in the XM-Memberstats (xmmemberstats) 2.0e modul...
E
CVE-2008-1066 The modifier.regex_replace.php plugin in Smarty before 2.6.19, as used by Serendipity (S9Y) and othe...
CVE-2008-1067 Multiple PHP remote file inclusion vulnerabilities in phpQLAdmin 2.2.7 allow remote attackers to exe...
E
CVE-2008-1068 Multiple PHP remote file inclusion vulnerabilities in Portail Web Php 2.5.1.1 and earlier allow remo...
E
CVE-2008-1069 Multiple PHP remote file inclusion vulnerabilities in Quantum Game Library 0.7.2c allow remote attac...
E
CVE-2008-1070 The SCTP dissector in Wireshark (formerly Ethereal) 0.99.5 through 0.99.7 allows remote attackers to...
CVE-2008-1071 The SNMP dissector in Wireshark (formerly Ethereal) 0.99.6 through 0.99.7 allows remote attackers to...
CVE-2008-1072 The TFTP dissector in Wireshark (formerly Ethereal) 0.6.0 through 0.99.7, when running on Ubuntu 7.1...
CVE-2008-1073 Cross-site scripting (XSS) vulnerability in the report interface in Internet Security Systems (ISS) ...
CVE-2008-1074 PHP remote file inclusion vulnerability in lib/head_auth.php in GROUP-E 1.6.41 allows remote attacke...
E
CVE-2008-1075 Cross-site scripting (XSS) vulnerability in index.php in Maian Cart 1.1 allows remote attackers to i...
CVE-2008-1076 Cross-site scripting (XSS) vulnerability in search.php in Interspire Shopping Cart 1.x allows remote...
CVE-2008-1077 SQL injection vulnerability in index.php in the Simpleboard (com_simpleboard) 1.0.3 Stable component...
E
CVE-2008-1078 expn in the am-utils and net-fs packages for Gentoo, rPath Linux, and other distributions, allows lo...
E
CVE-2008-1079 The outboxWriteUnsent function in FTPThread.class in SendFile.jar for Beehive Software SendFile.NET ...
CVE-2008-1080 Opera before 9.26 allows user-assisted remote attackers to read arbitrary files by tricking a user i...
S
CVE-2008-1081 Opera before 9.26 allows user-assisted remote attackers to execute arbitrary script via images that ...
S
CVE-2008-1082 Opera before 9.26 allows remote attackers to "bypass sanitization filters" and conduct cross-site sc...
S
CVE-2008-1083 Heap-based buffer overflow in the CreateDIBPatternBrushPt function in GDI in Microsoft Windows 2000 ...
E S
CVE-2008-1084 Unspecified vulnerability in the kernel in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and S...
E S
CVE-2008-1085 Use-after-free vulnerability in Microsoft Internet Explorer 5.01 SP4, 6 through SP1, and 7 allows re...
S
CVE-2008-1086 The HxTocCtrl ActiveX control (hxvz.dll), as used in Microsoft Internet Explorer 5.01 SP4 and 6 SP1,...
S
CVE-2008-1087 Stack-based buffer overflow in GDI in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, V...
E S
CVE-2008-1088 Microsoft Project 2000 Service Release 1, 2002 SP1, and 2003 SP2 allows user-assisted remote attacke...
S
CVE-2008-1089 Unspecified vulnerability in Microsoft Visio 2002 SP2, 2003 SP2 and SP3, and 2007 up to SP1 allows u...
S
CVE-2008-1090 Unspecified vulnerability in Microsoft Visio 2002 SP2, 2003 SP2 and SP3, and 2007 up to SP1 allows u...
S
CVE-2008-1091 Unspecified vulnerability in Microsoft Word in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 Of...
CVE-2008-1092 Buffer overflow in msjet40.dll before 4.0.9505.0 in Microsoft Jet Database Engine allows remote atta...
CVE-2008-1093 Acresso InstallShield Update Agent does not properly verify the authenticity of Rule Scripts obtaine...
CVE-2008-1094 SQL injection vulnerability in index.cgi in the Account View page in Barracuda Spam Firewall (BSF) b...
E
CVE-2008-1095 Unspecified vulnerability in the Internet Protocol (IP) implementation in Sun Solaris 8, 9, and 10 a...
S
CVE-2008-1096 The load_tile function in the XCF coder in coders/xcf.c in (1) ImageMagick 6.2.8-0 and (2) GraphicsM...
E
CVE-2008-1097 Heap-based buffer overflow in the ReadPCXImage function in the PCX coder in coders/pcx.c in (1) Imag...
E
CVE-2008-1098 Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.5.8 and earlier allow remote attac...
E
CVE-2008-1099 _macro_Getval in wikimacro.py in MoinMoin 1.5.8 and earlier does not properly enforce ACLs, which al...
CVE-2008-1100 Buffer overflow in the cli_scanpe function in libclamav (libclamav/pe.c) for ClamAV 0.92 and 0.92.1 ...
CVE-2008-1101 Buffer overflow in kvdocve.dll in the KeyView document viewing engine in Autonomy (formerly Verity) ...
CVE-2008-1102 Stack-based buffer overflow in the imb_loadhdr function in Blender 2.45 allows user-assisted remote ...
CVE-2008-1103 Multiple unspecified vulnerabilities in Blender have unknown impact and attack vectors, related to "...
CVE-2008-1104 Stack-based buffer overflow in Foxit Reader before 2.3 build 2912 allows user-assisted remote attack...
CVE-2008-1105 Heap-based buffer overflow in the receive_smb_raw function in util/sock.c in Samba 3.0.0 through 3.0...
E S
CVE-2008-1106 The management interface in Akamai Client (formerly Red Swoosh) 3322 and earlier allows remote attac...
S
CVE-2008-1107 Multiple stack-based buffer overflows in the Danske Bank e-Sec Control Module ActiveX control (Dansk...
CVE-2008-1108 Buffer overflow in Evolution 2.22.1, when the ITip Formatter plugin is disabled, allows remote attac...
CVE-2008-1109 Heap-based buffer overflow in Evolution 2.22.1 allows user-assisted remote attackers to execute arbi...
CVE-2008-1110 Buffer overflow in demuxers/demux_asf.c (aka the ASF demuxer) in the xineplug_dmx_asf.so plugin in x...
E S
CVE-2008-1111 mod_cgi in lighttpd 1.4.18 sends the source code of CGI scripts instead of a 500 error when a fork f...
CVE-2008-1112 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-0928. Reason: This candida...
R
CVE-2008-1113 Cisco Unified Wireless IP Phone 7921, when using Protected Extensible Authentication Protocol (PEAP)...
CVE-2008-1114 Vocera Communications wireless handsets, when using Protected Extensible Authentication Protocol (PE...
CVE-2008-1115 Unspecified vulnerability in Sun Solaris 8 directory functions allows local users to cause a denial ...
S
CVE-2008-1116 Insecure method vulnerability in the Web Scan Object ActiveX control (OL2005.dll) in Rising Antiviru...
E S
CVE-2008-1117 Directory traversal vulnerability in the Notes (aka Flash Notes or instant messages) feature in tb2f...
E
CVE-2008-1118 Timbuktu Pro 8.6.5 for Windows, and possibly 8.7 for Mac OS X, does not perform input validation bef...
E
CVE-2008-1119 Directory traversal vulnerability in include/doc/get_image.php in Centreon 1.4.2.3 and earlier allow...
E S
CVE-2008-1120 Format string vulnerability in the embedded Internet Explorer component for Mirabilis ICQ 6 build 60...
CVE-2008-1121 SQL injection vulnerability in index.php in eazyPortal 1.0 and earlier allows remote attackers to ex...
E
CVE-2008-1122 SQL injection vulnerability in the downloads module in Koobi Pro 5.7 allows remote attackers to exec...
E
CVE-2008-1123 Multiple PHP remote file inclusion vulnerabilities in SiteBuilder Elite 1.2 allow remote attackers t...
E
CVE-2008-1124 Multiple PHP remote file inclusion vulnerabilities in Podcast Generator 1.0 BETA 2 and earlier allow...
E
CVE-2008-1125 Multiple directory traversal vulnerabilities in Podcast Generator 1.0 BETA 2 and earlier allow remot...
E
CVE-2008-1126 PHP remote file inclusion vulnerability in main.php in Barryvan Compo Manager 0.3 allows remote atta...
E
CVE-2008-1127 Format string vulnerability in the cryactio function in Crysis 1.1.1.5879 allows remote authenticate...
E
CVE-2008-1128 PHP remote file inclusion vulnerability in tourney/index.php in phpMyTourney 2 allows remote attacke...
E
CVE-2008-1129 Cross-site scripting (XSS) vulnerability in admin/users/self.php in XRMS CRM allows remote attackers...
CVE-2008-1130 Unspecified vulnerability in IBM WebSphere MQ 6.0.x before 6.0.2.2 and 5.3 before Fix Pack 14 allows...
CVE-2008-1131 Cross-site scripting (XSS) vulnerability in Drupal 6.0 allows remote authenticated users to inject a...
S
CVE-2008-1132 Untrusted search path vulnerability in src/mainwindow.c in Net Activity Viewer 0.2.1 allows local us...
S
CVE-2008-1133 The Drupal.checkPlain function in Drupal 6.0 only escapes the first instance of a character in ECMAS...
S
CVE-2008-1134 OMEGA (aka Omegasoft) INterneSErvicesLosungen (INSEL) 7 supports authentication with a cookie that l...
CVE-2008-1135 OMEGA (aka Omegasoft) INterneSErvicesLosungen (INSEL) 7 generates different responses depending on w...
E
CVE-2008-1136 The Utils::runScripts function in src/utils.cpp in vdccm 0.92 through 0.10.0 in SynCE (SynCE-dccm) a...
E
CVE-2008-1137 SQL injection vulnerability in the Garys Cookbook (com_garyscookbook) 1.1.1 and earlier component fo...
E
CVE-2008-1138 DLMFENC.sys 1.0.0.26 in DESlock+ 3.2.6 and earlier allows local users to cause a denial of service (...
E S
CVE-2008-1139 DESlock+ 3.2.6 and earlier, when DLMFENC.sys 1.0.0.26 and DLMFDISK.sys 1.2.0.27 are present, allows ...
E S
CVE-2008-1140 DLMFDISK.sys 1.2.0.27 in DESlock+ 3.2.6 and earlier allows local users to gain privileges via a cert...
E
CVE-2008-1141 Memory leak in DLMFENC.sys 1.0.0.26 in DESlock+ 3.2.6 and earlier allows local users to cause a deni...
E S
CVE-2008-1142 rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might...
S
CVE-2008-1144 The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W...
CVE-2008-1145 Directory traversal vulnerability in WEBrick in Ruby 1.8 before 1.8.5-p115 and 1.8.6-p114, and 1.9 t...
E S
CVE-2008-1146 A certain pseudo-random number generator (PRNG) algorithm that uses XOR and 3-bit random hops (aka "...
CVE-2008-1147 A certain pseudo-random number generator (PRNG) algorithm that uses XOR and 2-bit random hops (aka "...
CVE-2008-1148 A certain pseudo-random number generator (PRNG) algorithm that uses ADD with 0 random hops (aka "Alg...
CVE-2008-1149 phpMyAdmin before 2.11.5 accesses $_REQUEST to obtain some parameters instead of $_GET and $_POST, w...
S
CVE-2008-1150 The virtual private dial-up network (VPDN) component in Cisco IOS before 12.3 allows remote attacker...
S
CVE-2008-1151 Memory leak in the virtual private dial-up network (VPDN) component in Cisco IOS before 12.3 allows ...
CVE-2008-1152 The data-link switching (DLSw) component in Cisco IOS 12.0 through 12.4 allows remote attackers to c...
S
CVE-2008-1153 Cisco IOS 12.1, 12.2, 12.3, and 12.4, with IPv4 UDP services and the IPv6 protocol enabled, allows r...
E S
CVE-2008-1154 The Disaster Recovery Framework (DRF) master server in Cisco Unified Communications products, includ...
S
CVE-2008-1155 Cisco Network Admission Control (NAC) Appliance 3.5.x, 3.6.x before 3.6.4.4, 4.0.x before 4.0.6, and...
S
CVE-2008-1156 Unspecified vulnerability in the Multicast Virtual Private Network (MVPN) implementation in Cisco IO...
S
CVE-2008-1157 Cisco CiscoWorks Internetwork Performance Monitor (IPM) 2.6 creates a process that executes a comman...
S
CVE-2008-1158 The Presence Engine (PE) service in Cisco Unified Presence before 6.0(1) allows remote attackers to ...
CVE-2008-1159 Multiple unspecified vulnerabilities in the SSH server in Cisco IOS 12.4 allow remote attackers to c...
S
CVE-2008-1160 ZyXEL ZyWALL 1050 has a hard-coded password for the Quagga and Zebra processes that is not changed w...
E
CVE-2008-1161 Buffer overflow in the Matroska demuxer (demuxers/demux_matroska.c) in xine-lib before 1.1.10.1 allo...
CVE-2008-1162 SQL injection vulnerability in album.php in PHP WEB SCRIPT Dynamic Photo Gallery 1.02 allows remote ...
E
CVE-2008-1163 SQL injection vulnerability in index.php in phpArcadeScript 1.0 through 3.0 RC2 allows remote attack...
E
CVE-2008-1164 SQL injection vulnerability in index.php in phpComasy 0.8 allows remote attackers to execute arbitra...
E
CVE-2008-1165 Multiple cross-site scripting (XSS) vulnerabilities in Flyspray 0.9.9 through 0.9.9.4 allow remote a...
CVE-2008-1166 Flyspray 0.9.9.4 generates different error messages depending on whether the username is valid or in...
CVE-2008-1167 Stack-based buffer overflow in the useragent function in useragent.c in Squid Analysis Report Genera...
CVE-2008-1168 Cross-site scripting (XSS) vulnerability in Squid Analysis Report Generator (Sarg) 2.2.3.1 allows re...
CVE-2008-1169 Directory traversal vulnerability in the embedded HTTP server in SCI Photo Chat Server 3.4.9 and ear...
CVE-2008-1170 Multiple PHP remote file inclusion vulnerabilities in KCWiki 1.0 allow remote attackers to execute a...
CVE-2008-1171 Multiple PHP remote file inclusion vulnerabilities in the 123 Flash Chat Module for phpBB allow remo...
CVE-2008-1172 Cross-site request forgery (CSRF) vulnerabilities in account-inbox.php in TorrentTrader Classic 1.08...
CVE-2008-1173 Cross-site scripting (XSS) vulnerability in account-inbox.php in TorrentTrader Classic 1.08 allows r...
CVE-2008-1174 Cross-site scripting (XSS) vulnerability in editUser.asp in AuthentiX 6.3b1 Trial allows remote atta...
CVE-2008-1175 Cross-site scripting (XSS) vulnerability in AuthentiX 6.3b1 Trial allows remote attackers to inject ...
CVE-2008-1176 Cross-site scripting (XSS) vulnerability in function/sideblock.php in Affiliate Market (affmarket) 0...
E
CVE-2008-1177 SQL injection vulnerability in shop/detail.php in Affiliate Market (affmarket) 0.1 BETA allows remot...
E
CVE-2008-1178 Directory traversal vulnerability in include/doc/index.php in Centreon 1.4.2.3 and earlier allows re...
