CVE-2008-2xxx

There are 966 CVE in this subgroup.
Last updated: 
← Back to 2008
ID Summary Flags Max Score
CVE-2008-2000 Unspecified vulnerability in Apple Safari 3.1.1 allows remote attackers to cause a denial of service...
E
CVE-2008-2001 Apple Safari 3.1.1 allows remote attackers to cause a denial of service (application crash) via a fi...
E
CVE-2008-2002 Multiple cross-site request forgery (CSRF) vulnerabilities on Motorola Surfboard with software SB510...
E
CVE-2008-2003 BadBlue 2.72 Personal Edition stores multiple programs in the web document root with insufficient ac...
CVE-2008-2004 The drive_init function in QEMU 0.9.1 determines the format of a raw disk image based on the header,...
E
CVE-2008-2005 The SuiteLink Service (aka slssvc.exe) in WonderWare SuiteLink before 2.0 Patch 01, as used in Wonde...
E
CVE-2008-2006 Apple iCal 3.0.1 on Mac OS X allows remote CalDAV servers, and user-assisted remote attackers, to ca...
E
CVE-2008-2007 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-1035. Reason: This candida...
R
CVE-2008-2008 Buffer overflow in the Display Names message feature in Cerulean Studios Trillian Basic and Pro 3.1....
CVE-2008-2009 Xiph.org libvorbis before 1.0 does not properly check for underpopulated Huffman trees, which allows...
CVE-2008-2010 Unspecified vulnerability in Apple QuickTime Player on Windows XP SP2 and Vista SP1 allows remote at...
CVE-2008-2011 Cross-site scripting (XSS) vulnerability in the National Rail Enquiries Live Departure Boards gadget...
S
CVE-2008-2012 SQL injection vulnerability in index.php in the PostSchedule 1.0 module for PostNuke allows remote a...
E
CVE-2008-2013 SQL injection vulnerability in index.php in the pnFlashGames 1.5 through 2.5 module for PostNuke, wh...
E
CVE-2008-2014 Mozilla Firefox 3.0 beta 5 allows remote attackers to cause a denial of service (application crash) ...
CVE-2008-2015 Multiple absolute path traversal vulnerabilities in certain ActiveX controls in WatchFire AppScan 7....
E
CVE-2008-2016 PHP remote file inclusion vulnerability in Chilek Content Management System (aka ChiCoMaS) 2.0.4 all...
CVE-2008-2017 Directory traversal vulnerability in Chilek Content Management System (aka ChiCoMaS) 2.0.4 allows re...
CVE-2008-2018 The AssignUser function in template.class.php in PHPizabi 0.848b C1 HFP3 performs unsafe macro expan...
E
CVE-2008-2019 Simple Machines Forum (SMF), probably 1.1.4, relies on "randomly generated static" to hinder brute-f...
CVE-2008-2020 The CAPTCHA implementation as used in (1) Francisco Burzi PHP-Nuke 7.0 and 8.1, (2) my123tkShop e-Co...
CVE-2008-2021 Heap-based buffer overflow in Lhaplus before 1.57 allows remote attackers to execute arbitrary code ...
CVE-2008-2022 Mulatiple cross-site scripting (XSS) vulnerabilities in PD9 Software MegaBBS 2.2 allow remote attack...
E
CVE-2008-2023 Multiple SQL injection vulnerabilities in PD9 Software MegaBBS 2.2 allow remote attackers to execute...
E
CVE-2008-2024 Cross-site scripting (XSS) vulnerability in index.php in miniBB 2.2, and possibly earlier, when regi...
E S
CVE-2008-2025 Cross-site scripting (XSS) vulnerability in Apache Struts before 1.2.9-162.31.1 on SUSE Linux Enterp...
S
CVE-2008-2026 Cross-site scripting (XSS) vulnerability in WebID/IISWebAgentIF.dll in RSA Authentication Agent 5.3....
CVE-2008-2027 Open redirect vulnerability in WebID/IISWebAgentIF.dll in RSA Authentication Agent 5.3.0.258 for Web...
CVE-2008-2028 miniBB 2.2, and possibly earlier, when register_globals is enabled, allows remote attackers to obtai...
E S
CVE-2008-2029 Multiple SQL injection vulnerabilities in (1) setup_mysql.php and (2) setup_options.php in miniBB 2....
E S
CVE-2008-2030 Cross-site scripting (XSS) vulnerability in installControl.php3 in F5 FirePass 4100 SSL VPN 5.4.2-5....
E
CVE-2008-2031 VicFTPS 5.0 allows remote attackers to cause a denial of service (crash) via a crafted LIST command,...
CVE-2008-2032 The FTP service in Acritum Femitter Server 1.03 allows remote attackers to cause a denial of service...
CVE-2008-2033 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-1381. Reason: This candida...
R
CVE-2008-2034 SQL injection vulnerability in wp-download_monitor/download.php in the Download Monitor 2.0.6 plugin...
CVE-2008-2035 Cross-site scripting (XSS) vulnerability in the Bluemoon, Inc. (1) BackPack 0.91 and earlier, (2) Bm...
CVE-2008-2036 SQL injection vulnerability in index.php in dream4 Koobi Pro 6.25 allows remote attackers to execute...
E
CVE-2008-2037 Multiple cross-site scripting (XSS) vulnerabilities in EditeurScripts EsContacts 1.0 allow remote au...
E
CVE-2008-2038 Multiple SQL injection vulnerabilities in admin/adminindex.php in Turnkey Web Tools SunShop Shopping...
CVE-2008-2039 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2008-2040 Stack-based buffer overflow in the HTTP::getAuthUserPass function (core/common/http.cpp) in Peercast...
E
CVE-2008-2041 Multiple unspecified vulnerabilities in eGroupWare before 1.4.004 have unspecified attack vectors an...
CVE-2008-2042 The Javascript API in Adobe Acrobat Professional 7.0.9 and possibly 8.1.1 exposes a dangerous method...
CVE-2008-2043 Multiple cross-site request forgery (CSRF) vulnerabilities in cPanel, possibly 11.18.3 and 11.19.3, ...
E
CVE-2008-2044 includes/library.php in netOffice Dwins 1.3 p2 compares the demoSession variable to the 'true' strin...
E
CVE-2008-2045 Absolute path traversal vulnerability in SugarCRM Sugar Community Edition 4.5.1 and 5.0.0 allows rem...
E S
CVE-2008-2046 Cross-site scripting (XSS) vulnerability in index.php in Softpedia SiteXS CMS 0.1.1 Pre-Alpha allows...
E
CVE-2008-2047 Multiple SQL injection vulnerabilities in Angelo-Emlak 1.0 allow remote attackers to execute arbitra...
E
CVE-2008-2048 Cross-site scripting (XSS) vulnerability in hpz/admin/Default.asp in Angelo-Emlak 1.0 allows remote ...
E
CVE-2008-2049 The POP3 server (EPSTPOP3S.EXE) 4.22 in E-Post Mail Server 4.10 allows remote attackers to obtain se...
CVE-2008-2050 Stack-based buffer overflow in the FastCGI SAPI (fastcgi.c) in PHP before 5.2.6 has unknown impact a...
E S
CVE-2008-2051 The escapeshellcmd API function in PHP before 5.2.6 has unknown impact and context-dependent attack ...
CVE-2008-2052 Open redirect vulnerability in redirect.php in Bitrix Site Manager 6.5 allows remote attackers to re...
CVE-2008-2053 Unspecified vulnerability in Cisco Unified Customer Voice Portal (CVP) 4.0.x before 4.0(2)_ES14, 4.1...
S
CVE-2008-2054 Unspecified vulnerability in Cisco CiscoWorks Common Services 3.0.3 through 3.1.1 allows remote atta...
S
CVE-2008-2055 Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.1.x before 7.1(2)70, 7.2....
S
CVE-2008-2056 Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 8.0.x before 8.0(3)9 and 8....
S
CVE-2008-2057 The Instant Messenger (IM) inspection engine in Cisco Adaptive Security Appliance (ASA) and Cisco PI...
S
CVE-2008-2058 Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(3)2 and 8....
S
CVE-2008-2059 Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 8.0.x before 8.0(3)9 allows...
CVE-2008-2060 Unspecified vulnerability in Cisco Intrusion Prevention System (IPS) 5.x before 5.1(8)E2 and 6.x bef...
S
CVE-2008-2061 The Computer Telephony Integration (CTI) Manager service in Cisco Unified Communications Manager (CU...
S
CVE-2008-2062 The Real-Time Information Server (RIS) Data Collector service in Cisco Unified Communications Manage...
S
CVE-2008-2063 SQL injection vulnerability in browse.videos.php in Joovili 3.1 allows remote attackers to execute a...
E
CVE-2008-2064 Multiple unspecified vulnerabilities in PhpGedView before 4.1.5 have unknown impact and attack vecto...
S
CVE-2008-2065 SQL injection vulnerability in jokes.php in YourFreeWorld Jokes Site Script allows remote attackers ...
E
CVE-2008-2066 Cross-site scripting (XSS) vulnerability in bb_admin.php in miniBB 2.2a allows remote attackers to i...
E
CVE-2008-2067 SQL injection vulnerability in bb_admin.php in miniBB 2.2a allows remote attackers to execute arbitr...
CVE-2008-2068 Cross-site scripting (XSS) vulnerability in WordPress 2.5 allows remote attackers to inject arbitrar...
CVE-2008-2069 Buffer overflow in Novell GroupWise 7 allows remote attackers to cause a denial of service or execut...
E
CVE-2008-2070 The WHM interface 11.15.0 for cPanel 11.18 before 11.18.4 and 11.22 before 11.22.3 allows remote att...
E
CVE-2008-2071 Multiple cross-site request forgery (CSRF) vulnerabilities in the WHM interface 11.15.0 for cPanel 1...
CVE-2008-2072 Cross-site scripting (XSS) vulnerability in index.php in Virtual Design Studio vlbook 1.21 allows re...
E
CVE-2008-2073 Directory traversal vulnerability in include/global.inc.php in Virtual Design Studio vlbook 1.21 all...
E
CVE-2008-2074 Multiple PHP remote file inclusion vulnerabilities Harris Yusuf Arifin Harris Wap Chat 1.0, when reg...
E
CVE-2008-2075 Cross-site scripting (XSS) vulnerability in pic.php in AstroCam 2.5.0 through 2.7.3 allows remote at...
E S
CVE-2008-2076 Directory traversal vulnerability in admin.php in ActualScripts ActualAnalyzer Lite 2.78 allows remo...
E
CVE-2008-2077 Unspecified vulnerability in Plain Black WebGUI 7.4.34 has unknown impact and attack vectors related...
S
CVE-2008-2078 Robocode before 1.6.0 allows user-assisted remote attackers to "access the internals of the Robocode...
S
CVE-2008-2079 MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows l...
E S
CVE-2008-2080 Stack-based buffer overflow in the Read32s_64 function in src/lib/cdfread64.c in the NASA Goddard Sp...
E S
CVE-2008-2081 Directory traversal vulnerability in index.php in Siteman 2.0.x2 allows remote authenticated adminis...
E
CVE-2008-2082 Cross-site scripting (XSS) vulnerability in index.php in Siteman 2.0.x2 allows remote attackers to i...
E
CVE-2008-2083 SQL injection vulnerability in directory.php in Prozilla Hosting Index, when magic_quotes_gpc is dis...
E
CVE-2008-2084 SQL injection vulnerability in topics.php in the MyArticles 0.6 beta-1 module for RunCMS allows remo...
E
CVE-2008-2085 Multiple stack-based buffer overflows in the (1) get_remote_ip_media and (2) get_remote_ipv6_media f...
E
CVE-2008-2086 Sun Java Web Start and Java Plug-in for JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update ...
CVE-2008-2087 SQL injection vulnerability in search_result.php in Softbiz Web Host Directory Script, when magic_qu...
E
CVE-2008-2088 SQL injection vulnerability in admin/news.php in PHP Forge 3.0 beta 2 allows remote attackers to exe...
E
CVE-2008-2089 Unspecified vulnerability in the SCTP protocol implementation in Sun Solaris 10 allows remote attack...
CVE-2008-2090 Unspecified vulnerability in the SCTP protocol implementation in Sun Solaris 10 allows remote attack...
CVE-2008-2091 Directory traversal vulnerability in ipn.php in KubeLabs Kubelance 1.6.4 allows remote attackers to ...
E
CVE-2008-2092 Linksys SPA-2102 Phone Adapter 3.3.6 allows remote attackers to cause a denial of service (crash) vi...
E
CVE-2008-2093 SQL injection vulnerability in the Profiler (com_comprofiler) component in Community Builder for Mam...
E
CVE-2008-2094 SQL injection vulnerability in article.php in the Article module for XOOPS allows remote attackers t...
E
CVE-2008-2095 SQL injection vulnerability in index.php in the FlippingBook (com_flippingbook) 1.0.4 component for ...
E
CVE-2008-2096 SQL injection vulnerability in BackLinkSpider allows remote attackers to execute arbitrary SQL comma...
E
CVE-2008-2097 Buffer overflow in the openwsman management service in VMware ESXi 3.5 and ESX 3.5 allows remote aut...
CVE-2008-2098 Heap-based buffer overflow in the VMware Host Guest File System (HGFS) in VMware Workstation 6 befor...
CVE-2008-2099 Unspecified vulnerability in VMCI in VMware Workstation 6 before 6.0.4 build 93057, VMware Player 2 ...
S
CVE-2008-2100 Multiple buffer overflows in VIX API 1.1.x before 1.1.4 build 93057 on VMware Workstation 5.x and 6....
CVE-2008-2101 The VMware Consolidated Backup (VCB) command-line utilities in VMware ESX 3.0.1 through 3.0.3 and ES...
CVE-2008-2103 Cross-site scripting (XSS) vulnerability in Bugzilla 2.17.2 and later allows remote attackers to inj...
E
CVE-2008-2104 The WebService in Bugzilla 3.1.3 allows remote authenticated users without canconfirm privileges to ...
CVE-2008-2105 email_in.pl in Bugzilla 2.23.4, 3.0.x before 3.0.4, and 3.1.x before 3.1.4 allows remote authenticat...
S
CVE-2008-2106 Call of Duty 4 (CoD4) 1.5 and earlier allows remote authenticated users to cause a denial of service...
CVE-2008-2107 The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, when running on 32-bit systems...
E
CVE-2008-2108 The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, when running on 64-bit systems...
E
CVE-2008-2109 field.c in the libid3tag 0.15.0b library allows context-dependent attackers to cause a denial of ser...
E S
CVE-2008-2110 Unrestricted file upload vulnerability in qtofm.php in QTOFileManager 1.0 allows remote attackers to...
E
CVE-2008-2111 The ActiveX Control (yNotifier.dll) in Yahoo! Assistant 3.6 and earlier allows remote attackers to e...
CVE-2008-2112 Unspecified vulnerability in Sun Ray Kiosk Mode 4.0 allows local and remote authenticated Sun Ray ad...
CVE-2008-2113 SQL injection vulnerability in annuaire.php in PHPEasyData 1.5.4 allows remote attackers to execute ...
E
CVE-2008-2114 SQL injection vulnerability in emall/search.php in Pre Shopping Mall 1.1 allows remote attackers to ...
E
CVE-2008-2115 Multiple cross-site scripting (XSS) vulnerabilities in editor.php in ScriptsEZ.net Power Editor 2.0 ...
E
CVE-2008-2116 Multiple directory traversal vulnerabilities in editor.php in ScriptsEZ.net Power Editor 2.0 allow r...
E
CVE-2008-2117 Cross-site scripting (XSS) vulnerability in pages/news.page.inc in Project Alumni 1.0.9 allows remot...
E
CVE-2008-2118 SQL injection vulnerability in info.php in Project Alumni 1.0.9 allows remote attackers to execute a...
E
CVE-2008-2119 Asterisk Open Source 1.0.x and 1.2.x before 1.2.29 and Business Edition A.x.x and B.x.x before B.2.5...
E
CVE-2008-2120 Unspecified vulnerability in Sun Java System Application Server 7 2004Q2 before Update 6, Web Server...
S
CVE-2008-2121 The TCP implementation in Sun Solaris 8, 9, and 10 allows remote attackers to cause a denial of serv...
S
CVE-2008-2122 IBM Rational Build Forge 7.0.2 allows remote attackers to cause a denial of service (CPU consumption...
CVE-2008-2123 Cross-site scripting (XSS) vulnerability in WGate in SAP Internet Transaction Server (ITS) 6.20 allo...
E
CVE-2008-2124 SQL injection vulnerability in modules/print.asp in fipsASP fipsCMS allows remote attackers to execu...
E
CVE-2008-2125 SQL injection vulnerability in viewalbums.php in Musicbox 2.3.6 and 2.3.7 allows remote attackers to...
E
CVE-2008-2126 Multiple cross-site scripting (XSS) vulnerabilities in Tux CMS 0.1 allow remote attackers to inject ...
E
CVE-2008-2127 Cross-site scripting (XSS) vulnerability in search.php in CMS Faethon 2.2 Ultimate allows remote att...
E
CVE-2008-2128 PHP remote file inclusion vulnerability in templates/header.php in CMS Faethon 2.2 Ultimate allows r...
E
CVE-2008-2129 SQL injection vulnerability in index.php in Galleristic 1.0, when magic_quotes_gpc is disabled, allo...
E
CVE-2008-2130 SQL injection vulnerability in poll_vote.php in iGaming CMS 1.5 allows remote attackers to execute a...
E
CVE-2008-2131 Cross-site scripting (XSS) vulnerability in mvnForum 1.1 GA allows remote authenticated users to inj...
S
CVE-2008-2132 SQL injection vulnerability in step1.asp in Systementor PostcardMentor allows remote attackers to ex...
E
CVE-2008-2133 Cross-site scripting (XSS) vulnerability in the Journal module in Tru-Zone Nuke ET 3.x allows remote...
CVE-2008-2134 The Journal module in Tru-Zone Nuke ET 3.x allows remote attackers to obtain access to arbitrary use...
S
CVE-2008-2135 Multiple SQL injection vulnerabilities in VisualShapers ezContents 2.0.0 allow remote attackers to e...
E
CVE-2008-2136 Memory leak in the ipip6_rcv function in net/ipv6/sit.c in the Linux kernel 2.4 before 2.4.36.5 and ...
CVE-2008-2137 The (1) sparc_mmap_check function in arch/sparc/kernel/sys_sparc.c and the (2) sparc64_mmap_check fu...
E
CVE-2008-2138 Oracle Application Server (OracleAS) Portal 10g allows remote attackers to bypass intended access re...
E
CVE-2008-2139 The rootpw plugin in rPath Appliance Platform Agent 2 and 3 does not re-validate requests from a bro...
CVE-2008-2140 Cross-site request forgery (CSRF) vulnerability in the rootpw plugin in rPath Appliance Platform Age...
CVE-2008-2142 Emacs 21 and XEmacs automatically load and execute .flc (fast lock) files that are associated with o...
E
CVE-2008-2143 Unspecified versions of Microsoft Outlook Web Access (OWA) use the Cache-Control: no-cache HTTP dire...
CVE-2008-2144 Multiple unspecified vulnerabilities in Solaris print service for Sun Solaris 8, 9, and 10 allow rem...
CVE-2008-2145 Stack-based buffer overflow in Novell Client 4.91 SP4 and earlier allows local users to cause a deni...
CVE-2008-2146 wp-includes/vars.php in Wordpress before 2.2.3 does not properly extract the current path from the P...
E S
CVE-2008-2147 Untrusted search path vulnerability in VideoLAN VLC before 0.9.0 allows local users to execute arbit...
CVE-2008-2148 The utimensat system call (sys_utimensat) in Linux kernel 2.6.22 and other versions before 2.6.25.3 ...
CVE-2008-2149 Stack-based buffer overflow in the searchwn function in Wordnet 2.0, 2.1, and 3.0 might allow contex...
E
CVE-2008-2152 Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in OpenOffice.o...
CVE-2008-2154 IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP2 provides an INSTALL_JAR (aka sqlj.install_...
S
CVE-2008-2157 robotd in the Library Manager in EMC AlphaStor 3.1 SP1 for Windows allows remote attackers to execut...
CVE-2008-2158 Multiple stack-based buffer overflows in the Command Line Interface process in the Server Agent in E...
CVE-2008-2159 Microsoft Internet Explorer 7 can save encrypted pages in the cache even when the DisableCachingOfSS...
CVE-2008-2160 Multiple unspecified vulnerabilities in the JPEG (GDI+) and GIF image processing in Microsoft Window...
CVE-2008-2161 Buffer overflow in TFTP Server SP 1.4 and 1.5 on Windows, and possibly other versions, allows remote...
E
CVE-2008-2162 Cross-site scripting (XSS) vulnerability in SonicWall Email Security 6.1.1 allows remote attackers t...
E
CVE-2008-2163 Cross-site scripting (XSS) vulnerability in IBM Lotus Quickr 8.1 before Hotfix 5 for Windows and AIX...
S
CVE-2008-2165 Cross-site scripting (XSS) vulnerability in AccessCodeStart.asp in Cisco Building Broadband Service ...
CVE-2008-2166 Cross-site scripting (XSS) vulnerability in the search module in Sun Java System Web Server 6.1 befo...
S
CVE-2008-2167 Cross-site scripting (XSS) vulnerability in ZyXEL ZyWALL 100 allows remote attackers to inject arbit...
E
CVE-2008-2168 Cross-site scripting (XSS) vulnerability in Apache 2.2.6 and earlier allows remote attackers to inje...
E
CVE-2008-2169 Unspecified vulnerability in Avici routers allows remote attackers to cause a denial of service (dro...
CVE-2008-2170 Unspecified vulnerability in Century routers allows remote attackers to cause a denial of service (d...
CVE-2008-2171 Unspecified vulnerability in AlaxalA AX routers allows remote attackers to cause a denial of service...
CVE-2008-2172 Unspecified vulnerability in Hitachi GR routers allows remote attackers to cause a denial of service...