CVE-2008-1179 Multiple cross-site scripting (XSS) vulnerabilities in include/common/javascript/color_picker.php in...
CVE-2008-1180 Cross-site scripting (XSS) vulnerability in dana-na/auth/rdremediate.cgi in Juniper Networks Secure ...
E
CVE-2008-1181 Juniper Networks Secure Access 2000 5.5 R1 (build 11711) allows remote attackers to obtain sensitive...
CVE-2008-1182 Cross-site scripting (XSS) vulnerability in BSD Perimeter pfSense before 1.2 allows remote attackers...
CVE-2008-1183 Multiple cross-site scripting (XSS) vulnerabilities in Crafty Syntax Live Help (CSLH) before 2.14.6 ...
S
CVE-2008-1184 The DNSSEC validation library (libval) library in dnssec-tools before 1.3.1 does not properly check ...
S
CVE-2008-1185 Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 6 Up...
S
CVE-2008-1186 Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 5.0 ...
S
CVE-2008-1187 Unspecified vulnerability in Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 ...
S
CVE-2008-1188 Multiple buffer overflows in the useEncodingDecl function in Java Web Start in Sun JDK and JRE 6 Upd...
S
CVE-2008-1189 Buffer overflow in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earli...
S
CVE-2008-1190 Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14...
CVE-2008-1191 Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier allows remote ...
S
CVE-2008-1192 Unspecified vulnerability in the Java Plug-in for Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Up...
S
CVE-2008-1193 Unspecified vulnerability in Java Runtime Environment Image Parsing Library in Sun JDK and JRE 6 Upd...
S
CVE-2008-1194 Multiple unspecified vulnerabilities in the color management library in Sun JDK and JRE 6 Update 4 a...
S
CVE-2008-1195 Unspecified vulnerability in Sun JDK and Java Runtime Environment (JRE) 6 Update 4 and earlier and 5...
CVE-2008-1196 Stack-based buffer overflow in Java Web Start (javaws.exe) in Sun JDK and JRE 6 Update 4 and earlier...
S
CVE-2008-1197 The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W...
CVE-2008-1198 The default IPSec ifup script in Red Hat Enterprise Linux 3 through 5 configures racoon to use aggre...
E
CVE-2008-1199 Dovecot before 1.0.11, when configured to use mail_extra_groups to allow Dovecot to create dotlocks ...
S
CVE-2008-1200 Unspecified vulnerability in Microsoft Access allows remote user-assisted attackers to execute arbit...
CVE-2008-1201 Multiple unspecified vulnerabilities in FLA file parsing in Adobe Flash CS3 Professional, Flash Prof...
CVE-2008-1202 Cross-site scripting (XSS) vulnerability in the web management interface in Adobe LiveCycle Workflow...
CVE-2008-1203 The administrator interface for Adobe ColdFusion 8 and ColdFusion MX7 does not log failed authentica...
S
CVE-2008-1204 Multiple cross-site scripting (XSS) vulnerabilities in the Administration Console in Sun Java System...
S
CVE-2008-1205 Unspecified vulnerability in the ipsecah kernel module in Sun Solaris 10, when a key management daem...
S
CVE-2008-1206 Format string vulnerability in the log_message function in lks.c in Linux Kiss Server 1.2, when back...
E
CVE-2008-1207 Multiple unspecified vulnerabilities in Fujitsu Interstage Smart Repository, as used in multiple Fuj...
S
CVE-2008-1208 Cross-site scripting (XSS) vulnerability in the login page in Check Point VPN-1 UTM Edge W Embedded ...
CVE-2008-1209 Cross-site scripting (XSS) vulnerability in redirect.do in Xitex WebContent M1 allows remote attacke...
CVE-2008-1210 Stack-based buffer overflow in the ctags parsing code in Programmer's Notepad before 2.0.8.718 allow...
CVE-2008-1211 Cross-site scripting (XSS) vulnerability in BosDates 3.x and 4.x allows remote attackers to inject a...
CVE-2008-1212 Cross-site scripting (XSS) vulnerability in set_permissions.php in Podcast Generator 0.96.2 allows r...
CVE-2008-1213 Cross-site scripting (XSS) vulnerability in Numara FootPrints for Linux 8.1 allows remote attackers ...
CVE-2008-1214 MRcgi/MRProcessIncomingForms.pl in Numara FootPrints 8.1 on Linux allows remote attackers to execute...
CVE-2008-1215 Stack-based buffer overflow in the command_Expand_Interpret function in command.c in ppp (aka user-p...
E
CVE-2008-1216 IBM Lotus Quickr 8.0 server, and possibly QuickPlace 7.x, does not properly identify URIs containing...
CVE-2008-1217 Unspecified vulnerability in nlnotes.dll in the client in IBM Lotus Notes 6.5, 7.0.x before 7.0.2 CC...
CVE-2008-1218 Argument injection vulnerability in Dovecot 1.0.x before 1.0.13, and 1.1.x before 1.1.rc3, when usin...
E
CVE-2008-1219 SQL injection vulnerability in the Kutub-i Sitte (KutubiSitte) 1.1 module for PHP-Nuke allows remote...
E
CVE-2008-1220 SQL injection vulnerability in the 4nChat 0.91 module for PHP-Nuke allows remote attackers to execut...
E
CVE-2008-1221 Absolute path traversal vulnerability in the FTP server in MicroWorld eScan Corporate Edition 9.0.74...
E
CVE-2008-1222 Cross-site scripting (XSS) vulnerability in Dokeos 1.8.4 before SP3 allows remote attackers to injec...
S
CVE-2008-1223 Unspecified vulnerability in Dokeos 1.8.4 before SP3 allows attackers to execute arbitrary code via ...
S
CVE-2008-1224 Cross-site scripting (XSS) vulnerability in account.php in BosClassifieds Classified Ads System 3.0 ...
CVE-2008-1225 Multiple cross-site scripting (XSS) vulnerabilities in WebCT Campus Edition 4.1.5.8, when "Don't wra...
E
CVE-2008-1226 Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Collaboration Suite (ZCS) 4.0.3, 4.5.6...
S
CVE-2008-1227 Stack-based buffer overflow in the silc_fingerprint function in lib/silcutil/silcutil.c in Secure In...
S
CVE-2008-1228 Cross-site scripting (XSS) vulnerability in admin.php in MG2 (formerly Minigal) allows remote attack...
E
CVE-2008-1229 Cross-site scripting (XSS) vulnerability in Edit.jsp in JSPWiki 2.4.104 and 2.5.139 allows remote at...
E
CVE-2008-1230 Unrestricted file upload vulnerability in JSPWiki 2.4.104 and 2.5.139 allows remote attackers to upl...
E
CVE-2008-1231 Directory traversal vulnerability in Edit.jsp in JSPWiki 2.4.104 and 2.5.139 allows remote attackers...
E
CVE-2008-1232 Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26...
E S
CVE-2008-1233 Unspecified vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMo...
CVE-2008-1234 Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0....
CVE-2008-1235 Unspecified vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMo...
S
CVE-2008-1236 Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13...
CVE-2008-1237 Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13...
CVE-2008-1238 Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9, when generating the HTTP Referer header,...
E
CVE-2008-1239 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2008-1240 LiveConnect in Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9 does not properly parse th...
CVE-2008-1241 GUI overlay vulnerability in Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9 allows remot...
CVE-2008-1242 The control panel on the Belkin F5D7230-4 router with firmware 9.01.10 maintains authentication stat...
CVE-2008-1243 Cross-site scripting (XSS) vulnerability on the Linksys WRT300N router with firmware 2.00.20, when M...
E
CVE-2008-1244 cgi-bin/setup_dns.exe on the Belkin F5D7230-4 router with firmware 9.01.10 does not require authenti...
E
CVE-2008-1245 cgi-bin/setup_virtualserver.exe on the Belkin F5D7230-4 router with firmware 9.01.10 allows remote a...
E
CVE-2008-1246 The Cisco PIX/ASA Finesse Operation System 7.1 and 7.2 allows local users to gain privileges by ente...
CVE-2008-1247 The web interface on the Linksys WRT54g router with firmware 1.00.9 does not require credentials whe...
E
CVE-2008-1248 The web interface on the central phone server for the Snom 320 SIP Phone allows remote attackers to ...
E
CVE-2008-1249 snomControl.swf in the central phone server for the Snom 320 SIP Phone allows remote attackers to ca...
CVE-2008-1250 Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface on the central phone...
CVE-2008-1251 Cross-site scripting (XSS) vulnerability in the web interface on the central phone server for the Sn...
CVE-2008-1252 b_banner.stm (aka the login page) on the Deutsche Telekom Speedport W500 DSL router allows remote at...
E
CVE-2008-1253 Cross-site scripting (XSS) vulnerability in cgi-bin/webcm on the D-Link DSL-G604T router allows remo...
E
CVE-2008-1254 Multiple cross-site request forgery (CSRF) vulnerabilities on the ZyXEL P-660HW series router allow ...
E
CVE-2008-1255 The ZyXEL P-660HW series router maintains authentication state by IP address, which allows remote at...
CVE-2008-1256 The ZyXEL P-660HW series router has "admin" as its default password, which allows remote attackers t...
CVE-2008-1257 Cross-site scripting (XSS) vulnerability in Forms/DiagGeneral_2 on the ZyXEL P-660HW series router a...
CVE-2008-1258 Cross-site scripting (XSS) vulnerability in prim.htm on the D-Link DI-604 router allows remote attac...
E
CVE-2008-1259 The Zyxel P-2602HW-D1A router with 3.40(AJZ.1) firmware maintains authentication state by IP address...
E
CVE-2008-1260 Multiple cross-site request forgery (CSRF) vulnerabilities on the Zyxel P-2602HW-D1A router with 3.4...
CVE-2008-1261 The Zyxel P-2602HW-D1A router with 3.40(AJZ.1) firmware provides different responses to admin page r...
CVE-2008-1262 The administration panel on the Airspan WiMax ProST 4.1 antenna with 6.5.38.0 software does not veri...
E
CVE-2008-1263 The Linksys WRT54G router stores passwords and keys in cleartext in the Config.bin file, which might...
E
CVE-2008-1264 The Linksys WRT54G router has "admin" as its default FTP password, which allows remote attackers to ...
CVE-2008-1265 The Linksys WRT54G router allows remote attackers to cause a denial of service (device restart) via ...
CVE-2008-1266 Multiple buffer overflows in the web interface on the D-Link DI-524 router allow remote attackers to...
CVE-2008-1267 The Siemens SpeedStream 6520 router allows remote attackers to cause a denial of service (web interf...
E
CVE-2008-1268 The FTP server on the Linksys WRT54G 7 router with 7.00.1 firmware does not verify authentication cr...
CVE-2008-1269 cp06_wifi_m_nocifr.cgi in the admin panel on the Alice Gate 2 Plus Wi-Fi router does not verify auth...
E
CVE-2008-1270 mod_userdir in lighttpd 1.4.18 and earlier, when userdir.path is not set, uses a default of $HOME, w...
E
CVE-2008-1271 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-1218. Reason: This candida...
R
CVE-2008-1272 Multiple SQL injection vulnerabilities in BM Classifieds 20080309 and earlier allow remote attackers...
E
CVE-2008-1273 Multiple cross-site scripting (XSS) vulnerabilities in imageVue 1.7 allow remote attackers to inject...
E
CVE-2008-1274 Untrusted search path vulnerability in man in IBM AIX 6.1.0 allows local users to execute arbitrary ...
CVE-2008-1275 Multiple unspecified vulnerabilities in the SMTP service in MailEnable Standard Edition 1.x, Profess...
E S
CVE-2008-1276 Multiple buffer overflows in the IMAP service (MEIMAPS.EXE) in MailEnable Professional Edition and E...
E
CVE-2008-1277 The IMAP service (MEIMAPS.exe) in MailEnable Professional Edition and Enterprise Edition 3.13 and ea...
E
CVE-2008-1278 The RemotelyAnywhere.exe service in the Remotely Anywhere Server and Workstation 8.0.668 and earlier...
E
CVE-2008-1279 Acronis True Image Group Server 1.5.19.191 and earlier, included in Acronis True Image Enterprise Se...
CVE-2008-1280 Acronis True Image Windows Agent 1.0.0.54 and earlier, included in Acronis True Image Enterprise Ser...
CVE-2008-1281 Directory traversal vulnerability in TFTPsrvs.exe 2.5.3.1 and earlier, as used in Argon Technology C...
E
CVE-2008-1282 Buffer overflow in the BFup ActiveX control (BFup.dll) in B21Soft BFup before 1.0.802.29 allows remo...
E
CVE-2008-1283 Cross-site scripting (XSS) vulnerability in Neptune Web Server 3.0 allows remote attackers to inject...
E
CVE-2008-1284 Directory traversal vulnerability in Horde 3.1.6, Groupware before 1.0.5, and Groupware Webmail Edit...
S
CVE-2008-1285 Cross-site scripting (XSS) vulnerability in Sun Java Server Faces (JSF) 1.2 before 1.2_08 allows rem...
S
CVE-2008-1286 Unspecified vulnerability in Sun Java Web Console 3.0.2, 3.0.3, and 3.0.4 allows remote attackers to...
S
CVE-2008-1287 IBM Rational ClearQuest 7.0.1.1 and 7.0.0.2 generates different error messages depending on whether ...
S
CVE-2008-1288 IBM Rational ClearQuest 7.0.1.1 and 7.0.0.2 might allow local or remote attackers to obtain sensitiv...
S
CVE-2008-1289 Multiple buffer overflows in Asterisk Open Source 1.4.x before 1.4.18.1 and 1.4.19-rc3, Open Source ...
E
CVE-2008-1290 ViewVC before 1.0.5 includes "all-forbidden" files within search results that list CVS or Subversion...
S
CVE-2008-1291 ViewVC before 1.0.5 stores sensitive information under the web root with insufficient access control...
S
CVE-2008-1292 ViewVC before 1.0.5 provides revision metadata without properly checking whether access was intended...
S
CVE-2008-1293 ldm in Linux Terminal Server Project (LTSP) 0.99 and 2 passes the -ac option to the X server on each...
CVE-2008-1294 Linux kernel 2.6.17, and other versions before 2.6.22, does not check when a user attempts to set RL...
CVE-2008-1295 SQL injection vulnerability in archives.php in Gregory Kokanosky (aka Greg's Place) phpMyNewsletter ...
E
CVE-2008-1296 Multiple cross-site scripting (XSS) vulnerabilities in EncapsGallery 1.11.2 allow remote attackers t...
CVE-2008-1297 SQL injection vulnerability in index.php in the eWriting (com_ewriting) 1.2.1 module for Mambo and J...
E
CVE-2008-1298 SQL injection vulnerability in Hadith module for PHP-Nuke allows remote attackers to execute arbitra...
E
CVE-2008-1299 Cross-site scripting (XSS) vulnerability in SolutionSearch.do in ManageEngine ServiceDesk Plus 7.0.0...
CVE-2008-1300 Cross-site scripting (XSS) vulnerability in the Logfile Viewer Settings function in system/workplace...
E
CVE-2008-1301 Absolute path traversal vulnerability in system/workplace/admin/workplace/logfileview/logfileViewSet...
E
CVE-2008-1302 The Perforce service (p4s.exe) in Perforce Server 2007.3/143793 and earlier allows remote attackers ...
CVE-2008-1303 The Perforce service (p4s.exe) in Perforce Server 2007.3/143793 and earlier allows remote attackers ...
E
CVE-2008-1304 Multiple cross-site scripting (XSS) vulnerabilities in WordPress 2.3.2 allow remote attackers to inj...
CVE-2008-1305 SQL injection vulnerability in filebase.php in the Filebase mod for phpBB allows remote attackers to...
E
CVE-2008-1306 Multiple cross-site scripting (XSS) vulnerabilities in Savvy Content Manager (CM) allow remote attac...
CVE-2008-1307 Heap-based buffer overflow in the KUpdateObj2 Class ActiveX control in UpdateOcx2.dll in Beijing Kin...
E
CVE-2008-1308 SQL injection vulnerability in the Sudirman Angriawan NukeC30 3.0 module for PHP-Nuke allows remote ...
E
CVE-2008-1309 The RealAudioObjects.RealAudio ActiveX control in rmoc3260.dll in RealNetworks RealPlayer Enterprise...
E
CVE-2008-1310 Directory traversal vulnerability in the TFTP server in PacketTrap Networks pt360 Tool Suite 1.1.33....
CVE-2008-1311 The TFTP server in PacketTrap pt360 Tool Suite PRO 2.0.3901.0 and earlier allows remote attackers to...
E
CVE-2008-1312 Unspecified vulnerability in the TFTP server in PacketTrap Networks pt360 Tool Suite 1.1.33.1.0, and...
CVE-2008-1313 Multiple SQL injection vulnerabilities in index.php in Bloo 1.00 and earlier allow remote attackers ...
E
CVE-2008-1314 SQL injection vulnerability in the Johannes Hass gaestebuch 2.2 module for PHP-Nuke allows remote at...
E
CVE-2008-1315 SQL injection vulnerability in the ZClassifieds module for PHP-Nuke allows remote attackers to execu...
E
CVE-2008-1316 SQL injection vulnerability in qtf_ind_search_ov.php in QT-cute QuickTalk Forum 1.6 and earlier allo...
E
CVE-2008-1317 Unspecified vulnerability in the Inter-Process Communication (IPC) message queue subsystem in Sun So...
S
CVE-2008-1318 Unspecified vulnerability in MediaWiki 1.11 before 1.11.2 allows remote attackers to obtain sensitiv...
S
CVE-2008-1319 Untrusted search path and argument injection vulnerability in the VersantD service in Versant Object...
E
CVE-2008-1320 Multiple buffer overflows in ASG-Sentry Network Manager 7.0.0 and earlier allow remote attackers to ...
E
CVE-2008-1321 The FxIAList service in ASG-Sentry Network Manager 7.0.0 and earlier does require authentication, wh...
E
CVE-2008-1322 The File Check Utility (fcheck.exe) in ASG-Sentry Network Manager 7.0.0 and earlier allows remote at...
E
CVE-2008-1323 Cross-site request forgery (CSRF) vulnerability in index.php in WoltLab Burning Board Lite (wBB) 2 B...
E
CVE-2008-1324 Multiple directory traversal vulnerabilities in index.php in Travelsized CMS 0.4.1 allow remote atta...
E
CVE-2008-1325 Multiple directory traversal vulnerabilities in index.php in Uberghey CMS 0.3.1 allow remote attacke...
E
CVE-2008-1326 Cross-site scripting (XSS) vulnerability in search.php in Gallarific allows remote attackers to inje...
E
CVE-2008-1327 Gallarific does not require authentication for (1) users.php and (2) index.php, which allows remote ...
E
CVE-2008-1328 Buffer overflow in the LGServer service in CA ARCserve Backup for Laptops and Desktops r11.0 through...
S
CVE-2008-1329 Unspecified vulnerability in the NetBackup service in CA ARCserve Backup for Laptops and Desktops r1...
CVE-2008-1330 Unspecified vulnerability in the Windows client API in Novell GroupWise 7 before SP3 and 6.5 before ...
S
CVE-2008-1331 cgi-data/FastJSData.cgi in OmniPCX Office with Internet Access services OXO210 before 210/091.001, O...
E
CVE-2008-1332 Unspecified vulnerability in Asterisk Open Source 1.2.x before 1.2.27, 1.4.x before 1.4.18.1 and 1.4...
S
CVE-2008-1333 Format string vulnerability in Asterisk Open Source 1.6.x before 1.6.0-beta6 might allow remote atta...
S
CVE-2008-1334 cgi/b on the BT Home Hub router allows remote attackers to bypass authentication, and read or modify...
E
CVE-2008-1335 The ipsec4_get_ulp function in the kernel in NetBSD 2.0 through 3.1 and NetBSD-current before 200710...
CVE-2008-1336 SQL injection vulnerability in Koobi CMS 4.2.3 through 4.3.0 allows remote attackers to execute arbi...
E
CVE-2008-1337 The instant message service in Timbuktu Pro 8.6.5 RC 229 and earlier for Windows allows remote attac...
E
CVE-2008-1338 The Perforce service (p4s.exe) in Perforce Server 2007.3/143793 and earlier allows remote attackers ...
E
CVE-2008-1340 Virtual Machine Communication Interface (VMCI) in VMware Workstation 6.0.x before 6.0.3, VMware Play...
S
CVE-2008-1341 SQL injection vulnerability in SearchResults.aspx in LaGarde StoreFront 6 before SP8 allows remote a...
CVE-2008-1342 Multiple cross-site scripting (XSS) vulnerabilities in the search feature in Polymita BPM-Suite and ...
CVE-2008-1343 Directory traversal vulnerability in (1) pkgadd and (2) pkgrm in SCO UnixWare 7.1.4 allows local use...
S
CVE-2008-1344 Multiple SQL injection vulnerabilities in MyioSoft EasyCalendar 4.0tr and earlier allow remote attac...
E
CVE-2008-1345 Cross-site scripting (XSS) vulnerability in plugins/calendar/calendar_backend.php in MyioSoft EasyCa...
E
CVE-2008-1346 SQL injection vulnerability in staticpages/easygallery/index.php in MyioSoft EasyGallery 5.0tr and e...
E
CVE-2008-1347 Multiple cross-site scripting (XSS) vulnerabilities in staticpages/easygallery/index.php in MyioSoft...
E
CVE-2008-1348 Cross-site scripting (XSS) vulnerability in index.php in the eWebsite eWeather (Weather) module for ...
E
CVE-2008-1349 SQL injection vulnerability in viewcat.php in the bamaGalerie (Bama Galerie) 3.03 and 3.041 module f...
E
CVE-2008-1350 SQL injection vulnerability in kb.php in Fully Modded phpBB (phpbbfm) 80220 allows remote attackers ...
E
CVE-2008-1351 SQL injection vulnerability in the Tutorials 2.1b module for XOOPS allows remote attackers to execut...
E
CVE-2008-1352 Directory traversal vulnerability in search.php in EdiorCMS (ecms) 3.0 allows remote attackers to re...
CVE-2008-1353 zabbix_agentd in ZABBIX 1.4.4 allows remote attackers to cause a denial of service (CPU and connecti...
CVE-2008-1354 SQL injection vulnerability in MyIssuesView.asp in Advanced Data Solutions Virtual Support Office-XP...
E
CVE-2008-1355 Cross-site scripting (XSS) vulnerability in index.php in Jeebles Technology Jeebles Directory 2.9.60...
E
CVE-2008-1356 Unspecified vulnerability in xscreensaver in Sun Solaris 10 Java Desktop System (JDS), when using th...
S
CVE-2008-1357 Format string vulnerability in the logDetail function of applib.dll in McAfee Common Management Agen...
E
CVE-2008-1358 Stack-based buffer overflow in the IMAP server in Alt-N Technologies MDaemon 9.6.4 allows remote aut...
E
CVE-2008-1359 Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB or IP.Board) 2.3.4 before 2008...
S
CVE-2008-1360 Cross-site scripting (XSS) vulnerability in Nagios before 2.11 allows remote attackers to inject arb...
S
CVE-2008-1361 VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1...
S
CVE-2008-1362 VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1...
S
CVE-2008-1363 VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1...
S
CVE-2008-1364 Unspecified vulnerability in the DHCP service in VMware Workstation 5.5.x before 5.5.6, VMware Playe...
S
CVE-2008-1365 Stack-based buffer overflow in Trend Micro OfficeScan Corporate Edition 8.0 Patch 2 build 1189 and e...
E
CVE-2008-1366 Trend Micro OfficeScan Corporate Edition 8.0 Patch 2 build 1189 and earlier, and 7.3 Patch 3 build 1...
CVE-2008-1367 gcc 4.3.x does not generate a cld instruction while compiling functions used for string manipulation...
E
CVE-2008-1368 CRLF injection vulnerability in Microsoft Internet Explorer 5 and 6 allows remote attackers to execu...
E
CVE-2008-1369 A certain incorrect Sun Solaris 10 image on SPARC Enterprise T5120 and T5220 servers has /etc/defaul...
CVE-2008-1370 PHP remote file inclusion vulnerability in index.php in wildmary Yap Blog 1.1 allows remote attacker...
E
CVE-2008-1371 Absolute path traversal vulnerability in install/index.php in Drake CMS 0.4.11 RC8 allows remote att...
E
CVE-2008-1372 bzlib.c in bzip2 before 1.0.5 allows user-assisted remote attackers to cause a denial of service (cr...
E
CVE-2008-1373 Buffer overflow in the gif_read_lzw function in CUPS 1.3.6 allows remote attackers to have an unknow...
E S
CVE-2008-1374 Integer overflow in pdftops filter in CUPS in Red Hat Enterprise Linux 3 and 4, when running on 64-b...
CVE-2008-1375 Race condition in the directory notification subsystem (dnotify) in Linux kernel 2.6.x before 2.6.24...
S
CVE-2008-1376 A certain Red Hat build script for nfs-utils before 1.0.9-35z.el5_2 on Red Hat Enterprise Linux (RHE...
CVE-2008-1377 The (1) SProcRecordCreateContext and (2) SProcRecordRegisterClients functions in the Record extensio...
S
CVE-2008-1378 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-2360, CVE-2008-2361, CVE-20...
R
CVE-2008-1379 Integer overflow in the fbShmPutImage function in the MIT-SHM extension in the X server 1.4 in X.Org...
S
CVE-2008-1380 The JavaScript engine in Mozilla Firefox before 2.0.0.14, Thunderbird before 2.0.0.14, and SeaMonkey...
S
CVE-2008-1381 ZoneMinder before 1.23.3 allows remote authenticated users, and possibly unauthenticated attackers i...
CVE-2008-1382 libpng 1.0.6 through 1.0.32, 1.2.0 through 1.2.26, and 1.4.0beta01 through 1.4.0beta19 allows contex...
CVE-2008-1383 The docert function in ssl-cert.eclass, when used by src_compile or src_install on Gentoo Linux, sto...
CVE-2008-1384 Integer overflow in PHP 5.2.5 and earlier allows context-dependent attackers to cause a denial of se...
E
CVE-2008-1385 Cross-site scripting (XSS) vulnerability in the Top Referrers (aka referrer) plugin in Serendipity (...
E S
CVE-2008-1386 Multiple cross-site scripting (XSS) vulnerabilities in the installer in Serendipity (S9Y) 1.3 allow ...
E S
CVE-2008-1387 ClamAV before 0.93 allows remote attackers to cause a denial of service (CPU consumption) via a craf...
E S
CVE-2008-1389 libclamav/chmunpack.c in the chm-parser in ClamAV before 0.94 allows remote attackers to cause a den...
S
CVE-2008-1390 The AsteriskGUI HTTP server in Asterisk Open Source 1.4.x before 1.4.19-rc3 and 1.6.x before 1.6.0-b...
CVE-2008-1391 Multiple integer overflows in libc in NetBSD 4.x, FreeBSD 6.x and 7.x, and probably other BSD and Ap...
E
CVE-2008-1392 The default configuration of VMware Workstation 6.0.2, VMware Player 2.0.x before 2.0.3, and VMware ...
S
CVE-2008-1393 Plone CMS 3.0.5, and probably other 3.x versions, places a base64 encoded form of the username and p...
E
CVE-2008-1394 Plone CMS before 3 places a base64 encoded form of the username and password in the __ac cookie for ...
CVE-2008-1395 Plone CMS does not record users' authentication states, and implements the logout feature solely on ...
CVE-2008-1396 Plone CMS 3.x uses invariant data (a client username and a server secret) when calculating an HMAC-S...
CVE-2008-1397 Check Point VPN-1 Power/UTM, with NGX R60 through R65 and NG AI R55 software, allows remote authenti...
E S
CVE-2008-1398 SQL injection vulnerability in online.php in AuraCMS 2.0 through 2.2.1 allows remote attackers to ex...
E
CVE-2008-1399 Multiple cross-site scripting (XSS) vulnerabilities in index.php in Clansphere 2008 allow remote att...
E
CVE-2008-1400 Directory traversal vulnerability in the Net Inspector HTTP Server (mghttpd) in MG-SOFT Net Inspecto...
E
CVE-2008-1401 Format string vulnerability in the Net Inspector HTTP server (mghttpd) in MG-SOFT Net Inspector 6.5....
E
CVE-2008-1402 MG-SOFT Net Inspector 6.5.0.828 and earlier for Windows allows remote attackers to cause a (1) denia...
E
CVE-2008-1403 Stack-based buffer overflow in the TFTP server in BootManage TFTPD 1.99 and earlier in BootManage Ad...
CVE-2008-1404 SQL injection vulnerability in index.php in the Viso (Industry Book) 2.04 and 2.03 module for eXV2 a...
E
CVE-2008-1405 PHP remote file inclusion vulnerability in code/display.php in fuzzylime (cms) 3.01 allows remote at...
E
CVE-2008-1406 SQL injection vulnerability in annonces-p-f.php in the MyAnnonces 1.8 module for eXV2 allows remote ...
E
CVE-2008-1407 SQL injection vulnerability in index.php in the WebChat 1.60 module for eXV2 allows remote attackers...
E
CVE-2008-1408 SQL injection vulnerability in includes/functions/banners-external.php in phpBP 2 RC3 (2.204) FIX 4 ...
E
CVE-2008-1409 Multiple directory traversal vulnerabilities in the Default theme in Exero CMS 1.0.1 allow remote at...
E
CVE-2008-1410 Directory traversal vulnerability in the PXE Server (pxesrv.exe) in Acronis Snap Deploy 2.0.0.1076 a...
E
CVE-2008-1411 The PXE Server (pxesrv.exe) in Acronis Snap Deploy 2.0.0.1076 and earlier allows remote attackers to...
E
CVE-2008-1412 Unspecified vulnerability in multiple F-Secure anti-virus products, including Internet Security 2006...
S
CVE-2008-1413 Cross-site scripting (XSS) vulnerability in search.php in SNewsCMS Rus 2.1 through 2.4 allows remote...
E
CVE-2008-1414 Cross-site scripting (XSS) vulnerability in Multiple Time Sheets (MTS) 5.0 and earlier allows remote...
E
CVE-2008-1415 Directory traversal vulnerability in index.php in Multiple Time Sheets (MTS) 5.0 and earlier allows ...