CVE-2008-2173 Unspecified vulnerability in Yamaha routers allows remote attackers to cause a denial of service (dr...
CVE-2008-2174 Multiple unspecified vulnerabilities in Robin Rawson-Tetley Animal Shelter Manager (ASM) before 2.2....
S
CVE-2008-2175 SQL injection vulnerability in comments.php in Gamma Scripts BlogMe PHP 1.1 allows remote attackers ...
E
CVE-2008-2176 Cross-site scripting (XSS) vulnerability in admin/category.php in Zomplog 3.8.2 allows remote attack...
CVE-2008-2177 Multiple SQL injection vulnerabilities in phpDirectorySource 1.1.06, when magic_quotes_gpc is disabl...
E
CVE-2008-2178 Cross-site scripting (XSS) vulnerability in admin.php in LifeType 1.2.7 allows remote attackers to i...
S
CVE-2008-2179 Cross-site scripting (XSS) vulnerability in SystemList.jsp in SysAid 5.1.08 allows remote attackers ...
CVE-2008-2180 Multiple SQL injection vulnerabilities in cpLinks 1.03, when magic_quotes_gpc is disabled, allow rem...
E
CVE-2008-2181 Multiple cross-site scripting (XSS) vulnerabilities in search.php in cpLinks 1.03 allow remote attac...
E
CVE-2008-2182 Cross-site scripting (XSS) vulnerability in the powermail extension before 1.1.10 for TYPO3 allows r...
CVE-2008-2183 SQL injection vulnerability in index.php in SMartBlog (aka SMBlog) 1.3 allows remote attackers to ex...
E
CVE-2008-2184 Multiple SQL injection vulnerabilities in SMartBlog (aka SMBlog) 1.3 allow remote attackers to execu...
CVE-2008-2185 Directory traversal vulnerability in index.php in SMartBlog (aka SMBlog) 1.3 allows remote attackers...
CVE-2008-2186 Cross-site scripting (XSS) vulnerability in index.php in Chilek Content Management System (aka ChiCo...
E
CVE-2008-2187 Cross-site scripting (XSS) vulnerability in mjguest.php in Mjguest 6.7 GT Rev.01 allows remote attac...
E
CVE-2008-2188 Multiple cross-site scripting (XSS) vulnerabilities in EJ3 BlackBook 1.0 allow remote attackers to i...
E
CVE-2008-2189 SQL injection vulnerability in viewfaqs.php in AnServ Auction XL allows remote attackers to execute ...
E
CVE-2008-2190 SQL injection vulnerability in index.php in Online Rent (aka Online Rental Property Script) 4.5 and ...
E
CVE-2008-2191 SQL injection vulnerability in the pnEncyclopedia module 0.2.0 and earlier for PostNuke allows remot...
E
CVE-2008-2192 Static code injection vulnerability in box/minichat/boxpop.php in IT!CMS (aka itcms) 1.9 allows remo...
E
CVE-2008-2193 PHP remote file inclusion vulnerability in example.php in Thomas Gossmann ScorpNews 2.0 allows remot...
E
CVE-2008-2194 SQL injection vulnerability in forums.php in DeluxeBB 1.2 and earlier allows remote attackers to exe...
E
CVE-2008-2195 Static code injection vulnerability in admincp.php in DeluxeBB 1.2 and earlier allows remote authent...
E
CVE-2008-2196 Cross-site scripting (XSS) vulnerability in admin.php in LifeType 1.2.8 allows remote attackers to i...
E
CVE-2008-2197 SQL injection vulnerability in the blogwriter module 2.0 for Miniweb allows remote attackers to exec...
E
CVE-2008-2198 PHP remote file inclusion vulnerability in kmitaadmin/kmitat/htmlcode.php in Kmita Tellfriend 2.0 an...
E
CVE-2008-2199 PHP remote file inclusion vulnerability in kmitaadmin/kmitam/htmlcode.php in Kmita Mail 3.0 and earl...
E
CVE-2008-2200 Multiple cross-site scripting (XSS) vulnerabilities in Maian Weblog 4.0 allow remote attackers to in...
CVE-2008-2201 Multiple cross-site scripting (XSS) vulnerabilities in admin/inc/header.php in Maian Recipe 1.2 allo...
CVE-2008-2202 Multiple cross-site scripting (XSS) vulnerabilities in Maian Uploader 4.0 allow remote attackers to ...
E
CVE-2008-2203 SQL injection vulnerability in search.php in Maian Search 1.1 allows remote attackers to execute arb...
CVE-2008-2204 Multiple cross-site scripting (XSS) vulnerabilities in admin/inc/header.php in Maian Search 1.1 allo...
CVE-2008-2205 SQL injection vulnerability in index.php in Maian Music 1.1 allows remote attackers to execute arbit...
CVE-2008-2206 Multiple cross-site scripting (XSS) vulnerabilities in Maian Music 1.1 allow remote attackers to inj...
CVE-2008-2207 Cross-site scripting (XSS) vulnerability in admin/index.php in Maian Gallery 2.0 allows remote attac...
CVE-2008-2208 SQL injection vulnerability in index.php in Maian Greeting 2.1 allows remote attackers to execute ar...
CVE-2008-2209 Multiple cross-site scripting (XSS) vulnerabilities in admin/inc/header.php in Maian Greeting 2.1 al...
CVE-2008-2210 Multiple cross-site scripting (XSS) vulnerabilities in Maian Support 1.3 allow remote attackers to i...
CVE-2008-2211 Multiple cross-site scripting (XSS) vulnerabilities in admin/inc/footer.php in Maian Guestbook 3.2 a...
CVE-2008-2212 Multiple cross-site scripting (XSS) vulnerabilities in Maian Cart 1.1 allow remote attackers to inje...
CVE-2008-2213 Multiple cross-site scripting (XSS) vulnerabilities in admin/inc/footer.php in Maian Links 3.1 allow...
CVE-2008-2214 Stack-based buffer overflow in the Network Manager in Castle Rock Computing SNMPc 7.1 and earlier al...
S
CVE-2008-2215 Multiple directory traversal vulnerabilities in Project-Based Calendaring System (PBCS) 0.7.1-1 allo...
E
CVE-2008-2216 Unrestricted file upload vulnerability in src/yopy_upload.php in Project-Based Calendaring System (P...
E
CVE-2008-2217 Directory traversal vulnerability in cm/graphie.php in Content Management System 0.6.1 for Phprojekt...
E
CVE-2008-2218 Buffer overflow in the Multimedia PC Client in Nortel Multimedia Communication Server (MCS) before M...
CVE-2008-2219 Cross-site scripting (XSS) vulnerability in install.php in C-News.fr C-News 1.0.1 allows remote atta...
E
CVE-2008-2220 Multiple PHP remote file inclusion vulnerabilities in Interact Learning Community Environment Intera...
E
CVE-2008-2221 Unspecified vulnerability in the Java plugin in IBM WebSphere Application Server 5.0.2 allows untrus...
CVE-2008-2222 SQL injection vulnerability in login.php in EQdkp 1.3.2f allows remote attackers to bypass EQdkp use...
E
CVE-2008-2223 SQL injection vulnerability in group_posts.php in vShare YouTube Clone 2.6 allows remote attackers t...
E S
CVE-2008-2224 Multiple PHP remote file inclusion vulnerabilities in SazCart 1.5.1, when register_globals is enable...
E
CVE-2008-2225 SQL injection vulnerability in index.php in gameCMS Lite 1.0 allows remote attackers to execute arbi...
E
CVE-2008-2226 Unspecified vulnerability in the export feature in OpenKM before 2.0 allows remote attackers to expo...
CVE-2008-2227 Multiple directory traversal vulnerabilities in PHP-Fusion Forum Rank System 6 allow remote attacker...
E
CVE-2008-2228 PHP remote file inclusion vulnerability in portfolio/commentaires/derniers_commentaires.php in Cyber...
E
CVE-2008-2230 Untrusted search path vulnerability in (1) reportbug 3.8 and 3.31, and (2) reportbug-ng before 0.200...
E
CVE-2008-2231 SQL injection vulnerability in Slashdot Like Automated Storytelling Homepage (Slash) (aka Slashcode)...
CVE-2008-2232 The expand_template function in afuse.c in afuse 0.2 allows local users to gain privileges via shell...
CVE-2008-2233 The client in Openwsman 1.2.0 and 2.0.0, in unknown configurations, allows remote Openwsman servers ...
S
CVE-2008-2234 Multiple buffer overflows in Openwsman 1.2.0 and 2.0.0 allow remote attackers to execute arbitrary c...
CVE-2008-2235 OpenSC before 0.11.5 uses weak permissions (ADMIN file control information of 00) for the 5015 direc...
S
CVE-2008-2236 Cross-site scripting (XSS) vulnerability in blosxom.cgi in Blosxom before 2.1.2 allows remote attack...
CVE-2008-2237 Heap-based buffer overflow in OpenOffice.org (OOo) 2.x before 2.4.2 allows remote attackers to execu...
S
CVE-2008-2238 Multiple integer overflows in OpenOffice.org (OOo) 2.x before 2.4.2 allow remote attackers to execut...
S
CVE-2008-2240 Stack-based buffer overflow in the Web Server service in IBM Lotus Domino before 7.0.3 FP1, and 8.x ...
S
CVE-2008-2241 Directory traversal vulnerability in caloggerd in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5...
S
CVE-2008-2242 Multiple buffer overflows in xdr functions in the server in CA BrightStor ARCServe Backup 11.0, 11.1...
S
CVE-2008-2243 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2008-2244 Microsoft Office Word 2002 SP3 allows remote attackers to execute arbitrary code via a .doc file tha...
CVE-2008-2245 Heap-based buffer overflow in the InternalOpenColorProfile function in mscms.dll in Microsoft Window...
E S
CVE-2008-2246 Microsoft Windows Vista through SP1 and Server 2008 do not properly import the default IPsec policy ...
S
CVE-2008-2247 Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) for Exchange Server 2003 SP2 al...
E S
CVE-2008-2248 Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) for Exchange Server 2003 SP2 al...
S
CVE-2008-2249 Integer overflow in GDI in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vist...
CVE-2008-2250 The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP...
S
CVE-2008-2251 Double free vulnerability in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 S...
S
CVE-2008-2252 The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP...
S
CVE-2008-2253 Unspecified vulnerability in Microsoft Windows Media Player 11 allows remote attackers to execute ar...
CVE-2008-2254 Microsoft Internet Explorer 6 and 7 accesses uninitialized memory, which allows remote attackers to ...
S
CVE-2008-2255 Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized memory, which allows remote attack...
S
CVE-2008-2256 Microsoft Internet Explorer 5.01, 6, and 7 does not properly handle objects that have been incorrect...
S
CVE-2008-2257 Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized memory in certain conditions, whic...
S
CVE-2008-2258 Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized memory in certain conditions, whic...
S
CVE-2008-2259 Microsoft Internet Explorer 6 and 7 does not perform proper "argument validation" during print previ...
CVE-2008-2260 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2008-2261 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2008-2262 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2008-2263 SQL injection vulnerability in linking.page.php in Automated Link Exchange Portal allows remote atta...