E
CVE-2008-1416 Multiple PHP remote file inclusion vulnerabilities in PHPauction GPL 2.51 allow remote attackers to ...
E
CVE-2008-1417 The prerm script in axyl 2.1.7 allows local users to overwrite arbitrary files via a symlink attack ...
CVE-2008-1419 Xiph.org libvorbis 1.2.0 and earlier does not properly handle a zero value for codebook.dim, which a...
E
CVE-2008-1420 Integer overflow in residue partition value (aka partvals) evaluation in Xiph.org libvorbis 1.2.0 an...
CVE-2008-1421 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...
R
CVE-2008-1422 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-1419. Reason: This candida...
R
CVE-2008-1423 Integer overflow in a certain quantvals and quantlist calculation in Xiph.org libvorbis 1.2.0 and ea...
CVE-2008-1425 SQL injection vulnerability in index.php in the gallery module in Easy-Clanpage 2.2 allows remote at...
E
CVE-2008-1426 SQL injection vulnerability in album.asp in KAPhotoservice allows remote attackers to execute arbitr...
E
CVE-2008-1427 SQL injection vulnerability in the Joobi Acajoom (com_acajoom) 1.1.5 and 1.2.5 component for Joomla!...
E
CVE-2008-1428 Multiple cross-site scripting (XSS) vulnerabilities in the Ubercart 5.x before 5.x-1.0-beta7 module ...
S
CVE-2008-1429 Secure Internet Live Conferencing (SILC) Server before 1.1.1 allows remote attackers to cause a deni...
CVE-2008-1430 SQL injection vulnerability in links.asp in ASPapp allows remote attackers to execute arbitrary SQL ...
E
CVE-2008-1431 RaidSonic NAS-4220-B with 2.6.0-n(2007-10-11) firmware stores a partition encryption key in an unenc...
CVE-2008-1432 Cross-site scripting (XSS) vulnerability in SolutionSearch.do in ManageEngine SupportCenter Plus 7.0...
CVE-2008-1433 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2008-1434 Use-after-free vulnerability in Microsoft Word in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007...
S
CVE-2008-1435 Windows Explorer in Microsoft Windows Vista up to SP1, and Server 2008, allows user-assisted remote ...
CVE-2008-1436 Microsoft Windows XP Professional SP2, Vista, and Server 2003 and 2008 does not properly assign acti...
E
CVE-2008-1437 Unspecified vulnerability in Microsoft Malware Protection Engine (mpengine.dll) 1.1.3520.0 and 0.1.1...
CVE-2008-1438 Unspecified vulnerability in Microsoft Malware Protection Engine (mpengine.dll) 1.1.3520.0 and 0.1.1...
CVE-2008-1439 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2008-1440 Microsoft Windows XP SP2 and SP3, and Server 2003 SP1 and SP2, does not properly validate the option...
S
CVE-2008-1441 Microsoft Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allow...
CVE-2008-1442 Heap-based buffer overflow in the substringData method in Microsoft Internet Explorer 6 and 7 allows...
S
CVE-2008-1443 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2008-1444 Stack-based buffer overflow in Microsoft DirectX 7.0 and 8.1 on Windows 2000 SP4 allows remote attac...
S
CVE-2008-1445 Active Directory on Microsoft Windows 2000 Server SP4, XP Professional SP2 and SP3, Server 2003 SP1 ...
S
CVE-2008-1446 Integer overflow in the Internet Printing Protocol (IPP) ISAPI extension in Microsoft Internet Infor...
S
CVE-2008-1447 The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Mi...
E S
CVE-2008-1448 The MHTML protocol handler in a component of Microsoft Outlook Express 5.5 SP2 and 6 through SP1, an...
S
CVE-2008-1449 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2008-1450 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2008-1451 The WINS service on Microsoft Windows 2000 SP4, and Server 2003 SP1 and SP2, does not properly valid...
E S
CVE-2008-1452 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2008-1453 The Bluetooth stack in Microsoft Windows XP SP2 and SP3, and Vista Gold and SP1, allows physically p...
S
CVE-2008-1454 Unspecified vulnerability in Microsoft DNS in Windows 2000 SP4, Server 2003 SP1 and SP2, and Server ...
S
CVE-2008-1455 A "memory calculation error" in Microsoft Office PowerPoint 2000 SP3, 2002 SP3, 2003 SP2, and 2007 t...
CVE-2008-1456 Array index vulnerability in the Event System in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server ...
S
CVE-2008-1457 The Event System in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold ...
S
CVE-2008-1458 Cross-site scripting (XSS) vulnerability in index.php in CS-Cart 1.3.2 allows remote attackers to in...
E
CVE-2008-1459 SQL injection vulnerability in the Alberghi (com_alberghi) 2.1.3 and earlier component for Mambo and...
E
CVE-2008-1460 SQL injection vulnerability in the Joovideo (com_joovideo) 1.0 and 1.2.2 component for Mambo and Joo...
E
CVE-2008-1461 Buffer overflow in XnView 1.92.1 allows user-assisted remote attackers to execute arbitrary code via...
E
CVE-2008-1462 SQL injection vulnerability in the sections (Section) module in RunCMS allows remote attackers to ex...
E
CVE-2008-1463 Cross-site scripting (XSS) vulnerability in the management GUI in Imperva SecureSphere MX Management...
E
CVE-2008-1464 Multiple SQL injection vulnerabilities in Gallarific Free Edition 1.1 allow remote attackers to exec...
CVE-2008-1465 SQL injection vulnerability in the Detodas Restaurante (com_restaurante) 1.0 component for Mambo and...
E
CVE-2008-1466 Multiple PHP remote file inclusion vulnerabilities in W-Agora 4.0 allow remote attackers to execute ...
E
CVE-2008-1467 CenterIM 4.22.3 and earlier allows user-assisted remote attackers to execute arbitrary commands via ...
E
CVE-2008-1468 Cross-site scripting (XSS) vulnerability in namazu.cgi in Namazu before 2.0.18 allows remote attacke...
CVE-2008-1469 Gallarific Free Edition 1.1 does not require authentication for (1) photos.php, (2) comments.php, an...
CVE-2008-1470 Incomplete blacklist vulnerability in IISWebAgentIF.dll in the WebID RSA Authentication Agent 5.3, a...
E
CVE-2008-1471 The cpoint.sys driver in Panda Internet Security 2008 and Antivirus+ Firewall 2008 allows local user...
E S
CVE-2008-1472 Stack-based buffer overflow in the ListCtrl ActiveX Control (ListCtrl.ocx), as used in multiple CA p...
E
CVE-2008-1473 The Altiris Client Service (AClient.exe) in Symantec Altiris Deployment Solution 6.8.x before 6.9.16...
S
CVE-2008-1474 Multiple unspecified vulnerabilities in Roundup before 1.4.4 have unknown impact and attack vectors,...
S
CVE-2008-1475 The xml-rpc server in Roundup 1.4.4 does not check property permissions, which allows attackers to b...
CVE-2008-1476 Cross-site scripting (XSS) vulnerability in Serendipity (S9Y) before 1.3 allows remote attackers to ...
CVE-2008-1477 Multiple cross-site scripting (XSS) vulnerabilities in busca.php in eForum 0.4 allow remote attacker...
E
CVE-2008-1478 Home FTP Server 1.4.5.89 allows remote attackers to cause a denial of service (crash) by opening a F...
E
CVE-2008-1479 Cross-site scripting (XSS) vulnerability in index.php in cyberfrogs.net cfnetgs 0.24 allows remote a...
CVE-2008-1480 rpc.metad in Sun Solaris 10 allows remote attackers to cause a denial of service (daemon crash) via ...
E
CVE-2008-1481 Cross-site scripting (XSS) vulnerability in index.php in webSPELL 4.1.2 allows remote attackers to i...
E
CVE-2008-1482 Multiple integer overflows in xine-lib 1.1.11 and earlier allow remote attackers to trigger heap-bas...
E
CVE-2008-1483 OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by ...
CVE-2008-1484 The password reset feature in PunBB 1.2.16 and earlier uses predictable random numbers based on the ...
E S
CVE-2008-1485 Cross-site scripting (XSS) vulnerability in PunBB 1.2.16 and earlier allows remote attackers to inje...
CVE-2008-1486 SQL injection vulnerability in Phorum before 5.2.6, when mysql_use_ft is disabled, allows remote att...
CVE-2008-1487 Multiple cross-site scripting (XSS) vulnerabilities in LinPHA before 1.3.3 allow remote attackers to...
CVE-2008-1488 Stack-based buffer overflow in apc.c in Alternative PHP Cache (APC) 3.0.11 through 3.0.16 allows rem...
E
CVE-2008-1489 Integer overflow in the MP4_ReadBox_rdrf function in libmp4.c for VLC 0.8.6e allows remote attackers...
E
CVE-2008-1490 Buffer overflow in a certain Aurigma ActiveX control in ImageUploader4.ocx 4.1.36.0, as used with Pi...
CVE-2008-1491 Stack-based buffer overflow in the DPC Proxy server (DpcProxy.exe) in ASUS Remote Console (aka ARC o...
E
CVE-2008-1492 Multiple directory traversal vulnerabilities in CoronaMatrix phpAddressBook 2.11 allow remote attack...
E
CVE-2008-1493 Directory traversal vulnerability in login.php in Cuteflow Bin 1.5.0 allows remote attackers to incl...
E
CVE-2008-1494 SQL injection vulnerability in inc/module/online.php in Easy-Clanpage 2.2 allows remote attackers to...
E
CVE-2008-1495 Unrestricted file upload vulnerability in administrer/produits.php in PEEL, possibly 3.x and earlier...
E
CVE-2008-1496 Multiple SQL injection vulnerabilities in PEEL, possibly 3.x and earlier, allow remote attackers to ...
E
CVE-2008-1497 Stack-based buffer overflow in the IMAP service in NetWin SurgeMail 38k4-4 and earlier allows remote...
E
CVE-2008-1498 Stack-based buffer overflow in the IMAP service in NetWin Surgemail 3.8k4-4 and earlier allows remot...
E
CVE-2008-1499 Cross-site scripting (XSS) vulnerability in frontend/x/manpage.html in cPanel 11.18.3 and 11.21.0-BE...
E
CVE-2008-1500 Cross-site scripting (XSS) vulnerability in index.php in TinyPortal 0.8.6 and 1.0.3 allows remote at...
CVE-2008-1501 The send_user_mode function in s_user.c in (1) Undernet ircu 2.10.12.12 and earlier, (2) snircd 1.3....
E
CVE-2008-1502 The _bad_protocol_once function in phpgwapi/inc/class.kses.inc.php in KSES, as used in eGroupWare be...
E S
CVE-2008-1503 Cross-site scripting (XSS) vulnerability in the web management interface in F5 BIG-IP 9.4.3 allows r...
CVE-2008-1504 Cross-site scripting (XSS) vulnerability in setup.php3 in phpHeaven phpMyChat 0.14.5 allows remote a...
E
CVE-2008-1505 PHP remote file inclusion vulnerability in the SSTREAMTV custompages (com_custompages) 1.1 and earli...
E
CVE-2008-1506 PEEL, possibly 3.x and earlier, allows remote attackers to obtain configuration information via a di...
E
CVE-2008-1507 PEEL, possibly 3.x and earlier, has (1) a default info@peel.fr account with password admin, and (2) ...
E
CVE-2008-1508 SQL injection vulnerability in EfesTech E-Kontör and earlier allows remote attackers to execute arbi...
E
CVE-2008-1509 SQL injection vulnerability in index.php in XLPortal 2.2.4 and earlier allows remote attackers to ex...
E
CVE-2008-1510 Cross-site scripting (XSS) vulnerability in system/workplace/admin/accounts/users_list.jsp in Alkaco...
CVE-2008-1511 Multiple PHP remote file inclusion vulnerabilities in ooComments 1.0 allow remote attackers to execu...
E
CVE-2008-1512 Directory traversal vulnerability in admin/admin_xs.php in eXtreme Styles module (XS-Mod) 2.3.1 and ...
E
CVE-2008-1513 SQL injection vulnerability in index.php in Danneo CMS 0.5.1 and earlier, when the Referers statisti...
E
CVE-2008-1514 arch/s390/kernel/ptrace.c in Linux kernel 2.6.9, and other versions before 2.6.27-rc6, on s390 platf...
E S
CVE-2008-1515 The SOAP interface in OTRS 2.1.x before 2.1.8 and 2.2.x before 2.2.6 allows remote attackers to "rea...
CVE-2008-1517 Array index error in the xnu (Mach) kernel in Apple Mac OS X 10.5 before 10.5.7 allows local users t...
S
CVE-2008-1518 Stack-based buffer overflow in kl1.sys in Kaspersky Anti-Virus 6.0 and 7.0 and Internet Security 6.0...
CVE-2008-1521 ZyXEL Prestige routers, including P-660 and P-661 models with firmware 3.40(AGD.2) through 3.40(AHQ....
CVE-2008-1522 ZyXEL Prestige routers, including P-660 and P-661 models with firmware 3.40(AGD.2) through 3.40(AHQ....
CVE-2008-1523 ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40(AGD.2) through 3...
CVE-2008-1524 The SNMP service on ZyXEL Prestige routers, including P-660 and P-661 models with firmware 3.40(AGD....
CVE-2008-1525 The default SNMP configuration on ZyXEL Prestige routers, including P-660 and P-661 models with firm...
CVE-2008-1526 ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40(PE9) and 3.40(AG...
CVE-2008-1527 ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40(PE9) and 3.40(AG...
CVE-2008-1528 ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40(AGD.2) through 3...
CVE-2008-1529 ZyXEL Prestige routers have a minimum password length for the admin account that is too small, which...
CVE-2008-1530 GnuPG (gpg) 1.4.8 and 2.0.8 allows remote attackers to cause a denial of service (crash) and possibl...
CVE-2008-1531 The connection_state_machine function (connections.c) in lighttpd 1.4.19 and earlier, and 1.5.x befo...
CVE-2008-1532 Perlbal before 1.70, when buffered upload is enabled, allows remote attackers to cause a denial of s...
CVE-2008-1533 Unspecified vulnerability in the XML-RPC Blogger API plugin in Joomla! 1.5 allows remote attackers t...
S
CVE-2008-1534 Multiple directory traversal vulnerabilities in PowerPHPBoard 1.00b allow remote attackers to includ...
E
CVE-2008-1535 SQL injection vulnerability in the Matti Kiviharju rekry (aka com_rekry or rekry!Joom) 1.0.0 compone...
E
CVE-2008-1536 Cross-site scripting (XSS) vulnerability in index.php in Pictures Pro (aka Tim Grissett) Photo Cart ...
S
CVE-2008-1537 Directory traversal vulnerability in pb_inc/admincenter/index.php in PowerScripts PowerBook 1.21 all...
E
CVE-2008-1538 Cross-site scripting (XSS) vulnerability in searchAction.do in ManageEngine EventLog Analyzer 5 allo...
CVE-2008-1539 SQL injection vulnerability in includes/dynamic_titles.php in PHP-Nuke Platinum 7.6.b.5 allows remot...
E
CVE-2008-1540 SQL injection vulnerability in the Datsogallery (com_datsogallery) 1.3.1 module for Joomla! and Mamb...
E
CVE-2008-1541 Directory traversal vulnerability in cgi-bin/his-webshop.pl in HIS Webshop 2.50 allows remote attack...
E
CVE-2008-1542 Airspan Base Station Distribution Unit (BSDU) has "topsecret" as its password for the root account, ...
E
CVE-2008-1543 The Advanced User Interface Pages in the ProST Web Management component on the Airspan WiMAX ProST h...
CVE-2008-1544 The setRequestHeader method of the XMLHttpRequest object in Microsoft Internet Explorer 5.01, 6, and...
S
CVE-2008-1545 The setRequestHeader method of the XMLHttpRequest object in Microsoft Internet Explorer 7 does not r...
E
CVE-2008-1546 servlet/MIMEReceiveServlet in the web controller for Mitsubishi Electric GB-50 and GB-50A air-condit...
CVE-2008-1547 Open redirect vulnerability in exchweb/bin/redir.asp in Microsoft Outlook Web Access (OWA) for Excha...
E
CVE-2008-1548 Multiple cross-site scripting (XSS) vulnerabilities in Aeries Browser Interface (ABI) 3.8.3.14 in Ea...
CVE-2008-1549 Multiple SQL injection vulnerabilities in Aeries Browser Interface (ABI) 3.8.3.14 in Eagle Software ...
CVE-2008-1550 Multiple cross-site scripting (XSS) vulnerabilities in index.php in CubeCart 4.2.1 allow remote atta...
CVE-2008-1551 SQL injection vulnerability in viewcat.php in the Photo 3.02 module for RunCMS allows remote attacke...
E
CVE-2008-1552 The silc_pkcs1_decode function in the silccrypt library (silcpkcs1.c) in Secure Internet Live Confer...
S
CVE-2008-1553 Directory traversal vulnerability in mod.php in TopperMod 1.0 allows remote attackers to include and...
E
CVE-2008-1554 SQL injection vulnerability in account/index.php in TopperMod 2.0, when magic_quotes_gpc is disabled...
E
CVE-2008-1555 Directory traversal vulnerability in system/_b/contentFiles/gbincluder.php in BolinOS 4.6.1 allows r...
E
CVE-2008-1556 Multiple cross-site scripting (XSS) vulnerabilities in BolinOS 4.6.1 allow remote attackers to injec...
E
CVE-2008-1557 BolinOS 4.6.1 allows remote attackers to obtain sensitive information via a direct request to system...
E
CVE-2008-1558 Uncontrolled array index in the sdpplin_parse function in stream/realrtsp/sdpplin.c in MPlayer 1.0 r...
E
CVE-2008-1559 SQL injection vulnerability in the Bernard Gilly AlphaContent (com_alphacontent) 2.5.8 component for...
E
CVE-2008-1560 Multiple cross-site scripting (XSS) vulnerabilities in Digiappz DigiDomain 2.2 allow remote attacker...
CVE-2008-1561 Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) 0.99.5 through 0.99.8 allow re...
E
CVE-2008-1562 The LDAP dissector in Wireshark (formerly Ethereal) 0.99.2 through 0.99.8 allows remote attackers to...
CVE-2008-1563 The "decode as" feature in packet-bssap.c in the SCCP dissector in Wireshark (formerly Ethereal) 0.9...
E
CVE-2008-1564 Directory traversal vulnerability in Dan Costin File Transfer before 1.2f allows remote attackers to...
E S
CVE-2008-1565 Directory traversal vulnerability in forum/irc/irc.php in the PJIRC 0.5 module for phpBB allows remo...
E
CVE-2008-1566 Cross-site scripting (XSS) vulnerability in Search.do in ManageEngine Applications Manager 8.x allow...
CVE-2008-1567 phpMyAdmin before 2.11.5.1 stores the MySQL (1) username and (2) password, and the (3) Blowfish secr...
S
CVE-2008-1568 comix 3.6.4 allows attackers to execute arbitrary commands via a filename containing shell metachara...
CVE-2008-1569 policyd-weight 0.1.14 beta-16 and earlier allows local users to modify or delete arbitrary files via...
E S
CVE-2008-1570 Race condition in the create_lockpath function in policyd-weight 0.1.14 beta-16 allows local users t...
CVE-2008-1571 Directory traversal vulnerability in the embedded web server in Image Capture in Apple Mac OS X befo...
S
CVE-2008-1572 Image Capture in Apple Mac OS X before 10.5 does not properly use temporary files, which allows loca...
CVE-2008-1573 The BMP and GIF image decoding engine in ImageIO in Apple Mac OS X before 10.5.3 allows remote attac...
S
CVE-2008-1574 Integer overflow in ImageIO in Apple Mac OS X before 10.5.3 allows remote attackers to execute arbit...
S
CVE-2008-1575 Unspecified vulnerability in the Apple Type Services (ATS) server in Apple Mac OS X 10.5 before 10.5...
S
CVE-2008-1576 Mail in Apple Mac OS X before 10.5, when an IPv6 SMTP server is used, does not properly initialize m...
S
CVE-2008-1577 Unspecified vulnerability in the Pixlet codec in Apple Pixlet Video in Apple Mac OS X before 10.5.3 ...
S
CVE-2008-1578 The sso_util program in Single Sign-On in Apple Mac OS X before 10.5.3 places passwords on the comma...
S
CVE-2008-1579 Wiki Server in Apple Mac OS X 10.5 before 10.5.3 allows remote attackers to obtain sensitive informa...
S
CVE-2008-1580 CFNetwork in Safari in Apple Mac OS X before 10.5.3 automatically sends an SSL client certificate in...
S
CVE-2008-1581 Heap-based buffer overflow in Apple QuickTime before 7.5 on Windows allows remote attackers to cause...
S
CVE-2008-1582 Unspecified vulnerability in Apple QuickTime before 7.5 allows remote attackers to cause a denial of...
S
CVE-2008-1583 Heap-based buffer overflow in Apple QuickTime before 7.5 allows remote attackers to cause a denial o...
S
CVE-2008-1584 Stack-based buffer overflow in Indeo.qtx in Apple QuickTime before 7.5 allows remote attackers to ca...
S
CVE-2008-1585 Apple QuickTime before 7.5 uses the url.dll!FileProtocolHandler handler for unrecognized URIs in qt:...
S
CVE-2008-1586 ImageIO in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allow remote...
CVE-2008-1588 Safari on Apple iPhone before 2.0 and iPod touch before 2.0 allows remote attackers to spoof the add...
CVE-2008-1589 Safari on Apple iPhone before 2.0 and iPod touch before 2.0 misinterprets a menu button press as use...
CVE-2008-1590 JavaScriptCore in WebKit on Apple iPhone before 2.0 and iPod touch before 2.0 does not properly perf...
CVE-2008-1591 The pnVarPrepForStore function in PostNuke 0.764 and earlier skips input sanitization when magic_quo...
E
CVE-2008-1592 MQSeries 5.1 in IBM WebSphere MQ 5.1 through 5.3.1 on the HP NonStop and Tandem NSK platforms does n...
S
CVE-2008-1593 The checkpoint and restart feature in the kernel in IBM AIX 5.2, 5.3, and 6.1 does not properly prot...
S
CVE-2008-1594 The kernel in IBM AIX 5.2 and 5.3 does not properly handle resizing JFS2 filesystems on concurrent v...
S
CVE-2008-1595 The proc filesystem in the kernel in IBM AIX 5.2 and 5.3 does not properly enforce directory permiss...
S
CVE-2008-1596 Trusted Execution in IBM AIX 6.1 uses an incorrect pathname argument in a call to the trustchk_block...
S
CVE-2008-1597 The WPAR system call implementation in the kernel in IBM AIX 6.1 allows local users to cause a denia...
S
CVE-2008-1598 The kernel in IBM AIX 6.1 allows local users with ProbeVue privileges to read arbitrary kernel memor...
S
CVE-2008-1599 The nddstat programs on IBM AIX 5.2, 5.3, and 6.1 do not properly handle environment variables, whic...
S
CVE-2008-1600 The lsmcode program on IBM AIX 5.2, 5.3, and 6.1 does not properly handle environment variables, whi...
S
CVE-2008-1601 Stack-based buffer overflow in the reboot program on IBM AIX 5.2 and 5.3 allows local users in the s...
CVE-2008-1602 Stack-based buffer overflow in Orbit downloader 2.6.3 and 2.6.4 allows remote attackers to execute a...
E S
CVE-2008-1603 Cross-site scripting (XSS) vulnerability in GNB DesignForm before 3.9 allows remote attackers to inj...
CVE-2008-1604 Cross-site scripting (XSS) vulnerability in PerlMailer before 3.02 allows remote attackers to inject...
CVE-2008-1605 The (1) ltmmCaptureCtrl Class, (2) ltmmConvertCtrl Class, and (3) ltmmPlayCtrl Class ActiveX control...
E
CVE-2008-1606 Multiple directory traversal vulnerabilities in Elastic Path (EP) 4.1 and 4.1.1 allow remote attacke...
E S
CVE-2008-1607 SQL injection vulnerability in haberoku.php in Serbay Arslanhan Bomba Haber 2.0 allows remote attack...
E
CVE-2008-1608 SQL injection vulnerability in postview.php in Clever Copy 3.0 allows remote attackers to execute ar...
E
CVE-2008-1609 Multiple PHP remote file inclusion vulnerabilities in just another flat file (JAF) CMS 4.0 RC2 allow...
E
CVE-2008-1610 Stack-based buffer overflow in TallSoft Quick TFTP Server Pro 2.1 allows remote attackers to cause a...
E
CVE-2008-1611 Stack-based buffer overflow in TFTP Server SP 1.4 for Windows allows remote attackers to cause a den...
E
CVE-2008-1612 The arrayShrink function (lib/Array.c) in Squid 2.6.STABLE17 allows attackers to cause a denial of s...
E S
CVE-2008-1613 SQL injection vulnerability in ioRD.asp in RedDot CMS 7.5 Build 7.5.0.48, and possibly other version...
E
CVE-2008-1614 suPHP before 0.6.3 allows local users to gain privileges via (1) a race condition that involves mult...
CVE-2008-1615 Linux kernel 2.6.18, and possibly other versions, when running on AMD64 architectures, allows local ...
CVE-2008-1617 Double free vulnerability in Web TransferCtrl Class 8,2,1,4 (iManFile.cab), as used in WorkSite Web ...
E
CVE-2008-1618 The PPTP VPN service in Watchguard Firebox before 10, when performing the MS-CHAPv2 authentication h...
E S
CVE-2008-1619 The ssm_i emulation in Xen 5.1 on IA64 architectures allows attackers to cause a denial of service (...
E S
CVE-2008-1620 Directory traversal vulnerability in 2X TFTP service (TFTPd.exe) 3.2.0.0 and earlier in 2X ThinClien...
E S
CVE-2008-1621 Multiple cross-site scripting (XSS) vulnerabilities in GeeCarts allow remote attackers to inject arb...
E
CVE-2008-1622 Multiple PHP remote file inclusion vulnerabilities in GeeCarts allow remote attackers to execute arb...
CVE-2008-1623 SQL injection vulnerability in admin_view_image.php in Smoothflash allows remote attackers to execut...
E
CVE-2008-1624 Directory traversal vulnerability in v2demo/page.php in Jshop Server 1.x through 2.x allows remote a...
E
CVE-2008-1625 aavmker4.sys in avast! Home and Professional 4.7 for Windows does not properly validate input to IOC...
CVE-2008-1626 SQL injection vulnerability in eggBlog before 4.0.1 allows remote attackers to execute arbitrary SQL...
S
CVE-2008-1627 CDS Invenio 0.92.1 and earlier allows remote authenticated users to delete email notification alerts...
S
CVE-2008-1628 Stack-based buffer overflow in the audit_log_user_command function in lib/audit_logging.c in Linux A...
CVE-2008-1629 Cross-site scripting (XSS) vulnerability in PHPkrm before 1.5.0 allows remote attackers to inject ar...
S
CVE-2008-1630 Multiple cross-site scripting (XSS) vulnerabilities in CuteFlow 1.5.0 and 2.10.0 allow remote attack...
E
CVE-2008-1631 SQL injection vulnerability in login.php in CuteFlow 1.5.0 and 2.10.0 allows remote attackers to exe...
CVE-2008-1632 Multiple SQL injection vulnerabilities in CuteFlow 2.10.0 allow remote authenticated users to execut...
CVE-2008-1633 Unspecified vulnerability in Mondo Rescue before 2.2.5 has unknown impact and attack vectors, relate...
S
CVE-2008-1634 Cross-site scripting (XSS) vulnerability in index.php in JV2 Folder Gallery 3.1 allows remote attack...
CVE-2008-1635 Directory traversal vulnerability in view_private.php in Keep It Simple Guest Book (KISGB) 5.0.0 and...
E
CVE-2008-1636 Cross-site scripting (XSS) vulnerability in index.php in JV2 Quick Gallery 1.1 allows remote attacke...
CVE-2008-1637 PowerDNS Recursor before 3.1.5 uses insufficient randomness to calculate (1) TRXID values and (2) UD...
E S
CVE-2008-1638 Nik Sharpener Pro, possibly 2.0, uses world-writable permissions for plug-in files, which allows loc...
CVE-2008-1639 SQL injection vulnerability in index.php in Neat weblog 0.2 allows remote attackers to execute arbit...
E
CVE-2008-1640 SQL injection vulnerability in jgs_treffen.php in the JGS-XA JGS-Treffen 2.0.2 and earlier addon for...
E
CVE-2008-1641 SQL injection vulnerability in default.asp in EfesTECH Video 5.0 allows remote attackers to execute ...
E
CVE-2008-1642 Directory traversal vulnerability in index.php in Sava's GuestBook 2.0 allows remote attackers to in...
CVE-2008-1643 Directory traversal vulnerability in the PXE TFTP Service (PXEMTFTP.exe) in LANDesk Management Suite...
CVE-2008-1644 SQL injection vulnerability in viewlinks.php in Sava's Link Manager 2.0 allows remote attackers to e...
CVE-2008-1645 Directory traversal vulnerability in body.php in phpSpamManager (phpSM) 0.53 beta allows remote atta...
E
CVE-2008-1646 SQL injection vulnerability in wp-download.php in the WP-Download 1.2 plugin for WordPress allows re...
E
CVE-2008-1647 The ChilkatHttp.ChilkatHttp.1 and ChilkatHttp.ChilkatHttpRequest.1 ActiveX controls in ChilkatHttp.d...
E
CVE-2008-1648 Sympa before 5.4 allows remote attackers to cause a denial of service (daemon crash) via an e-mail m...
E
CVE-2008-1649 Cross-site scripting (XSS) vulnerability in staticpages/easypublish/index.php in EasyNews 4.0 allows...
E
CVE-2008-1650 SQL injection vulnerability in dynamicpages/index.php in EasyNews 4.0 allows remote attackers to exe...
E
CVE-2008-1651 Directory traversal vulnerability in admin/login.php in EasyNews 4.0 allows remote attackers to incl...
E
CVE-2008-1652 Directory traversal vulnerability in the _serve_request_multiple function in lib/Perlbal/ClientHTTPB...
CVE-2008-1653 Directory traversal vulnerability in index.php in Sava's Link Manager 2.0 allows remote attackers to...