E
CVE-2008-2264 Cross-site scripting (XSS) vulnerability in index.php in CyrixMED 1.4 allows remote attackers to inj...
E
CVE-2008-2265 SQL injection vulnerability in news.php in EMO Realty Manager allows remote attackers to execute arb...
E
CVE-2008-2266 uulib/uunconc.c in UUDeview 0.5.20, as used in nzbget before 0.3.0 and possibly other products, allo...
CVE-2008-2267 Incomplete blacklist vulnerability in javaUpload.php in Postlet in the FileManager module in CMS Mad...
E
CVE-2008-2268 Open redirect vulnerability in interface/redirect.htm.php in Mjguest 6.7 GT Rev.01 allows user-assis...
CVE-2008-2269 AustinSmoke GasTracker (AS-GasTracker) 1.0.0 allows remote attackers to bypass authentication and ga...
E
CVE-2008-2270 Multiple PHP remote file inclusion vulnerabilities in PHPWAY Kostenloses Linkmanagementscript allow ...
E
CVE-2008-2271 The Site Documentation Drupal module 5.x before 5.x-1.8 and 6.x before 6.x-1.1 allows remote authent...
CVE-2008-2272 Multiple cross-site scripting (XSS) vulnerabilities in the web interface in Aruba Mobility Controlle...
CVE-2008-2273 Unspecified vulnerability in the TACACS authentication component in Aruba Mobility Controller 3.1.x,...
CVE-2008-2274 Cross-site scripting (XSS) vulnerability in the sr_feuser_register 1.4.0, 1.6.0, 2.2.1 to 2.2.7, 2.3...
S
CVE-2008-2275 Unspecified vulnerability in sr_feuser_register 1.4.0, 1.6.0, 2.2.1 to 2.2.7, 2.3.0 to 2.3.6, 2.4.0,...
S
CVE-2008-2276 Cross-site request forgery (CSRF) vulnerability in manage_user_create.php in Mantis 1.1.1 allows rem...
E
CVE-2008-2277 SQL injection vulnerability in detail.php in Feedback and Rating Script 1.0 allows remote attackers ...
E
CVE-2008-2278 SQL injection vulnerability in browseproject.php in Freelance Auction Script 1.0 allows remote attac...
E
CVE-2008-2279 Freelance Auction Script 1.0 stores user passwords in plaintext in the tbl_users table, which allows...
E
CVE-2008-2280 Cross-site scripting (XSS) vulnerability in admin/index.php in Script PHP PicEngine 1.0 allows remot...
E
CVE-2008-2281 Cross-zone scripting vulnerability in the Print Table of Links feature in Internet Explorer 6.0, 7.0...
E
CVE-2008-2282 admin.php in Internet Photoshow and Internet Photoshow Special Edition (SE) allows remote attackers ...
E
CVE-2008-2283 IDAutomation allows remote attackers to overwrite arbitrary files via the argument to the (1) SaveBa...
E
CVE-2008-2284 PHP remote file inclusion vulnerability in fusebox5.php in Fusebox 5.5.1 allows remote attackers to ...
E
CVE-2008-2285 The ssh-vulnkey tool on Ubuntu Linux 7.04, 7.10, and 8.04 LTS does not recognize authorized_keys lin...
CVE-2008-2286 SQL injection vulnerability in axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x ...
E S
CVE-2008-2287 Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 does not properly protect the in...
S
CVE-2008-2288 Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 has insufficient access control ...
S
CVE-2008-2289 Unspecified vulnerability in a tooltip element in Symantec Altiris Deployment Solution 6.8.x and 6.9...
CVE-2008-2290 Unspecified vulnerability in the Agent user interface in Symantec Altiris Deployment Solution 6.8.x ...
CVE-2008-2291 axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 generates creden...
S
CVE-2008-2292 Buffer overflow in the __snprint_value function in snmp_get in Net-SNMP 5.1.4, 5.2.4, and 5.4.1, as ...
CVE-2008-2293 admin.php in Multi-Page Comment System (MPCS) 1.0 and 1.1 allows remote attackers to bypass authenti...
E
CVE-2008-2294 Pet Grooming Management System 2.0 allows remote attackers to gain privileges via a direct request t...
E
CVE-2008-2295 Cross-site scripting (XSS) vulnerability in rg_search.php in Rgboard 3.0.12, and possibly earlier ve...
E
CVE-2008-2296 PHP remote file inclusion vulnerability in include/bbs.lib.inc.php in Rgboard 3.0.12 allows remote a...
E
CVE-2008-2297 The admin.php file in Rantx allows remote attackers to bypass authentication and gain privileges by ...
E
CVE-2008-2298 Admin.php in Web Slider 0.6 allows remote attackers to bypass authentication and gain privileges by ...
E
CVE-2008-2299 Unspecified vulnerability in SecureICA and ICA Basic encryption of Citrix Presentation Server 4.5 an...
S
CVE-2008-2300 Unspecified vulnerability in Citrix Presentation Server 4.5 and earlier, Citrix Access Essentials 2....
CVE-2008-2301 SQL injection vulnerability in Kostenloses Linkmanagementscript allows remote attackers to execute a...
E
CVE-2008-2302 Cross-site scripting (XSS) vulnerability in the login form in the administration application in Djan...
S
CVE-2008-2303 Integer signedness error in Safari on Apple iPhone before 2.0 and iPod touch before 2.0 allows remot...
CVE-2008-2304 Buffer overflow in Apple Core Image Fun House 2.0 and earlier in CoreImage Examples in Xcode tools b...
E
CVE-2008-2305 Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.4.11 and 10.5 through 1...
S
CVE-2008-2306 Apple Safari before 3.1.2 on Windows does not properly interpret the URLACTION_SHELL_EXECUTE_HIGHRIS...
S
CVE-2008-2307 Unspecified vulnerability in WebKit in Apple Safari before 3.1.2, as distributed in Mac OS X before ...
S
CVE-2008-2308 Unspecified vulnerability in Alias Manager in Apple Mac OS X 10.5.1 and earlier on Intel platforms a...
S
CVE-2008-2309 Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X before 10.5.4 allows user-assisted...
S
CVE-2008-2310 Format string vulnerability in c++filt in Apple Mac OS X 10.5 before 10.5.4 allows user-assisted att...
S
CVE-2008-2311 Launch Services in Apple Mac OS X before 10.5, when Open Safe Files is enabled, allows remote attack...
S
CVE-2008-2312 Network Preferences in Apple Mac OS X 10.4.11 stores PPP passwords in cleartext in a world-readable ...
S
CVE-2008-2313 Apple Mac OS X before 10.5 uses weak permissions for the User Template directory, which allows local...
CVE-2008-2314 Dock in Apple Mac OS X 10.5 before 10.5.4, when Exposé hot corners is enabled, allows physically pro...
CVE-2008-2315 Multiple integer overflows in Python 2.5.2 and earlier allow context-dependent attackers to have an ...
E
CVE-2008-2316 Integer overflow in _hashopenssl.c in the hashlib module in Python 2.5.2 and earlier might allow con...
E
CVE-2008-2317 WebCore in Apple Safari does not properly perform garbage collection of JavaScript document elements...
CVE-2008-2318 The WOHyperlink implementation in WebObjects in Apple Xcode tools before 3.1 appends local session I...
CVE-2008-2320 Stack-based buffer overflow in CarbonCore in Apple Mac OS X 10.4.11 and 10.5.4, iPhone OS 1.0 throug...
S
CVE-2008-2321 Unspecified vulnerability in CoreGraphics in Apple Mac OS X 10.4.11 and 10.5.4 allows remote attacke...
S
CVE-2008-2322 Integer overflow in CoreGraphics in Apple Mac OS X 10.4.11, 10.5.2, and 10.5.4 allows remote attacke...
S
CVE-2008-2323 Unspecified vulnerability in Data Detectors Engine in Apple Mac OS X 10.5.4 allows attackers to caus...
S
CVE-2008-2324 The Repair Permissions tool in Disk Utility in Apple Mac OS X 10.4.11 adds the setuid bit to the ema...
CVE-2008-2325 QuickLook in Apple Mac OS X 10.4.11 and 10.5.4 allows remote attackers to execute arbitrary code or ...
S
CVE-2008-2326 mDNSResponder in the Bonjour Namespace Provider in Apple Bonjour for Windows before 1.0.5 allows att...
S
CVE-2008-2327 Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functi...
S
CVE-2008-2329 Directory Services in Apple Mac OS X 10.5 through 10.5.4, when Active Directory is used, allows atta...
S
CVE-2008-2330 slapconfig in Directory Services in Apple Mac OS X 10.5 through 10.5.4 allows local users to select ...
S
CVE-2008-2331 Finder in Apple Mac OS X 10.5 through 10.5.4 does not properly update permission data in the Get Inf...
S
CVE-2008-2332 ImageIO in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows context-dependent attackers to caus...
S
CVE-2008-2333 Cross-site scripting (XSS) vulnerability in ldap_test.cgi in Barracuda Spam Firewall (BSF) before 3....
S
CVE-2008-2334 Multiple SQL injection vulnerabilities in W1L3D4 Philboard 0.5 allow remote attackers to execute arb...
E
CVE-2008-2335 Cross-site scripting (XSS) vulnerability in search_results.php in Vastal I-Tech phpVID 1.1 and 1.2 a...
E
CVE-2008-2336 SQL injection vulnerability in category.php in 68 Classifieds 4.0.1 allows remote attackers to execu...
E
CVE-2008-2337 Multiple SQL injection vulnerabilities in IMGallery 2.5, when magic_quotes_gpc is disabled, allow re...
E
CVE-2008-2338 Interspire ActiveKB 1.5 and earlier allows remote attackers to gain privileges by setting the auth c...
E
CVE-2008-2339 SQL injection vulnerability in index.php in Turnkey Web Tools SunShop Shopping Cart 3.5.1 allows rem...
E
CVE-2008-2340 Multiple SQL injection vulnerabilities in News Manager 2.0 allow remote attackers to execute arbitra...
E
CVE-2008-2341 PHP remote file inclusion vulnerability in ch_readalso.php in News Manager 2.0 allows remote attacke...
E
CVE-2008-2342 Directory traversal vulnerability in attachments.php in News Manager 2.0 allows remote attackers to ...
E
CVE-2008-2343 News Manager 2.0 allows remote attackers to bypass restrictions and obtain sensitive information via...
E
CVE-2008-2344 Cross-site scripting (XSS) vulnerability in the air_filemanager 0.6.0 and earlier extension for TYPO...
CVE-2008-2345 Unspecified vulnerability in the air_filemanager 0.6.0 and earlier extension for TYPO3 allows remote...
S
CVE-2008-2346 AlkalinePHP 0.77.35 and earlier allows remote attackers to bypass authentication and gain administra...
E
CVE-2008-2347 MyPicGallery 1.0 allows remote attackers to bypass application authentication and gain administrativ...
E
CVE-2008-2348 MeltingIce File System 1.0 allows remote attackers to bypass application authentication, create new ...
E
CVE-2008-2349 Zomplog 3.8.2 and earlier allows remote attackers to gain administrative access by creating an admin...