CVE-2008-1654 Interaction error between Adobe Flash and multiple Universal Plug and Play (UPnP) services allow rem...
CVE-2008-1655 Unspecified vulnerability in Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, mak...
CVE-2008-1656 Adobe ColdFusion 8 and 8.0.1 does not properly implement the public access level for CFC methods, wh...
S
CVE-2008-1657 OpenSSH 4.4 up to versions before 4.9 allows remote authenticated users to bypass the sshd_config Fo...
S
CVE-2008-1658 Format string vulnerability in the grant helper (polkit-grant-helper.c) in PolicyKit 0.7 and earlier...
S
CVE-2008-1659 Unspecified vulnerability in HP LDAP-UX vB.04.10 through vB.04.15 allows local users to gain privile...
CVE-2008-1660 Unspecified vulnerability in useradd on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to ac...
S
CVE-2008-1661 Stack-based buffer overflow in DoubleTake.exe in HP StorageWorks Storage Mirroring (SWSM) before 4.5...
CVE-2008-1662 Unspecified vulnerability in the HP System Administration Manager (SAM) on HP-UX B.11.11 and B.11.23...
CVE-2008-1663 Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) 2.1.10 and 2.1.11 on...
CVE-2008-1664 Unspecified vulnerability in libc on HP HP-UX B.11.23 and B.11.31 allows remote attackers to cause a...
CVE-2008-1665 Multiple unspecified vulnerabilities in HP Select Identity (HPSI) Active Directory Bidirectional LDA...
CVE-2008-1666 Unspecified vulnerability in HP Oracle for OpenView (OfO) 8.1.7, 9.1.01, 9.2, 9.2.0, 10g, and 10gR2 ...
CVE-2008-1667 The Probe Builder Service (aka PBOVISServer.exe) in European Performance Systems (EPS) Probe Builder...
S
CVE-2008-1668 ftpd.c in (1) wu-ftpd 2.4.2 and (2) ftpd in HP HP-UX B.11.11 assigns uid 0 to the FTP client in cert...
CVE-2008-1669 Linux kernel before 2.6.25.2 does not apply a certain protection mechanism for fcntl functionality, ...
S
CVE-2008-1670 Heap-based buffer overflow in the progressive PNG Image loader (decoders/pngloader.cpp) in KHTML in ...
S
CVE-2008-1671 start_kdeinit in KDE 3.5.5 through 3.5.9, when installed setuid root, allows local users to cause a ...
E
CVE-2008-1672 OpenSSL 0.9.8f and 0.9.8g allows remote attackers to cause a denial of service (crash) via a TLS han...
S
CVE-2008-1673 The asn1 implementation in (a) the Linux kernel 2.4 before 2.4.36.6 and 2.6 before 2.6.25.5, as used...
S
CVE-2008-1674 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...
R
CVE-2008-1675 The bdx_ioctl_priv function in the tehuti driver (tehuti.c) in Linux kernel 2.6.x before 2.6.25.1 do...
E
CVE-2008-1676 Red Hat PKI Common Framework (rhpki-common) in Red Hat Certificate System (aka Certificate Server or...
S
CVE-2008-1677 Buffer overflow in the regular expression handler in Red Hat Directory Server 8.0 and 7.1 before SP6...
CVE-2008-1678 Memory leak in the zlib_stateful_init function in crypto/comp/c_zlib.c in libssl in OpenSSL 0.9.8f t...
E
CVE-2008-1679 Multiple integer overflows in imageop.c in Python before 2.5.3 allow context-dependent attackers to ...
S
CVE-2008-1680 PHP-Nuke Platinum 7.6.b.5 allows remote attackers to obtain configuration information via a direct r...
E
CVE-2008-1681 Unspecified vulnerability in IBM DB2 Content Manager before 8.3 FP8 has unknown impact and attack ve...
CVE-2008-1682 PHP remote file inclusion vulnerability in quiz/common/db_config.inc.php in the Online FlashQuiz (co...
E
CVE-2008-1683 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-0887. Reason: This candida...
R
CVE-2008-1684 inetd on Sun Solaris 10, when debug logging is enabled, allows local users to write to arbitrary fil...
S
CVE-2008-1685 gcc 4.2.0 through 4.3.0 in GNU Compiler Collection, when casts are not used, considers the sum of a ...
CVE-2008-1686 Array index vulnerability in Speex 1.1.12 and earlier, as used in libfishsound 0.9.0 and earlier, in...
S
CVE-2008-1687 The (1) maketemp and (2) mkstemp builtin functions in GNU m4 before 1.4.11 do not quote their output...
S
CVE-2008-1688 Unspecified vulnerability in GNU m4 before 1.4.11 might allow context-dependent attackers to execute...
S
CVE-2008-1689 Stack consumption vulnerability in WebContainer.exe 1.0.0.336 and earlier in SLMail Pro 6.3.1.0 and ...
E
CVE-2008-1690 WebContainer.exe 1.0.0.336 and earlier in SLMail Pro 6.3.1.0 and earlier allows remote attackers to ...
CVE-2008-1691 Unspecified vulnerability in SLMail.exe in SLMail Pro 6.3.1.0 and earlier allows remote attackers to...
CVE-2008-1692 Eterm 0.9.4 opens a terminal window on :0 if -display is not specified and the DISPLAY environment v...
CVE-2008-1693 The CairoFont::create function in CairoFontEngine.cc in Poppler, possibly before 0.8.0, as used in X...
S
CVE-2008-1694 vcdiff in Emacs 20.7 to 22.1.50, when used with SCCS, allows local users to overwrite arbitrary file...
CVE-2008-1696 Directory traversal vulnerability in makepost.php in DaZPHPNews 0.1-1, when register_globals is enab...
E
CVE-2008-1697 Stack-based buffer overflow in ovwparser.dll in HP OpenView Network Node Manager (OV NNM) 7.53, 7.51...
E S
CVE-2008-1698 Cross-site scripting (XSS) vulnerability in gallery.php in Simple Gallery 2.2 allows remote attacker...
CVE-2008-1699 SQL injection vulnerability in permalink.php in Desi Quintans Writer's Block CMS 3.8a allows remote ...
CVE-2008-1700 The Web TransferCtrl Class 8,2,1,4 (iManFile.cab), as used in WorkSite Web 8.2 before SP1 P2, allows...
E
CVE-2008-1701 Novell NetWare 6.5 allows attackers to cause a denial of service (ABEND) via a crafted Macintosh iPr...
S
CVE-2008-1702 Absolute path traversal vulnerability in dload.php in the my_gallery 2.3 plugin for e107 allows remo...
E
CVE-2008-1703 Multiple buffer overflows in TIBCO Software Rendezvous before 8.1.0, as used in multiple TIBCO produ...
CVE-2008-1704 Multiple buffer overflows in TIBCO Software Enterprise Message Service (EMS) before 4.4.3, and iProc...
CVE-2008-1705 Format string vulnerability in the logging function in IBM solidDB 06.00.1018 and earlier allows rem...
E
CVE-2008-1706 Uncontrolled array index in IBM solidDB 06.00.1018 and earlier allows remote attackers to cause a de...
E
CVE-2008-1707 IBM solidDB 06.00.1018 and earlier allows remote attackers to cause a denial of service (NULL pointe...
E
CVE-2008-1708 IBM solidDB 06.00.1018 and earlier does not validate a certain field that specifies an amount of mem...
E
CVE-2008-1709 Buffer overflow in Microsoft Visual InterDev 6.0 (SP6) allows user-assisted attackers to execute arb...
E
CVE-2008-1710 Untrusted search path vulnerability in chnfsmnt in IBM AIX 6.1 allows local users to gain privileges...
CVE-2008-1711 Terong PHP Photo Gallery (aka Advanced Web Photo Gallery) 1.0 stores passwords in cleartext in a MyS...
E
CVE-2008-1712 PHP remote file inclusion vulnerability in includes/functions_weblog.php in mxBB mx_blogs 2.0.0 beta...
E
CVE-2008-1713 MailServer.exe in NoticeWare Email Server 4.6.1.0 allows remote attackers to cause a denial of servi...
E
CVE-2008-1714 SQL injection vulnerability in show.php in FaScript FaPhoto 1.0, when magic_quotes_gpc is disabled, ...
E
CVE-2008-1715 SQL injection vulnerability in content/user.php in AuraCMS 2.2.1 and earlier, when magic_quotes_gpc ...
E
CVE-2008-1716 Cross-site scripting (XSS) vulnerability in WoltLab Community Framework (WCF) 1.0.6 in WoltLab Burni...
CVE-2008-1717 WoltLab Community Framework (WCF) 1.0.6 in WoltLab Burning Board 3.0.5 allows remote attackers to ob...
CVE-2008-1718 Buffer overflow in mimesr.dll in Autonomy (formerly Verity) KeyView, as used in IBM Lotus Notes befo...
CVE-2008-1719 Multiple cross-site request forgery (CSRF) vulnerabilities in Nuke ET 3.2 and 3.4 allow remote attac...
CVE-2008-1720 Buffer overflow in rsync 2.6.9 to 3.0.1, with extended attribute (xattr) support enabled, might allo...
S
CVE-2008-1721 Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote atta...
E
CVE-2008-1722 Multiple integer overflows in (1) filter/image-png.c and (2) filter/image-zoom.c in CUPS 1.3 allow a...
S
CVE-2008-1724 Stack-based buffer overflow in the IActiveXTransfer.FileTransfer method in the SecureTransport FileT...
E
CVE-2008-1725 The IBizEBank.FIProfile.1 ActiveX control in fiprofile20.ocx in IBiz E-Banking Integrator (formerly ...
E
CVE-2008-1726 Multiple SQL injection vulnerabilities in KnowledgeQuest 2.6, when magic_quotes_gpc is disabled, all...
E
CVE-2008-1727 KnowledgeQuest 2.5 and 2.6 does not require authentication for access to admincheck.php, which allow...
E
CVE-2008-1728 ConnectionManagerImpl.java in Ignite Realtime Openfire 3.4.5 allows remote authenticated users to ca...
CVE-2008-1729 The menu system in Drupal 6 before 6.2 has incorrect menu settings, which allows remote attackers to...
S
CVE-2008-1730 Directory traversal vulnerability in download.html in ARWScripts Gallery Script Lite (aka gallery-sc...
E
CVE-2008-1731 The Simple Access module for Drupal 5.x through 5.x-1.2-2 does not properly handle the privacy infor...
S
CVE-2008-1732 SQL injection vulnerability in showpredictionsformatch.php in Prediction Football 1.x allows remote ...
E
CVE-2008-1733 SQL injection vulnerability in puarcade.class.php 2.2 and earlier in the Pragmatic Utopia PU Arcade ...
E
CVE-2008-1734 Interpretation conflict in PHP Toolkit before 1.0.1 on Gentoo Linux might allow local users to cause...
CVE-2008-1735 BitDefender Antivirus 2008 20080118 and earlier allows local users to cause a denial of service (sys...
S
CVE-2008-1736 Comodo Firewall Pro before 3.0 does not properly validate certain parameters to hooked System Servic...
S
CVE-2008-1737 Sophos Anti-Virus 7.0.5, and other 7.x versions, when Runtime Behavioural Analysis is enabled, allow...
CVE-2008-1738 Rising Antivirus 2008 before 20.38.20 allows local users to cause a denial of service (system crash)...
CVE-2008-1739 Apple QuickTime before 7.4.5 allows remote attackers to cause a denial of service (crash) and possib...
CVE-2008-1740 The Presence Engine (PE) service in Cisco Unified Presence before 6.0(1) allows remote attackers to ...
S
CVE-2008-1741 The SIP Proxy (SIPD) service in Cisco Unified Presence before 6.0(3) allows remote attackers to caus...
S
CVE-2008-1742 Memory leak in the Certificate Trust List (CTL) Provider service in Cisco Unified Communications Man...
CVE-2008-1743 Memory leak in the Certificate Trust List (CTL) Provider service in Cisco Unified Communications Man...
CVE-2008-1744 The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager (CUC...
CVE-2008-1745 Cisco Unified Communications Manager (CUCM) 5.x before 5.1(2) and 6.x before 6.1(1) allows remote at...
CVE-2008-1746 The SNMP Trap Agent service in Cisco Unified Communications Manager (CUCM) 4.1 before 4.1(3)SR6, 4.2...
CVE-2008-1747 Unspecified vulnerability in Cisco Unified Communications Manager 4.1 before 4.1(3)SR6, 4.2 before 4...
CVE-2008-1748 Cisco Unified Communications Manager 4.1 before 4.1(3)SR7, 4.2 before 4.2(3)SR4, 4.3 before 4.3(2), ...
S
CVE-2008-1749 Memory leak in Cisco Content Switching Module (CSM) 4.2(3) up to 4.2(8) and Cisco Content Switching ...
S
CVE-2008-1750 SQL injection vulnerability in Integry Systems LiveCart 1.1.1 and earlier allows remote attackers to...
E
CVE-2008-1751 Multiple directory traversal vulnerabilities in index.php in Ksemail allow remote attackers to read ...
E
CVE-2008-1752 ezRADIUS 0.1 stores sensitive information under the web root with insufficient access control, which...
CVE-2008-1753 Cross-site scripting (XSS) vulnerability in system/workplace/admin/workplace/sessions.jsp in Alkacon...
E
CVE-2008-1754 Symantec Altiris Deployment Solution before 6.9.164 stores the Deployment Solution Agent (aka AClien...
S
CVE-2008-1755 Directory traversal vulnerability in the showSource function in showSource.php in World of Phaos 4.0...
E
CVE-2008-1756 Unspecified vulnerability in the Qmaster daemon in Sun N1 Grid Engine 6.1 allows local users to caus...
S
CVE-2008-1757 Cross-site scripting (XSS) vulnerability in index.php in the ConcoursPhoto module for KwsPHP 1.0 all...
CVE-2008-1758 SQL injection vulnerability in the ConcoursPhoto module for KwsPHP allows remote attackers to execut...
E
CVE-2008-1759 SQL injection vulnerability in the jeuxflash module for KwsPHP allows remote attackers to execute ar...
E
CVE-2008-1760 Multiple PHP remote file inclusion vulnerabilities in Blogator-script before 1.01 allow remote attac...
E
CVE-2008-1761 Opera before 9.27 allows remote attackers to cause a denial of service (crash) and possibly execute ...
E S
CVE-2008-1762 Opera before 9.27 allows remote attackers to cause a denial of service (crash) and possibly execute ...
S
CVE-2008-1763 SQL injection vulnerability in _blogadata/include/sond_result.php in Blogator-script 0.95 allows rem...
E
CVE-2008-1764 Unspecified vulnerability in Opera before 9.27 has unknown impact and attack vectors related to "key...
S
CVE-2008-1765 Buffer overflow in Adobe Photoshop Album Starter Edition 3.2, and possibly After Effects CS3, allows...
E S
CVE-2008-1766 Multiple unspecified vulnerabilities in phpBB before 3.0.1 have unknown impact and attack vectors, r...
S
CVE-2008-1767 Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a ...
E
CVE-2008-1768 Multiple integer overflows in VLC before 0.8.6f allow remote attackers to cause a denial of service ...
CVE-2008-1769 VLC before 0.8.6f allow remote attackers to cause a denial of service (crash) via a crafted Cinepak ...
CVE-2008-1770 CRLF injection vulnerability in Akamai Download Manager ActiveX control before 2.2.3.6 allows remote...
E
CVE-2008-1771 Integer overflow in the ws_getpostvars function in Firefly Media Server (formerly mt-daapd) 0.2.4.1 ...
CVE-2008-1772 iScripts SocialWare stores passwords in cleartext in a database, which allows context-dependent atta...
E
CVE-2008-1773 PHP remote file inclusion vulnerability in includes/header.inc.php in Dragoon 0.1 allows remote atta...
E
CVE-2008-1774 SQL injection vulnerability in editlink.php in Pligg 9.9.0 allows remote attackers to execute arbitr...
E
CVE-2008-1775 Cross-site scripting (XSS) vulnerability in mindex.do in ManageEngine Firewall Analyzer 4.0.3 allows...
CVE-2008-1776 PHP remote file inclusion vulnerability in modules/basicfog/basicfogfactory.class.php in PhpBlock A8...
E
CVE-2008-1777 The eDirectory Host Environment service (dhost.exe) in Novell eDirectory 8.8.2 allows remote attacke...
E
CVE-2008-1778 Unspecified vulnerability in the floating point context switch implementation in Sun Solaris 9 and 1...
CVE-2008-1779 Sun Solaris 8, 9, and 10 allows "remote privileged" users to cause a denial of service (panic) via u...
CVE-2008-1780 Unspecified vulnerability in the labeled networking functionality in Solaris 10 Trusted Extensions a...
CVE-2008-1781 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...
R
CVE-2008-1782 phpdemo/viewsource.php in Advanced Software Engineering ChartDirector 4.1 allows remote attackers to...
E
CVE-2008-1783 Prozilla Reviews 1.0 allows remote attackers to delete arbitrary users via a modified UserID paramet...
E
CVE-2008-1784 Prozilla Topsites 1.0 allows remote attackers to perform administrative actions via a direct request...
E
CVE-2008-1785 delete.php in Prozilla Top 100 1.2 allows remote authenticated users to delete statistics and accoun...
E
CVE-2008-1786 The DSM gui_cm_ctrls ActiveX control (gui_cm_ctrls.ocx), as used in multiple CA products including B...
S
CVE-2008-1787 Multiple cross-site scripting (XSS) vulnerabilities in index.php in Poplar Gedcom Viewer 2.0 allow r...
E
CVE-2008-1788 SQL injection vulnerability in directory.php in Prozilla Entertainers 1.1 and earlier allows remote ...
E
CVE-2008-1789 SQL injection vulnerability in forum.php in Prozilla Forum allows remote attackers to execute arbitr...
E
CVE-2008-1790 Unrestricted file upload vulnerability in iScripts SocialWare allows remote authenticated administra...
E
CVE-2008-1791 SQL injection vulnerability in ladder.php in My Gaming Ladder 7.5 and earlier allows remote attacker...
E
CVE-2008-1792 Cross-site scripting (XSS) vulnerability in the insertion filter in the Flickr Drupal module 5.x bef...
S
CVE-2008-1793 Multiple cross-site scripting (XSS) vulnerabilities in view.cgi in Smart Classified ADS Professional...
CVE-2008-1794 Multiple cross-site scripting (XSS) vulnerabilities in the Webform Drupal module 5.x before 5.x-1.10...
S
CVE-2008-1795 Multiple cross-site scripting (XSS) vulnerabilities in Blackboard Academic Suite 7.x and earlier, an...
E
CVE-2008-1796 Comix 3.6.4 creates temporary directories with predictable names, which allows local users to cause ...
CVE-2008-1797 Unspecified vulnerability in Secure Computing Webwasher 5.30 before build 3159 and 6.3.0 before buil...
CVE-2008-1798 Directory traversal vulnerability in forum/kietu/libs/calendrier.php in Dragoon 0.1 allows remote at...
E
CVE-2008-1799 Directory traversal vulnerability in thumbnails.php in sabros.us 1.75 allows remote attackers to rea...
E
CVE-2008-1800 Multiple cross-site scripting (XSS) vulnerabilities in index.php in DivXDB 2002 0.94b allow remote a...
E
CVE-2008-1801 Integer underflow in the iso_recv_msg function (iso.c) in rdesktop 1.5.0 allows remote attackers to ...
E
CVE-2008-1802 Buffer overflow in the process_redirect_pdu (rdp.c) function in rdesktop 1.5.0 allows remote attacke...
E
CVE-2008-1803 Integer signedness error in the xrealloc function (rdesktop.c) in RDesktop 1.5.0 allows remote attac...
E S
CVE-2008-1804 preprocessors/spp_frag3.c in Sourcefire Snort before 2.8.1 does not properly identify packet fragmen...
CVE-2008-1805 Incomplete blacklist vulnerability in Skype 3.6.0.248, and other versions before 3.8.0.139, allows u...
S
CVE-2008-1806 Integer overflow in FreeType2 before 2.3.6 allows context-dependent attackers to execute arbitrary c...
S
CVE-2008-1807 FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via an invalid "n...
CVE-2008-1808 Multiple off-by-one errors in FreeType2 before 2.3.6 allow context-dependent attackers to execute ar...
S
CVE-2008-1809 Heap-based buffer overflow in Novell eDirectory 8.7.3 before 8.7.3.10b, and 8.8 before 8.8.2 FTF2, a...
S
CVE-2008-1810 Untrusted search path vulnerability in dbmsrv in SAP MaxDB 7.6.03.15 on Linux allows local users to ...
CVE-2008-1811 Unspecified vulnerability in Oracle Application Express 3.0.1 has unspecified impact and remote auth...
CVE-2008-1812 Unspecified vulnerability in the Oracle Enterprise Manager component in Oracle Database 9.0.1.5 FIPS...
CVE-2008-1813 Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5,...
CVE-2008-1814 Unspecified vulnerability in the Oracle Secure Enterprise Search or Ultrasearch component in Oracle ...
CVE-2008-1815 Unspecified vulnerability in the Change Data Capture component in Oracle Database 10.1.0.5, 10.2.0.3...
CVE-2008-1816 Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 and 10.2.0.3 have unknown impact an...
CVE-2008-1817 Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5,...
CVE-2008-1818 Unspecified vulnerability in the Authentication component in Oracle Database 11.1.0.6 has unknown im...
CVE-2008-1819 Unspecified vulnerability in the Oracle Net Services component in Oracle Database 9.2.0.8, 10.1.0.5,...
CVE-2008-1820 Unspecified vulnerability in the Data Pump component in Oracle Database 9.2.0.8, 10.1.0.5, 10.2.0.3,...
CVE-2008-1821 Unspecified vulnerability in the Advanced Queuing component in Oracle Database 9.0.1.5 FIPS+, and 10...
CVE-2008-1822 Unspecified vulnerability in the Oracle Application Express component in Oracle Application Express ...
CVE-2008-1823 Unspecified vulnerability in the Oracle Jinitiator component in Oracle Application Server 1.3.1.14 h...
CVE-2008-1824 Unspecified vulnerability in the Oracle Dynamic Monitoring Service component in Oracle Application S...
CVE-2008-1825 Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 9.0.4.3 has un...
CVE-2008-1826 Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10.2 have unknown impact and at...
CVE-2008-1827 Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10.2 and 12.0.4 have unknown im...
CVE-2008-1828 Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise an...
CVE-2008-1829 Unspecified vulnerability in the PeopleSoft HCM Recruiting component in Oracle PeopleSoft Enterprise...
CVE-2008-1830 Unspecified vulnerability in the PeopleSoft HCM ePerformance component in Oracle PeopleSoft Enterpri...
CVE-2008-1831 Multiple unspecified vulnerabilities in the Siebel SimBuilder component in Oracle Siebel Enterprise ...
CVE-2008-1832 lib/prefs.tcl in Cecilia 2.0.5 allows local users to overwrite arbitrary files via a symlink attack ...
CVE-2008-1833 Heap-based buffer overflow in pe.c in libclamav in ClamAV 0.92.1 allows remote attackers to execute ...
E
CVE-2008-1834 swfdec_load_object.c in Swfdec before 0.6.4 does not properly restrict local file access from untrus...
S
CVE-2008-1835 ClamAV before 0.93 allows remote attackers to bypass the scanning enging via a RAR file with an inva...
CVE-2008-1836 The rfc2231 function in message.c in libclamav in ClamAV before 0.93 allows remote attackers to caus...
CVE-2008-1837 libclamunrar in ClamAV before 0.93 allows remote attackers to cause a denial of service (crash) via ...
CVE-2008-1838 SQL injection vulnerability in BosClassifieds Classified Ads System 3.0 allows remote attackers to e...
E
CVE-2008-1839 Multgiple cross-site scripting (XSS) vulnerabilities in module/main.php in WORK system e-commerce 4....
CVE-2008-1840 SQL injection vulnerability in upload.php in Coppermine Photo Gallery (CPG) 1.4.16 and earlier allow...
S
CVE-2008-1841 SQL injection vulnerability in the session handling functionality in bridge/coppermine.inc.php in Co...
S
CVE-2008-1842 Integer signedness error in ovspmd.exe in HP OpenView Network Node Manager (OV NNM) 8.01, and 7.53 a...
E
CVE-2008-1843 SQL injection vulnerability in browse.php in W2B DatingClub (aka Dating Club) allows remote attacker...
E
CVE-2008-1844 SQL injection vulnerability in cat.php in W2B phpHotResources allows remote attackers to execute arb...
E
CVE-2008-1845 The Korn shell (aka mksh) before R33d on MirOS (aka MirBSD) does not flush the tty's I/O when invoki...
CVE-2008-1846 The default configuration of SAP NetWeaver before 7.0 SP15 does not enable the "Always Use Secure HT...
CVE-2008-1847 SQL injection vulnerability in view.php in CoronaMatrix phpAddressBook 2.11 allows remote attackers ...
E
CVE-2008-1848 Cross-site scripting (XSS) vulnerability in the joomlaXplorer (com_joomlaxplorer) Mambo/Joomla! comp...
E
CVE-2008-1849 Directory traversal vulnerability in index.php in the joomlaXplorer (com_joomlaxplorer) Mambo/Joomla...
E
CVE-2008-1850 Multiple cross-site scripting (XSS) vulnerabilities in login.php in Omnistar Interactive OSI Affilia...
CVE-2008-1851 ovalarmsrv in HP OpenView Network Node Manager (OV NNM) 7.51, 7.53, and possibly other versions allo...
E
CVE-2008-1852 ovalarmsrv in HP OpenView Network Node Manager (OV NNM) 7.51, 7.53, and possibly other versions allo...
E
CVE-2008-1853 The ovtopmd service in HP OpenView Network Node Manager (OV NNM) 7.51, 7.53, and possibly other vers...
E
CVE-2008-1854 Unspecified vulnerability in SmarterMail Web Server (SMWebSvr.exe) in SmarterMail 5.0.2999 allows re...
E
CVE-2008-1855 FrameworkService.exe in McAfee Common Management Agent (CMA) 3.6.0.574 Patch 3 and earlier, as used ...
E
CVE-2008-1856 plugins/maps/db_handler.php in LinPHA 1.3.3 and earlier does not require authentication for a settin...
E
CVE-2008-1857 Multiple directory traversal vulnerabilities in viewsource.php in Make our Life Easy (Mole) 2.1.0 al...
E
CVE-2008-1858 SQL injection vulnerability in index.php in 724Networks 724CMS 4.01 and earlier allows remote attack...
E
CVE-2008-1859 SQL injection vulnerability in events.php in iScripts SocialWare allows remote attackers to execute ...
E
CVE-2008-1860 Static code injection vulnerability in admin.php in LokiCMS 0.3.3 and earlier allows remote attacker...
E
CVE-2008-1861 Directory traversal vulnerability in modules/threadstop/threadstop.php in ExBB Italia 0.22 and earli...
E
CVE-2008-1862 ExBB Italia 0.22 and earlier only checks GET requests that use the QUERY_STRING for certain path man...
E
CVE-2008-1863 SQL injection vulnerability in view_reviews.php in Prozilla Cheat Script (aka Cheats) 2.0 allows rem...
E
CVE-2008-1864 SQL injection vulnerability in project.php in Prozilla Freelancers allows remote attackers to execut...
E
CVE-2008-1865 Stack-based buffer overflow in the msx_readnode function in libmosix.c in openmosix-tools (aka users...
CVE-2008-1866 admin/modif_config.php in Blog Pixel Motion (aka PixelMotion) does not require admin authentication,...
E
CVE-2008-1867 SQL injection vulnerability in Blog Pixel Motion (aka Blog PixelMotion) allows remote attackers to e...
E
CVE-2008-1868 admin/sauvBase.php in Blog Pixel Motion (aka Blog PixelMotion) does not require authentication, whic...
E
CVE-2008-1869 SQL injection vulnerability in Site Sift Listings allows remote attackers to execute arbitrary SQL c...
E
CVE-2008-1870 SQL injection vulnerability in getdata.php in PIGMy-SQL 1.4.1 and earlier allows remote attackers to...
E
CVE-2008-1871 SQL injection vulnerability in links.php in Scriptsagent.com Links Directory 1.1 allows remote authe...
E
CVE-2008-1872 SQL injection vulnerability in home.news.php in Comdev News Publisher 4.1.2 allows remote attackers ...
E
CVE-2008-1873 Cross-site scripting (XSS) vulnerability in the private message feature in Nuke ET 3.2 and 3.4, when...
E
CVE-2008-1874 SQL injection vulnerability in account/user/mail.html in Xpoze Pro 3.05 and earlier allows remote au...
E
CVE-2008-1875 SQL injection vulnerability in index.php in Terong PHP Photo Gallery (aka Advanced Web Photo Gallery...
E
CVE-2008-1876 PHP remote file inclusion vulnerability in index.php in VisualPic 0.3.1 allows remote attackers to e...
E
CVE-2008-1877 tss 0.8.1 allows local users to read arbitrary files via the -a parameter, which is processed while ...
CVE-2008-1878 Stack-based buffer overflow in the demux_nsf_send_chunk function in src/demuxers/demux_nsf.c in xine...
E
CVE-2008-1879 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2008-1880 The default configuration of Firebird before 2.0.3.12981.0-r6 on Gentoo Linux sets the ISC_PASSWORD ...
CVE-2008-1881 Stack-based buffer overflow in the ParseSSA function (modules/demux/subtitle.c) in VLC 0.8.6e allows...
E
CVE-2008-1883 The server in Blackboard Academic Suite 7.x stores MD5 password hashes that are provided directly by...
E
CVE-2008-1884 Directory traversal vulnerability in index.php in Wikepage Opus 13 2007.2 allows remote attackers to...
CVE-2008-1885 Directory traversal vulnerability in the NeffyLauncher 1.0.5 ActiveX control (NeffyLauncher.dll) in ...
E
CVE-2008-1886 The NeffyLauncher 1.0.5 ActiveX control (NeffyLauncher.dll) in CDNetworks Nefficient Download uses w...
E
CVE-2008-1887 Python 2.5.2 and earlier allows context-dependent attackers to execute arbitrary code via multiple v...
E S
CVE-2008-1888 Cross-site scripting (XSS) vulnerability in Microsoft Windows SharePoint Services 2.0 allows remote ...