E
CVE-2008-2350 Directory traversal vulnerability in highlight.php in bcoos 1.0.9 through 1.0.13 allows remote attac...
E
CVE-2008-2351 Multiple SQL injection vulnerabilities in index.php in CMS WebManager-Pro allow remote attackers to ...
E
CVE-2008-2352 Directory traversal vulnerability in index.php in Smeego 1.0, when magic_quotes_gpc is disabled, all...
E
CVE-2008-2353 Directory traversal vulnerability in admin.php in GNU/Gallery 1.1.1.0 and earlier allows remote atta...
E
CVE-2008-2354 Unspecified vulnerability in the data export function in testMaker before 3.0p10 allows test authors...
S
CVE-2008-2355 Directory traversal vulnerability in index.php in WR-Meeting 1.0, when magic_quotes_gpc is disabled,...
E
CVE-2008-2356 SQL injection vulnerability in index.php in Archangel Weblog 0.90.02 and earlier allows remote attac...
E
CVE-2008-2357 Stack-based buffer overflow in the split_redraw function in split.c in mtr before 0.73, when invoked...
E
CVE-2008-2358 Integer overflow in the dccp_feat_change function in net/dccp/feat.c in the Datagram Congestion Cont...
CVE-2008-2359 The default configuration of consolehelper in system-config-network before 1.5.10-1 on Fedora 8 lack...
CVE-2008-2360 Integer overflow in the AllocateGlyph function in the Render extension in the X server 1.4 in X.Org ...
S
CVE-2008-2361 Integer overflow in the ProcRenderCreateCursor function in the Render extension in the X server 1.4 ...
S
CVE-2008-2362 Multiple integer overflows in the Render extension in the X server 1.4 in X.Org X11R7.3 allow contex...
S
CVE-2008-2363 The PartsBatch class in Pan 0.132 and earlier does not properly manage the data structures for Parts...
S
CVE-2008-2364 The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module in the Apach...
S
CVE-2008-2365 Race condition in the ptrace and utrace support in the Linux kernel 2.6.9 through 2.6.25, as used in...
S
CVE-2008-2366 Untrusted search path vulnerability in a certain Red Hat build script for OpenOffice.org (OOo) 1.1.x...
CVE-2008-2367 Red Hat Certificate System 7.2 uses world-readable permissions for password.conf and unspecified oth...
CVE-2008-2368 Red Hat Certificate System 7.2 stores passwords in cleartext in the UserDirEnrollment log, the RA wi...
CVE-2008-2369 manzier.pxt in Red Hat Network Satellite Server before 5.1.1 has a hard-coded authentication key, wh...
CVE-2008-2370 Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when a RequestDi...
E S
CVE-2008-2371 Heap-based buffer overflow in pcre_compile.c in the Perl-Compatible Regular Expression (PCRE) librar...
E
CVE-2008-2372 The Linux kernel 2.6.24 and 2.6.25 before 2.6.25.9 allows local users to cause a denial of service (...
CVE-2008-2373 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-2863. Reason: This candida...
R
CVE-2008-2374 src/sdp.c in bluez-libs 3.30 in BlueZ, and other bluez-libs before 3.34 and bluez-utils before 3.34 ...
E
CVE-2008-2375 Memory leak in a certain Red Hat deployment of vsftpd before 2.0.5 on Red Hat Enterprise Linux (RHEL...
E
CVE-2008-2376 Integer overflow in the rb_ary_fill function in array.c in Ruby before revision 17756 allows context...
CVE-2008-2377 Use-after-free vulnerability in the _gnutls_handshake_hash_buffers_clear function in lib/gnutls_hand...
E S
CVE-2008-2378 Untrusted search path vulnerability in hfkernel in hf 0.7.3 and 0.8 allows local users to gain privi...
S
CVE-2008-2379 Cross-site scripting (XSS) vulnerability in SquirrelMail before 1.4.17 allows remote attackers to in...
CVE-2008-2380 SQL injection vulnerability in authpgsqllib.c in Courier-Authlib before 0.62.0, when a non-Latin loc...
S
CVE-2008-2381 SQL injection vulnerability in the create function in common/include/GroupJoinRequest.class in GForg...
CVE-2008-2382 The protocol_client_msg function in vnc.c in the VNC server in (1) Qemu 0.9.1 and earlier and (2) KV...
E
CVE-2008-2383 CRLF injection vulnerability in xterm allows user-assisted attackers to execute arbitrary commands v...
CVE-2008-2384 SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql...
S
CVE-2008-2388 Multiple off-by-one errors in opensuse-updater in openSUSE 10.2 have unspecified impact and attack v...
CVE-2008-2389 opensuse-updater in openSUSE 10.2 allows local users to access arbitrary files via a symlink attack....
CVE-2008-2390 Hpufunction.dll 4.0.0.1 in HP Software Update exposes the unsafe (1) ExecuteAsync and (2) Execute me...
E
CVE-2008-2391 SubSonic allows remote attackers to bypass pagesize limits and cause a denial of service (CPU consum...
CVE-2008-2392 Unrestricted file upload vulnerability in WordPress 2.5.1 and earlier might allow remote authenticat...
CVE-2008-2393 SQL injection vulnerability in play.php in EntertainmentScript 1.4.0 allows remote attackers to exec...
E
CVE-2008-2394 Multiple SQL injection vulnerabilities in TAGWORX.CMS 3.00.02 allow remote attackers to execute arbi...
E
CVE-2008-2395 SQL injection vulnerability in thread.php in AlkalinePHP 0.80.00 beta and earlier allows remote atta...
E
CVE-2008-2396 PHP remote file inclusion vulnerability in index.php in Wajox Software microSSys CMS 1.5 and earlier...
E
CVE-2008-2397 Cross-site scripting (XSS) vulnerability in search-results.dot in dotCMS 1.x allows remote attackers...
CVE-2008-2398 Cross-site scripting (XSS) vulnerability in index.php in AppServ Open Project 2.5.10 and earlier all...
E
CVE-2008-2399 Directory traversal vulnerability in the FireFTP add-on before 0.98.20080518 for Firefox allows remo...
E
CVE-2008-2400 Unspecified vulnerability in stunnel before 4.23, when running as a service on Windows, allows local...
CVE-2008-2401 The Admin Server in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers t...
CVE-2008-2402 The Admin Server in Sun Java Active Server Pages (ASP) Server before 4.0.3 stores sensitive informat...
S
CVE-2008-2403 Multiple directory traversal vulnerabilities in unspecified ASP applications in Sun Java Active Serv...
S
CVE-2008-2404 Stack-based buffer overflow in the request handling implementation in Sun Java Active Server Pages (...
S
CVE-2008-2405 Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to execute arbitrary ...
CVE-2008-2406 The administration application server in Sun Java Active Server Pages (ASP) Server before 4.0.3 allo...
CVE-2008-2407 Stack-based buffer overflow in AIM.DLL in Cerulean Studios Trillian before 3.1.10.0 allows user-assi...
S
CVE-2008-2408 Heap-based buffer overflow in the XML parsing functionality in talk.dll in Cerulean Studios Trillian...
S
CVE-2008-2409 Stack-based buffer overflow in Cerulean Studios Trillian before 3.1.10.0 allows remote attackers to ...
S
CVE-2008-2410 Cross-site scripting (XSS) vulnerability in the servlet engine and Web container in the Web Server s...
CVE-2008-2411 SQL injection vulnerability in index.php in SazCart 1.5.1 and earlier, when magic_quotes_gpc is disa...
E
CVE-2008-2412 SQL injection vulnerability in glossaire.php in ACGV News 0.9.1 allows remote attackers to execute a...
E
CVE-2008-2413 Cross-site scripting (XSS) vulnerability in glossaire.php in ACGV News 0.9.1 allows remote attackers...
E
CVE-2008-2414 Cross-site scripting (XSS) vulnerability in send_email.php in AN Guestbook (ANG) 0.4 allows remote a...
CVE-2008-2415 Directory traversal vulnerability in template/purpletech/base_include.php in DigitalHive (aka hive) ...
E
CVE-2008-2416 SQL injection vulnerability in index.php in FicHive 1.0 allows remote attackers to execute arbitrary...
E
CVE-2008-2417 SQL injection vulnerability in showQAnswer.asp in How2ASP.net Webboard 4.1 allows remote attackers t...
E
CVE-2008-2418 Race condition in the STREAMS Administrative Driver (sad) in Sun Solaris 10 allows local users to ca...
CVE-2008-2419 Mozilla Firefox 2.0.0.14 allows remote attackers to cause a denial of service (heap corruption and a...
E
CVE-2008-2420 The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists ...
S
CVE-2008-2421 Cross-site scripting (XSS) vulnerability in the Web GUI in SAP Web Application Server (WAS) 7.0, Web...
E
CVE-2008-2422 SQL injection vulnerability in index.php in Web Slider 0.6 allows remote attackers to execute arbitr...
E
CVE-2008-2423 Unspecified vulnerability in Interchange before 5.6.0 and before 5.5.2 allows remote attackers to ca...
CVE-2008-2424 Unspecified vulnerability in the 404 error page for the "Standard demo" in Interchange before 5.6.0 ...
S
CVE-2008-2425 SQL injection vulnerability in index.php in FicHive 1.0 allows remote attackers to execute arbitrary...
CVE-2008-2426 Multiple stack-based buffer overflows in Imlib 2 (aka imlib2) 1.4.0 allow user-assisted remote attac...
CVE-2008-2427 Stack-based buffer overflow in NConvert 4.92, GFL SDK 2.82, and XnView 1.93.6 on Windows and 1.70 on...
E
CVE-2008-2428 Multiple SQL injection vulnerabilities in TorrentTrader 1.08 Classic allow remote attackers to execu...
CVE-2008-2429 Multiple SQL injection vulnerabilities in Calendarix Basic 0.8.20071118 allow remote attackers to ex...
CVE-2008-2430 Integer overflow in the Open function in modules/demux/wav.c in VLC Media Player 0.8.6h on Windows a...
CVE-2008-2431 Multiple buffer overflows in Novell iPrint Client before 5.06 allow remote attackers to execute arbi...
CVE-2008-2432 Insecure method vulnerability in the GetFileList method in an unspecified ActiveX control in Novell ...
CVE-2008-2433 The web management console in Trend Micro OfficeScan 7.0 through 8.0, Worry-Free Business Security 5...
S
CVE-2008-2434 The Trend Micro HouseCall ActiveX control 6.51.0.1028 and 6.6.0.1278 in Housecall_ActiveX.dll allows...
CVE-2008-2435 Use-after-free vulnerability in the Trend Micro HouseCall ActiveX control 6.51.0.1028 and 6.6.0.1278...
CVE-2008-2436 Multiple heap-based buffer overflows in the IppCreateServerRef function in nipplib.dll in Novell iPr...
S
CVE-2008-2437 Stack-based buffer overflow in cgiRecvFile.exe in Trend Micro OfficeScan 7.3 patch 4 build 1362 and ...
S
CVE-2008-2438 Integer overflow in ovalarmsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53...