CVE-2008-1889 SQL injection vulnerability in viewcat.php in XplodPHP AutoTutorials 2.1 and earlier, when magic_quo...
E
CVE-2008-1890 SQL injection vulnerability in the Jom Comment 2.0 build 345 component for Joomla! allows remote att...
CVE-2008-1891 Directory traversal vulnerability in WEBrick in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8...
CVE-2008-1892 Cross-site scripting (XSS) vulnerability in bs_auth.php in Blogator-script 0.95 and 1.01 allows remo...
CVE-2008-1893 PHP remote file inclusion vulnerability in index.php in W2B Online Banking allows remote attackers t...
CVE-2008-1894 Cross-site scripting (XSS) vulnerability in desktoplaunch/InfoView/logon/logon.object in BusinessObj...
E S
CVE-2008-1895 Multiple SQL injection vulnerabilities in Carbon Communities 2.4 and earlier allow remote attackers ...
E
CVE-2008-1896 Multiple cross-site scripting (XSS) vulnerabilities in Carbon Communities 2.4 and earlier allow remo...
E
CVE-2008-1897 The IAX2 channel driver (chan_iax2) in Asterisk Open Source 1.0.x, 1.2.x before 1.2.28, and 1.4.x be...
CVE-2008-1898 A certain ActiveX control in WkImgSrv.dll 7.03.0616.0, as distributed in Microsoft Works 7 and Micro...
E
CVE-2008-1900 option_Update.asp in Carbon Communities 2.4 and earlier allows remote attackers to edit arbitrary me...
CVE-2008-1901 aptlinex before 0.91 allows local users to overwrite arbitrary files via a symlink attack on the gam...
CVE-2008-1902 The GUI for aptlinex before 0.91 does not sufficiently warn the user of potentially dangerous action...
CVE-2008-1903 PHP remote file inclusion vulnerability in news_show.php in Newanz NewsOffice 1.0 and 1.1, when regi...
E
CVE-2008-1904 Cicoandcico CcMail 1.0.1 and earlier does not verify that the this_cookie cookie corresponds to an a...
E
CVE-2008-1905 NMMediaServer.exe in Nero MediaHome 3.3.3.0 and earlier, as used in Nero 8.3.2.1 and earlier, allows...
CVE-2008-1906 Cross-site scripting (XSS) vulnerability in calendar.php in cpCommerce 1.1.0 allows remote attackers...
E
CVE-2008-1907 Multiple SQL injection vulnerabilities in functions/display_page.func.php in cpCommerce 1.1.0 allow ...
E
CVE-2008-1908 Multiple directory traversal vulnerabilities in cpCommerce 1.1.0 allow remote attackers to include a...
E
CVE-2008-1909 SQL injection vulnerability in comment.php in PHP Knowledge Base (PHPKB) 1.5 and 2.0 allows remote a...
E
CVE-2008-1910 Stack-based buffer overflow in the database service (ibserver.exe) in Borland InterBase 2007 SP2 all...
E
CVE-2008-1911 SQL injection vulnerability in includes/system.php in 1024 CMS 1.4.2 beta and earlier, when magic_qu...
E
CVE-2008-1912 Stack-based buffer overflow in DivX Player 6.7 build 6.7.0.22 and earlier allows user-assisted remot...
E
CVE-2008-1913 SQL injection vulnerability in index.php in Lasernet CMS 1.5 and 1.11, when magic_quotes_gpc is disa...
E
CVE-2008-1914 Stack-based buffer overflow in the AntServer module (AntServer.exe) in BigAnt IM Server in BigAnt Me...
E
CVE-2008-1915 SQL injection vulnerability in view.asp in DevWorx BlogWorx 1.0 allows remote attackers to execute a...
E
CVE-2008-1916 Multiple cross-site scripting (XSS) vulnerabilities in the Ubercart 5.x before 5.x-1.0-rc1 module fo...
S
CVE-2008-1917 Multiple cross-site scripting (XSS) vulnerabilities in AMFPHP 1.2 allow remote attackers to inject a...
E
CVE-2008-1918 SQL injection vulnerability in submit.php in PHP-Fusion 6.01.14 and 6.00.307, when magic_quotes_gpc ...
E S
CVE-2008-1919 SQL injection vulnerability in listtest.php in YourFreeWorld Apartment Search Script allows remote a...
E
CVE-2008-1920 Heap-based buffer overflow in the boxelyRenderer module in the Personal Status Manager feature in IC...
E
CVE-2008-1921 SQL injection vulnerability in store_pages/category_list.php in 5th Avenue Shopping Cart 1.2 trial e...
E
CVE-2008-1922 Multiple stack-based buffer overflows in Sarg might allow attackers to execute arbitrary code via un...
E
CVE-2008-1923 The IAX2 channel driver (chan_iax2) in Asterisk 1.2 before revision 72630 and 1.4 before revision 65...
CVE-2008-1924 Unspecified vulnerability in phpMyAdmin before 2.11.5.2, when running on shared hosts, allows remote...
S
CVE-2008-1925 Buffer overflow in InspIRCd before 1.1.18, when using the namesx and uhnames modules, allows remote ...
CVE-2008-1926 Argument injection vulnerability in login (login-utils/login.c) in util-linux-ng 2.14 and earlier ma...
CVE-2008-1927 Double free vulnerability in Perl 5.8.8 allows context-dependent attackers to cause a denial of serv...
CVE-2008-1928 Buffer overflow in Imager 0.42 through 0.63 allows attackers to cause a denial of service (crash) vi...
CVE-2008-1930 The cookie authentication method in WordPress 2.5 relies on a hash of a concatenated string containi...
S
CVE-2008-1931 Realtek HD Audio Codec Drivers RTKVHDA.sys and RTKVHDA64.sys before 6.0.1.5605 on Windows Vista allo...
E
CVE-2008-1932 Integer overflow in Realtek HD Audio Codec Drivers RTKVHDA.sys and RTKVHDA64.sys before 6.0.1.5605 o...
E
CVE-2008-1933 Absolute path traversal vulnerability in a certain ActiveX control in Zune allows user-assisted remo...
E
CVE-2008-1934 SQL injection vulnerability in commentaires.php in Crazy Goomba 1.2.1 allows remote attackers to exe...
E
CVE-2008-1935 SQL injection vulnerability in the Filiale 1.0.4 component for Joomla! allows remote attackers to ex...
E
CVE-2008-1936 SQL injection vulnerability in index.php in Classifieds Caffe allows remote attackers to execute arb...
E
CVE-2008-1937 The user form processing (userform.py) in MoinMoin before 1.6.3, when using ACLs or a non-empty supe...
E S
CVE-2008-1938 Sony Mylo COM-2 Japanese model firmware before 1.002 does not properly verify web server SSL certifi...
CVE-2008-1939 Multiple SQL injection vulnerabilities in W1L3D4 Philboard 1.0 allow remote attackers to execute arb...
E
CVE-2008-1940 The RBAC functionality in grsecurity before 2.1.11-2.6.24.5 and 2.1.11-2.4.36.2 does not enforce use...
S
CVE-2008-1941 Cross-site scripting (XSS) vulnerability in the profile update feature in Akiva WebBoard 8.0 allows ...
CVE-2008-1942 Foxit Reader 2.2 allows remote attackers to cause a denial of service (crash) and possibly execute a...
E
CVE-2008-1943 Buffer overflow in the backend of XenSource Xen Para Virtualized Frame Buffer (PVFB) 3.0 through 3.1...
CVE-2008-1944 Buffer overflow in the backend framebuffer of XenSource Xen Para-Virtualized Framebuffer (PVFB) Mess...
CVE-2008-1945 QEMU 0.9.0 does not properly handle changes to removable media, which allows guest OS users to read ...
CVE-2008-1946 The default configuration of su in /etc/pam.d/su in GNU coreutils 5.2.1 allows local users to gain t...
CVE-2008-1947 Cross-site scripting (XSS) vulnerability in Apache Tomcat 5.5.9 through 5.5.26 and 6.0.0 through 6.0...
CVE-2008-1948 The _gnutls_server_name_recv_params function in lib/ext_server_name.c in libgnutls in gnutls-serv in...
E S
CVE-2008-1949 The _gnutls_recv_client_kx_message function in lib/gnutls_kx.c in libgnutls in gnutls-serv in GnuTLS...
E S
CVE-2008-1950 Integer signedness error in the _gnutls_ciphertext2compressed function in lib/gnutls_cipher.c in lib...
S
CVE-2008-1951 Untrusted search path vulnerability in a certain Red Hat build script for Standards Based Linux Inst...
CVE-2008-1952 The backend for XenSource Xen Para Virtualized Frame Buffer (PVFB) in Xen ioemu does not properly re...
S
CVE-2008-1953 Cross-site scripting (XSS) vulnerability in the Sitedesigner before 1.1.5 search template in Magnoli...
S
CVE-2008-1954 SQL injection vulnerability in one_day.php in Web Calendar Pro 4.1 and earlier allows remote attacke...
E
CVE-2008-1955 Cross-site scripting (XSS) vulnerability in rep.php in Martin BOUCHER MyBoard 1.0.12 allows remote a...
E
CVE-2008-1956 Cross-site scripting (XSS) vulnerability in index.php in Wikepage Opus 13 2007.2 allows remote attac...
E
CVE-2008-1957 SQL injection vulnerability in news.php in Tr Script News 2.1 allows remote attackers to execute arb...
E
CVE-2008-1958 Unrestricted file upload vulnerability in the ajout_cat mode in admin/main.php in Tr Script News 2.1...
E
CVE-2008-1959 Stack-based buffer overflow in the get_remote_video_port_media function in call.cpp in SIPp 3.0 allo...
CVE-2008-1960 Cross-site scripting (XSS) vulnerability in cgi-bin/contray/search.cgi in ContRay 3.x allows remote ...
CVE-2008-1961 SQL injection vulnerability in index.php in Voice Of Web AllMyGuests 0.4.1 allows remote attackers t...
E
CVE-2008-1962 Multiple directory traversal vulnerabilities in Aterr 0.9.1 allow remote attackers to include and ex...
E
CVE-2008-1963 PHP remote file inclusion vulnerability in includes/functions.php in Quate Grape Web Statistics 0.2a...
E
CVE-2008-1964 Stack-based buffer overflow in the demux_nsf_send_headers function in src/demuxers/demux_nsf.c in xi...
CVE-2008-1965 Argument injection vulnerability in the cai: URI handler in rcplauncher in IBM Lotus Expeditor Clien...
E
CVE-2008-1966 Multiple buffer overflows in the JAR file administration routines in the BSU JAVA subcomponent in IB...
CVE-2008-1967 Cross-site scripting (XSS) vulnerability in CFLogon/CFLogon.asp in Cezanne 6.5.1 and 7 allows remote...
CVE-2008-1968 Multiple SQL injection vulnerabilities in Cezanne 7 allow remote authenticated users to execute arbi...
E
CVE-2008-1969 Multiple cross-site scripting (XSS) vulnerabilities in Cezanne 6.5.1 and 7 allow remote attackers to...
E
CVE-2008-1970 muCommander before 0.8.2 stores credentials.xml with insecure permissions, which allows local users ...
CVE-2008-1971 phShoutBox Final 1.5 and earlier only checks passwords when specified in $_POST, which allows remote...
E
CVE-2008-1972 Multiple cross-site scripting (XSS) vulnerabilities in the user account creation feature in Exponent...
CVE-2008-1973 Heap-based buffer overflow in SubEdit Player build 4056 and 4066 allows remote attackers to cause a ...
E
CVE-2008-1974 Cross-site scripting (XSS) vulnerability in addevent.php in Horde Kronolith 2.1.7, Groupware Webmail...
E
CVE-2008-1975 SQL injection vulnerability in index.php in E-RESERV 2.1 allows remote attackers to execute arbitrar...
E
CVE-2008-1976 Multiple cross-site scripting (XSS) vulnerabilities in the Drupal modules (1) Internationalization (...
S
CVE-2008-1977 Cross-site request forgery (CSRF) vulnerability in the Internationalization (i18n) Drupal module 5.x...
S
CVE-2008-1978 Cross-site scripting (XSS) vulnerability in the Ubercart 5.x before 5.x-1.0 rc3 module for Drupal al...
S
CVE-2008-1979 The Discovery Service (casdscvc) in CA ARCserve Backup 12.0.5454.0 and earlier allows remote attacke...
E
CVE-2008-1980 Cross-site scripting (XSS) vulnerability in E-Publish 5.x before 5.x-1.1 and 6.x before 6.x-1.0 beta...
S
CVE-2008-1981 Cross-site request forgery (CSRF) vulnerability in E-Publish 5.x before 5.x-1.1 and 6.x before 6.x-1...
S
CVE-2008-1982 SQL injection vulnerability in ss_load.php in the Spreadsheet (wpSS) 0.6 and earlier plugin for Word...
E S
CVE-2008-1983 Cross-site scripting (XSS) vulnerability in Advanced Electron Forum (AEF) 1.0.6 allows remote attack...
E
CVE-2008-1984 The eTrust Common Services (Transport) Daemon (eCSqdmn) in CA Secure Content Manager 8.0.28000.511 a...
E
CVE-2008-1985 Cross-site scripting (XSS) vulnerability in base.php in DigitalHive 2.0 RC2 allows remote attackers ...
E
CVE-2008-1986 Cross-site scripting (XSS) vulnerability in liste_article.php in Blog Pixel Motion (aka PixelMotion)...
E
CVE-2008-1987 Cross-site scripting (XSS) vulnerability in search.php in EncapsGallery 2.0.2 allows remote attacker...
S
CVE-2008-1988 Unrestricted file upload vulnerability in the file_upload function in core/misc.class.php in EncapsG...
CVE-2008-1989 PHP remote file inclusion vulnerability in 123flashchat.php in the 123 Flash Chat 6.8.0 module for e...
E
CVE-2008-1990 Multiple SQL injection vulnerabilities in Acidcat CMS 3.4.1 allow remote attackers to execute arbitr...
E
CVE-2008-1991 Cross-site scripting (XSS) vulnerability in admin_colors_swatch.asp in Acidcat CMS 3.4.1 allows remo...
E
CVE-2008-1992 Acidcat CMS 3.4.1 does not properly restrict access to (1) default_mail_aspemail.asp, (2) default_ma...
E
CVE-2008-1993 Acidcat CMS 3.4.1 does not restrict access to the FCKEditor component, which allows remote attackers...
E
CVE-2008-1994 Multiple stack-based buffer overflows in (a) acon.c, (b) menu.c, and (c) child.c in Acon 1.0.5-5 thr...
CVE-2008-1995 Sun Java System Directory Proxy Server 6.0, 6.1, and 6.2 classifies a connection using the "bind-dn"...
CVE-2008-1996 licq before 1.3.6 allows remote attackers to cause a denial of service (file-descriptor exhaustion a...
E
CVE-2008-1997 Unspecified vulnerability in the ADMIN_SP_C2 procedure in IBM DB2 8 before FP16, 9.1 before FP4a, an...
CVE-2008-1998 The NNSTAT (aka SYSPROC.NNSTAT) procedure in IBM DB2 8 before FP16, 9.1 before FP4a, and 9.5 before ...
CVE-2008-1999 Apple Safari 3.1.1 allows remote attackers to spoof the address bar by placing many "invisible" char...
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.