S
CVE-2008-2439 Directory traversal vulnerability in the UpdateAgent function in TmListen.exe in the OfficeScanNT Li...
S
CVE-2008-2441 Cisco Secure ACS 3.x before 3.3(4) Build 12 patch 7, 4.0.x, 4.1.x before 4.1(4) Build 13 Patch 11, a...
CVE-2008-2443 SQL injection vulnerability in dpage.php in The Real Estate Script allows remote attackers to execut...
E
CVE-2008-2444 SQL injection vulnerability in userreg.php in CaLogic Calendars 1.2.2 allows remote attackers to exe...
E
CVE-2008-2445 Cross-site scripting (XSS) vulnerability in profile.php in Web Group Communication Center (WGCC) 1.0...
E
CVE-2008-2446 Multiple SQL injection vulnerabilities in Web Group Communication Center (WGCC) 1.0.3 PreRelease 1 a...
E
CVE-2008-2447 SQL injection vulnerability in products.php in the Mytipper ZoGo-shop plugin 1.15.5 and 1.16 Beta 13...
E
CVE-2008-2448 Multiple SQL injection vulnerabilities in Meto Forum 1.1 allow remote attackers to execute arbitrary...
E
CVE-2008-2449 Multiple cross-site scripting (XSS) vulnerabilities in Isaac McGowan phpInstantGallery 2.0 allow rem...
E
CVE-2008-2450 Multiple cross-site scripting (XSS) vulnerabilities in the Statistics (aka ke_stats) extension 0.1.2...
CVE-2008-2451 Multiple SQL injection vulnerabilities in the Statistics (aka ke_stats) extension 0.1.2 and earlier ...
CVE-2008-2452 Cross-site scripting (XSS) vulnerability in the Questionaire (aka pbsurvey) extension 1.2.0 and earl...
CVE-2008-2453 Multiple SQL injection vulnerabilities in PHP Classifieds Script allow remote attackers to execute a...
E
CVE-2008-2454 SQL injection vulnerability in the xsstream-dm (com_xsstream-dm) component 0.01 Beta for Joomla! all...
E
CVE-2008-2455 SQL injection vulnerability in comment.php in the MacGuru BLOG Engine plugin 2.2 for e107 allows rem...
E
CVE-2008-2456 SQL injection vulnerability in index.php in ComicShout 2.5 and earlier allows remote attackers to ex...
E
CVE-2008-2457 SQL injection vulnerability in jokes_category.php in PHP-Jokesite 2.0 allows remote attackers to exe...
E
CVE-2008-2458 Cross-site scripting (XSS) vulnerability in index.php in Starsgames Control Panel 4.6.2 and earlier ...
E
CVE-2008-2459 Directory traversal vulnerability in page.php in EntertainmentScript 1.4.0 allows remote attackers t...
E
CVE-2008-2460 SQL injection vulnerability in faq.php in vBulletin 3.7.0 Gold allows remote attackers to execute ar...
E
CVE-2008-2461 SQL injection vulnerability in index.php in Netious CMS 0.4 allows remote attackers to execute arbit...
E
CVE-2008-2462 Cross-site scripting (XSS) vulnerability in the viewfile documentation command in Caucho Resin befor...
CVE-2008-2463 The Microsoft Office Snapshot Viewer ActiveX control in snapview.ocx 10.0.5529.0, as distributed in ...
E
CVE-2008-2464 The mld_input function in sys/netinet6/mld6.c in the kernel in NetBSD 4.0, FreeBSD, and KAME, when I...
E
CVE-2008-2468 Multiple buffer overflows in the QIP Server Service (aka qipsrvr.exe) in LANDesk Management Suite, S...
S
CVE-2008-2469 Heap-based buffer overflow in the SPF_dns_resolv_lookup function in Spf_dns_resolv.c in libspf2 befo...
E S
CVE-2008-2470 The InstallShield Update Service Agent ActiveX control in isusweb.dll allows remote attackers to cau...
S
CVE-2008-2474 Buffer overflow in x87 before 3.5.5 in ABB Process Communication Unit 400 (PCU400) 4.4 through 4.6 a...
CVE-2008-2475 eBay Enhanced Picture Uploader ActiveX control (EPUWALcontrol.dll) before 1.0.27 allows remote attac...
S
CVE-2008-2476 The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1, (2) OpenBS...
CVE-2008-2477 SQL injection vulnerability in index.php in MxBB (aka MX-System) Portal 2.7.3 allows remote attacker...
E
CVE-2008-2478 scripts/wwwacct in cPanel 11.18.6 STABLE and earlier and 11.23.1 CURRENT and earlier allows remote a...
E
CVE-2008-2479 Multiple SQL injection vulnerabilities in phpFix 2.0 allow remote attackers to execute arbitrary SQL...
E
CVE-2008-2480 PHP remote file inclusion vulnerability in plus.php in plusPHP Short URL Multi-User Script 1.6 allow...
E
CVE-2008-2481 PHP remote file inclusion vulnerability in authentication/phpbb3/phpbb3.functions.php in phpRaider 1...
E
CVE-2008-2482 Directory traversal vulnerability in install_mod.php in insanevisions OneCMS 2.5 allows remote attac...
E
CVE-2008-2483 Directory traversal vulnerability in index.php in Xomol CMS 1.20071213 allows remote attackers to in...
E
CVE-2008-2484 SQL injection vulnerability in index.php in Xomol CMS 1.20071213, when magic_quotes_gpc is disabled,...
E
CVE-2008-2485 Cross-site scripting (XSS) vulnerability in the URL redirection script (inc/url_redirection.inc.php)...
CVE-2008-2486 Unspecified vulnerability in eMule Plus before 1.2d has unknown impact and attack vectors related to...
CVE-2008-2487 SQL injection vulnerability in index.php in MAXSITE 1.10 and earlier allows remote attackers to exec...
E
CVE-2008-2488 admin/userform.php in RoomPHPlanning 1.5 does not require administrative credentials, which allows r...
E
CVE-2008-2489 SQL injection vulnerability in the Library for Frontend Plugins (aka sg_zfelib) extension 1.1.512 an...
S
CVE-2008-2490 Cross-site scripting (XSS) vulnerability in the KJ Image Lightbox 2 (aka kj_imagelightbox2) extensio...
S
CVE-2008-2491 SQL injection vulnerability in adv_cat.php in AbleSpace 1.0 allows remote attackers to execute arbit...
E
CVE-2008-2492 Multiple SQL injection vulnerabilities in Campus Bulletin Board 3.4 allow remote attackers to execut...
E
CVE-2008-2493 Cross-site scripting (XSS) vulnerability in post3/Book.asp in Campus Bulletin Board 3.4 allows remot...
E
CVE-2008-2494 Cross-site scripting (XSS) vulnerability in index.php in Zina 1.0 RC3 allows remote attackers to inj...
CVE-2008-2495 Directory traversal vulnerability in index.php in Zina 1.0 RC3 allows remote attackers to have an un...
CVE-2008-2496 Multiple cross-site scripting (XSS) vulnerabilities in Quate CMS 0.3.4 allow remote attackers to inj...
E
CVE-2008-2497 CRLF injection vulnerability in Mambo before 4.6.4 allows remote attackers to inject arbitrary HTTP ...
S
CVE-2008-2498 Multiple SQL injection vulnerabilities in index.php in Mambo before 4.6.4, when magic_quotes_gpc is ...
S
CVE-2008-2499 Stack-based buffer overflow in the Community Services Multiplexer (aka MUX or StMux.exe) in IBM Lotu...
E
CVE-2008-2500 Cross-site scripting (XSS) vulnerability in the MOStlyContent Editor (MOStlyCE) component before 3.0...
S
CVE-2008-2501 Multiple SQL injection vulnerabilities in PHPhotoalbum 0.5 allow remote attackers to execute arbitra...
E
CVE-2008-2502 Unspecified vulnerability in the web server in eMule X-Ray before 1.4 allows remote attackers to tri...
S
CVE-2008-2503 Buffer overflow in Uploadlist in eMule X-Ray before 1.4 has unknown impact and remote attack vectors...
CVE-2008-2504 Multiple SQL injection vulnerabilities in Simpel Side Netbutik 1 through 4 allow remote attackers to...
E
CVE-2008-2505 Cross-site scripting (XSS) vulnerability in result.php in Simpel Side Weblosning 1 through 4 allows ...
E
CVE-2008-2506 Multiple SQL injection vulnerabilities in Simpel Side Weblosning 1 through 4 allow remote attackers ...
E
CVE-2008-2507 Cross-site scripting (XSS) vulnerability in Calcium40.pl in Brown Bear Software Calcium 3.10 and 4.0...
E
CVE-2008-2508 Cross-site scripting (XSS) vulnerability in news.php in Tr Script News 2.1 allows remote attackers t...
E
CVE-2008-2509 SQL injection vulnerability in pwd.asp in Excuse Online allows remote attackers to execute arbitrary...
CVE-2008-2510 SQL injection vulnerability in wp-uploadfile.php in the Upload File plugin for WordPress allows remo...
CVE-2008-2511 Directory traversal vulnerability in the UmxEventCli.CachedAuditDataList.1 (aka UmxEventCliLib) Acti...
E
CVE-2008-2512 Directory traversal vulnerability in Symantec Backup Exec System Recovery Manager 7.x before 7.0.4 a...
S
CVE-2008-2513 Buffer overflow in the kernel in IBM AIX 5.2, 5.3, and 6.1 allows local users to execute arbitrary c...
S
CVE-2008-2514 Buffer overflow in errpt in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileges via unkn...
CVE-2008-2515 Unspecified vulnerability in iostat in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileg...
S
CVE-2008-2516 pam_sm_authenticate in pam_pgsql.c in libpam-pgsql 0.6.3 does not properly consider operator precede...
CVE-2008-2517 The sarab.sh script in SaraB before 0.2.4 places the dar program's encryption key on the command lin...
E
CVE-2008-2518 Cross-site scripting (XSS) vulnerability in the advanced search mechanism (webapps/search/advanced.j...
S
CVE-2008-2519 Directory traversal vulnerability in Core FTP client 2.1 Build 1565 allows remote FTP servers to cre...
E S
CVE-2008-2520 Multiple PHP remote file inclusion vulnerabilities in BigACE 2.4, when register_globals is enabled, ...
E S
CVE-2008-2521 SQL injection vulnerability in members.php in YABSoft Mega File Hosting Script (aka MFH or MFHS) 1.2...
E
CVE-2008-2522 SQL injection vulnerability in members.php in Battle.net Clan Script for PHP 1.5.3 and earlier, when...
E
CVE-2008-2523 SQL injection vulnerability in the Autopatcher server plugin in RakNet before 3.23 allows remote att...
CVE-2008-2524 BlogPHP 2.0 allows remote attackers to bypass authentication, and post (1) messages or (2) comments ...
CVE-2008-2525 Cross-site scripting (XSS) vulnerability in the Event Database (aka rlmp_eventdb) extension before 1...
S
CVE-2008-2526 Cross-site scripting (XSS) vulnerability in the WT Gallery (aka wt_gallery) extension 2.6.2 and earl...
S
CVE-2008-2527 Cross-site scripting (XSS) vulnerability in view.php in ActualScripts ActualAnalyzer Server 8.37 and...
CVE-2008-2528 Unspecified vulnerability in Citrix Access Gateway Standard Edition 4.5.7 and earlier and Advanced E...
S
CVE-2008-2529 SQL injection vulnerability in read.php in Advanced Links Management (ALM) 1.5.2 allows remote attac...
E
CVE-2008-2530 Multiple SQL injection vulnerabilities in Concepts & Solutions QuickUpCMS allow remote attackers to ...
E
CVE-2008-2531 Cross-site scripting (XSS) vulnerability in the search script in Build A Niche Store (BANS) 3.0 allo...
CVE-2008-2532 SQL injection vulnerability in forum/topic_detail.php in AJ Square aj-hyip (aka AJ HYIP Acme) allows...
E
CVE-2008-2533 Multiple cross-site scripting (XSS) vulnerabilities in Phoenix View CMS Pre Alpha2 and earlier allow...
E
CVE-2008-2534 Directory traversal vulnerability in admin/admin_frame.php in Phoenix View CMS Pre Alpha2 and earlie...
E
CVE-2008-2535 Multiple SQL injection vulnerabilities in Phoenix View CMS Pre Alpha2 and earlier allow remote attac...
E
CVE-2008-2536 SQL injection vulnerability in out.php in YABSoft Advanced Image Hosting (AIH) Script 2.1 and earlie...
E
CVE-2008-2537 SQL injection vulnerability in cat.php in HispaH Model Search allows remote attackers to execute arb...
E
CVE-2008-2538 Unspecified vulnerability in crontab on Sun Solaris 8 through 10, and OpenSolaris before snv_93, all...
CVE-2008-2539 The Sun Cluster Global File System in Sun Cluster 3.1 on Sun Solaris 8 through 10, when an underlyin...
CVE-2008-2540 Apple Safari on Mac OS X, and before 3.1.2 on Windows, does not prompt the user before downloading a...
S
CVE-2008-2541 Multiple stack-based buffer overflows in the HTTP Gateway Service (icihttp.exe) in CA eTrust Secure ...
S
CVE-2008-2542 Stack-based buffer overflow in the getline function in Ppm/ppm.C in NASA Ames Research Center BigVie...
CVE-2008-2543 The ooh323 channel driver in Asterisk Addons 1.2.x before 1.2.9 and Asterisk-Addons 1.4.x before 1.4...
CVE-2008-2544 Mounting /proc filesystem via chroot command silently mounts it in read-write mode. The user could b...
E
CVE-2008-2545 Skype 3.6.0.248, and other versions before 3.8.0.139, uses a case-sensitive comparison when checking...
S
CVE-2008-2546 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-1805. Reason: This candida...
R
CVE-2008-2547 Stack-based buffer overflow in msiexec.exe 3.1.4000.1823 and 4.5.6001.22159 in Microsoft Windows Ins...
E
CVE-2008-2548 Stack-based buffer overflow in the JPEG thumbprint component in the EXIF parser on Motorola cell pho...
CVE-2008-2549 Adobe Acrobat Reader 8.1.2 and earlier, and before 7.1.1, allows remote attackers to cause a denial ...
E
CVE-2008-2550 Unspecified vulnerability in the Web Services Security component in IBM WebSphere Application Server...
CVE-2008-2551 The DownloaderActiveX Control (DownloaderActiveX.ocx) in Icona SpA C6 Messenger 1.0.0.1 allows remot...
E
CVE-2008-2552 Unspecified vulnerability in the Service Tag Registry on Sun Solaris 10, and Sun Service Tag before ...
S
CVE-2008-2553 Cross-site scripting (XSS) vulnerability in Slashdot Like Automated Storytelling Homepage (Slash) (a...
CVE-2008-2554 Multiple SQL injection vulnerabilities in BP Blog 6.0 allow remote attackers to execute arbitrary SQ...
E
CVE-2008-2555 SQL injection vulnerability in index.php in EasyWay CMS allows remote attackers to execute arbitrary...
E
CVE-2008-2556 SQL injection vulnerability in read.php in PHP Visit Counter 0.4 and earlier allows remote attackers...
E
CVE-2008-2557 Cross-site scripting (XSS) vulnerability in CRE Loaded 6.2.13.1 and earlier allows remote attackers ...
CVE-2008-2558 CRE Loaded 6.2.13.1 and earlier does not set the "Secure" attribute for cookies that are sent over H...
CVE-2008-2559 Integer overflow in Borland Interbase 2007 SP2 (8.1.0.256) allows remote attackers to execute arbitr...
E
CVE-2008-2560 SQL injection vulnerability in showpost.php in 427BB 2.3.1 allows remote attackers to execute arbitr...
E
CVE-2008-2561 Multiple cross-site scripting (XSS) vulnerabilities in 427BB 2.3.1 allow remote attackers to inject ...
E
CVE-2008-2562 SQL injection vulnerability in edCss.php in PowerPhlogger 2.2.5 and earlier allows remote authentica...
E
CVE-2008-2563 Multiple cross-site scripting (XSS) vulnerabilities in (1) dsp_main.php and (2) dsp_task_editor.php ...
CVE-2008-2564 SQL injection vulnerability in the JotLoader (com_jotloader) component 1.2.1.a and earlier for Jooml...
E
CVE-2008-2565 Multiple SQL injection vulnerabilities in PHP Address Book 3.1.5 and earlier allow remote attackers ...
E
CVE-2008-2566 Multiple cross-site scripting (XSS) vulnerabilities in PHP Address Book 3.1.5 and earlier allow remo...
E
CVE-2008-2567 Cross-site scripting (XSS) vulnerability in Fenriru Sleipnir 2.7.1 Release2 and earlier, Portable Sl...
S
CVE-2008-2568 SQL injection vulnerability in the Simple Shop Galore (com_simpleshop) component 3.4 and earlier for...
E
CVE-2008-2569 SQL injection vulnerability in the EasyBook (com_easybook) component 1.1 for Joomla! allows remote a...
E
CVE-2008-2570 Multiple unspecified vulnerabilities in LimeSurvey (formerly PHPSurveyor) before 1.71 have unknown i...
CVE-2008-2571 Cross-site request forgery (CSRF) vulnerability in LimeSurvey (formerly PHPSurveyor) before 1.71 all...
S
CVE-2008-2572 SQL injection vulnerability in php/leer_comentarios.php in FlashBlog allows remote attackers to exec...
E
CVE-2008-2573 Stack-based buffer overflow in SFTP in freeSSHd 1.2.1 allows remote authenticated users to execute a...
E
CVE-2008-2574 Unrestricted file upload vulnerability in admin/Editor/imgupload.php in FlashBlog 0.31 beta allows r...
E
CVE-2008-2575 cbrPager before 0.9.17 allows user-assisted remote attackers to execute arbitrary commands via shell...
E S
CVE-2008-2576 Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 9.2, 9.1, 9.0...
CVE-2008-2577 Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 9.2 MP1 has u...
CVE-2008-2578 Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 10.0 and 9.2 ...
CVE-2008-2579 Unspecified vulnerability in the WebLogic Server Plugins for Apache, Sun and IIS web servers compone...
CVE-2008-2580 Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 10.0 MP1, 9.2...
CVE-2008-2581 Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 10.0 MP1, 9.2...
CVE-2008-2582 Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 10.0 MP1, 9.2...
CVE-2008-2583 Unspecified vulnerability in the sample Discussion Forum Portlet for the Oracle Portal component in ...
CVE-2008-2584 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2008-2585 Unspecified vulnerability in the Oracle Report Manager component in Oracle E-Business Suite 12.0.4 h...
CVE-2008-2586 Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su...
CVE-2008-2587 Unspecified vulnerability in the Advanced Replication component in Oracle Database 9.0.1.5 FIPS+, 9....
CVE-2008-2588 Unspecified vulnerability in the Oracle JDeveloper component in Oracle Application Server 10.1.2.2 a...
CVE-2008-2589 Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 9.0.4.3, 10.1....
CVE-2008-2590 Unspecified vulnerability in the Instance Management component in Oracle Database 10.1.0.5 and Enter...
CVE-2008-2591 Unspecified vulnerability in the Oracle Database Vault component in Oracle Database 9.2.0.8DV, 10.2....
CVE-2008-2592 Unspecified vulnerability in the Advanced Replication component in Oracle Database 9.0.1.5 FIPS+, 9....
CVE-2008-2593 Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 10.1.2.3 and 1...
CVE-2008-2594 Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 10.1.2.3 and 1...
CVE-2008-2595 Unspecified vulnerability in the Oracle Internet Directory component in Oracle Application Server 9....
E
CVE-2008-2596 Unspecified vulnerability in the Mobile Application Server component in Oracle E-Business Suite 12.0...
CVE-2008-2597 Unspecified vulnerability in the TimesTen Client/Server component in Oracle Times Ten In-Memory Data...
CVE-2008-2598 Unspecified vulnerability in the TimesTen Client/Server component in Oracle Times Ten In-Memory Data...
CVE-2008-2599 Unspecified vulnerability in the TimesTen Client/Server component in Oracle Times Ten In-Memory Data...
CVE-2008-2600 Unspecified vulnerability in the Oracle Spatial component in Oracle Database 10.1.0.5, 10.2.0.3, and...
CVE-2008-2601 Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 12.0.4 has unkno...
CVE-2008-2602 Unspecified vulnerability in the Data Pump component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1...
CVE-2008-2603 Unspecified vulnerability in the Resource Manager component in Oracle Database 10.1.0.5, 10.2.0.4, a...
CVE-2008-2604 Unspecified vulnerability in the Authentication component in Oracle Database 11.1.0.6 has unknown im...
CVE-2008-2605 Unspecified vulnerability in the Authentication component in Oracle Database 11.1.0.6 has unknown im...
CVE-2008-2606 Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su...
CVE-2008-2607 Unspecified vulnerability in the Advanced Queuing component in Oracle Database 9.2.0.8, 9.2.0.8DV, 1...
CVE-2008-2608 Unspecified vulnerability in the Data Pump component in Oracle Database 10.1.0.5 and 10.2.0.3 has un...
CVE-2008-2609 Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 9.0.4.3, 10.1....
CVE-2008-2610 Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business...
CVE-2008-2611 Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2...
CVE-2008-2612 Unspecified vulnerability in the Hyperion BI Plus component in Oracle Application Server 8.3.2.4, 8....
CVE-2008-2613 Unspecified vulnerability in the Database Scheduler component in Oracle Database 10.2.0.4 and 11.1.0...
CVE-2008-2614 Unspecified vulnerability in the Oracle HTTP Server component in Oracle Application Server 9.0.4.3, ...
CVE-2008-2615 Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise an...
CVE-2008-2616 Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise an...
CVE-2008-2617 Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise an...
CVE-2008-2618 Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise an...
CVE-2008-2619 Unspecified vulnerability in the Oracle Reports Developer component in Oracle Application Server 1.0...
CVE-2008-2620 Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise an...
CVE-2008-2621 Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise an...
CVE-2008-2622 Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise an...
CVE-2008-2623 Unspecified vulnerability in the Oracle JDeveloper component in Oracle Application Server 10.1.2.3 a...
CVE-2008-2624 Unspecified vulnerability in the Oracle OLAP component in Oracle Database 10.1.0.5 allows remote aut...
CVE-2008-2625 Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0....
CVE-2008-2626 SQL injection vulnerability in comment.asp in Battle Blog 1.25 and earlier allows remote attackers t...
E
CVE-2008-2627 SQL injection vulnerability in the IDoBlog (com_idoblog) component b24 and earlier and 1.0, a compon...
E
CVE-2008-2628 SQL injection vulnerability in the eQuotes (com_equotes) component 0.9.4 for Joomla! allows remote a...
E
CVE-2008-2629 SQL injection vulnerability in the LifeType (formerly pLog) module for Drupal allows remote attacker...
E
CVE-2008-2630 SQL injection vulnerability in the JooBlog (com_jb2) component 0.1.1 for Joomla! allows remote attac...
E
CVE-2008-2631 The WordClient interface in Alt-N Technologies MDaemon 9.6.5 allows remote attackers to cause a deni...
CVE-2008-2632 SQL injection vulnerability in the acctexp (com_acctexp) component 0.12.x and earlier for Joomla! al...
E
CVE-2008-2633 Multiple SQL injection vulnerabilities in the EXP JoomRadio (com_joomradio) component 1.0 for Joomla...
E
CVE-2008-2634 SQL injection vulnerability in index.asp in I-Pos Internet Pay Online Store 1.3 Beta and earlier all...
E
CVE-2008-2635 Multiple directory traversal vulnerabilities in BitKinex 2.9.3 allow remote FTP and WebDAV servers t...
CVE-2008-2636 The HTTP service on the Cisco Linksys WRH54G with firmware 1.01.03 allows remote attackers to cause ...
CVE-2008-2637 Multiple cross-site scripting (XSS) vulnerabilities in F5 FirePass SSL VPN 6.0.2 hotfix 3, and possi...
CVE-2008-2638 Static code injection vulnerability in guestbook.php in 1Book 1.0.1 and earlier allows remote attack...
E
CVE-2008-2639 Stack-based buffer overflow in the ODBC server service in Citect CitectSCADA 6 and 7, and CitectFaci...
E
CVE-2008-2640 Multiple cross-site scripting (XSS) vulnerabilities in the Flex 3 History Management feature in Adob...
E S
CVE-2008-2641 Unspecified vulnerability in Adobe Reader and Acrobat 7.0.9 and earlier, and 8.0 through 8.1.2, allo...
S
CVE-2008-2642 SQL injection vulnerability in login.php in OtomiGenX 2.2 allows remote attackers to execute arbitra...
CVE-2008-2643 SQL injection vulnerability in the Bible Study (com_biblestudy) component before 6.0.7c for Joomla! ...
E
CVE-2008-2644 Multiple cross-site scripting (XSS) vulnerabilities in SMEWeb 1.4b and 1.4f allow remote attackers t...
E
CVE-2008-2645 Multiple PHP remote file inclusion vulnerabilities in Brim (formerly Booby) 1.0.1 allow remote attac...
E
CVE-2008-2646 Multiple cross-site scripting (XSS) vulnerabilities in meBiblio 0.4.7 allow remote attackers to inje...
E
CVE-2008-2647 SQL injection vulnerability in admin/journal_change_mask.inc.php in meBiblio 0.4.7 allows remote att...
E
CVE-2008-2648 Unrestricted file upload vulnerability in upload/uploader.html in meBiblio 0.4.7 allows remote attac...
E
CVE-2008-2649 Multiple PHP remote file inclusion vulnerabilities in DesktopOnNet 3 Beta allow remote attackers to ...
E
CVE-2008-2650 Directory traversal vulnerability in cmsimple/cms.php in CMSimple 3.1, when register_globals is enab...
E
CVE-2008-2651 SQL injection vulnerability in the Joomla! Bulletin Board (aka Joo!BB or com_joobb) component 0.5.9 ...
E
CVE-2008-2652 Multiple SQL injection vulnerabilities in catalog.php in SMEWeb 1.4b and 1.4f allow remote attackers...
E
CVE-2008-2654 Off-by-one error in the read_client function in webhttpd.c in Motion 3.2.10 and earlier might allow ...
E S
CVE-2008-2660 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2008-2662 Multiple integer overflows in the rb_str_buf_append function in Ruby 1.8.4 and earlier, 1.8.5 before...
S
CVE-2008-2663 Multiple integer overflows in the rb_ary_store function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8....
S
CVE-2008-2664 The rb_str_format function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p2...
S
CVE-2008-2665 Directory traversal vulnerability in the posix_access function in PHP 5.2.6 and earlier allows remot...
E
CVE-2008-2666 Multiple directory traversal vulnerabilities in PHP 5.2.6 and earlier allow context-dependent attack...
CVE-2008-2667 SQL injection vulnerability in the Courier Authentication Library (aka courier-authlib) before 0.60....
CVE-2008-2668 Multiple cross-site scripting (XSS) vulnerabilities in yBlog 0.2.2.2 allow remote attackers to injec...
E
CVE-2008-2669 Multiple SQL injection vulnerabilities in yBlog 0.2.2.2 allow remote attackers to execute arbitrary ...
E
CVE-2008-2670 Multiple SQL injection vulnerabilities in index.php in Insanely Simple Blog 0.5 allow remote attacke...
E
CVE-2008-2671 SQL injection vulnerability in comments.php in DCFM Blog 0.9.4 allows remote attackers to execute ar...
E
CVE-2008-2672 Multiple directory traversal vulnerabilities in ErfurtWiki R1.02b and earlier, when register_globals...
E
CVE-2008-2673 SQL injection vulnerability in index.php in Powie pNews 2.08 and 2.10, when magic_quotes_gpc is disa...
E
CVE-2008-2674 Unspecified vulnerability in the Interstage Management Console, as used in Fujitsu Interstage Applic...
CVE-2008-2675 Cross-site scripting (XSS) vulnerability in index.php in PHP Image Gallery allows remote attackers t...
CVE-2008-2676 SQL injection vulnerability in the iJoomla News Portal (com_news_portal) component 1.0 and earlier f...
E
CVE-2008-2677 Cross-site scripting (XSS) vulnerability in edit1.php in Telephone Directory 2008 allows remote atta...
E
CVE-2008-2678 Multiple SQL injection vulnerabilities in Telephone Directory 2008, when magic_quotes_gpc is disable...
E
CVE-2008-2679 SQL injection vulnerability in the KeyWordsList function in _includes/inc_routines.asp in Realm CMS ...
E
CVE-2008-2680 Multiple cross-site scripting (XSS) vulnerabilities in _db/compact.asp in Realm CMS 2.3 and earlier ...
E
CVE-2008-2681 Realm CMS 2.3 and earlier allows remote attackers to obtain sensitive information via a direct reque...
E
CVE-2008-2682 _RealmAdmin/login.asp in Realm CMS 2.3 and earlier allows remote attackers to bypass authentication ...
E
CVE-2008-2683 The BIDIB.BIDIBCtrl.1 ActiveX control in BIDIB.ocx 10.9.3.0 in Black Ice Barcode SDK 5.01 allows rem...
E
CVE-2008-2684 The BIDIB.BIDIBCtrl.1 ActiveX control in BIDIB.ocx 10.9.3.0 in Black Ice Barcode SDK 5.01 allows rem...
E
CVE-2008-2685 SQL injection vulnerability in article.asp in Battle Blog 1.25 Build 4 and earlier allows remote att...
CVE-2008-2686 webinc/bxe/scripts/loadsave.php in Flux CMS 1.5.0 and earlier allows remote attackers to execute arb...
E
CVE-2008-2687 Directory traversal vulnerability in inc/config.php in ProManager 0.73 allows remote attackers to in...
E
CVE-2008-2688 SQL injection vulnerability in pilot.asp in ASPilot Pilot Cart 7.3 allows remote attackers to execut...
E
CVE-2008-2689 PHP remote file inclusion vulnerability in pub/clients.php in BrowserCRM 5.002.00 allows remote atta...
E
CVE-2008-2690 Multiple PHP remote file inclusion vulnerabilities in BrowserCRM 5.002.00, when register_globals is ...
CVE-2008-2691 SQL injection vulnerability in read.asp in JiRo's FAQ Manager eXperience 1.0 allows remote attackers...
E
CVE-2008-2692 SQL injection vulnerability in the yvComment (com_yvcomment) component 1.16.0 and earlier for Joomla...
E
CVE-2008-2693 Stack-based buffer overflow in the BITIFF.BITiffCtrl.1 ActiveX control in BITiff.ocx 10.9.3.0 in Bla...
E
CVE-2008-2694 Cross-site scripting (XSS) vulnerability in search.php in phpInv 0.8.0 allows remote attackers to in...
E
CVE-2008-2695 Directory traversal vulnerability in entry.php in phpInv 0.8.0 allows remote attackers to include an...
E
CVE-2008-2696 Exiv2 0.16 allows user-assisted remote attackers to cause a denial of service (divide-by-zero and ap...
E
CVE-2008-2697 SQL injection vulnerability in the Rapid Recipe (com_rapidrecipe) component 1.6.6 and 1.6.7 for Joom...
E
CVE-2008-2698 Multiple cross-site scripting (XSS) vulnerabilities in photo_add-c.php (aka the "add comment" sectio...
CVE-2008-2699 Multiple directory traversal vulnerabilities in Galatolo WebManager (GWM) 1.0 allow remote attackers...
E
CVE-2008-2700 SQL injection vulnerability in view.php in Galatolo WebManager 1.0 and earlier allows remote attacke...
E
CVE-2008-2701 SQL injection vulnerability in the GameQ (com_gameq) component 4.0 and earlier for Joomla! allows re...
E
CVE-2008-2702 Directory traversal vulnerability in the FTP client in ALTools ESTsoft ALFTP 4.1 beta 2 and 5.0 allo...
E
CVE-2008-2703 Multiple stack-based buffer overflows in Novell GroupWise Messenger (GWIM) Client before 2.0.3 HP1 f...
S
CVE-2008-2704 Novell GroupWise Messenger (GWIM) before 2.0.3 Hot Patch 1 allows remote attackers to cause a denial...
E S
CVE-2008-2705 Unspecified vulnerability in Sun Java System Access Manager (AM) 7.1, when used with certain version...
CVE-2008-2706 Unspecified vulnerability in the event port implementation in Sun Solaris 10 allows local users to c...
CVE-2008-2707 Unspecified vulnerability in the e1000g driver in Sun Solaris 10 and OpenSolaris before snv_93 allow...
CVE-2008-2708 Unspecified vulnerability in the Sun (1) UltraSPARC T2 and (2) UltraSPARC T2+ kernel modules in Sun ...
CVE-2008-2709 Buffer overflow in the BrSmRcvAndCheck function in the RCHMGR module on IBM OS/400 V5R4M0, V5R4M5, a...
CVE-2008-2710 Integer signedness error in the ip_set_srcfilter function in the IP Multicast Filter in uts/common/i...
E
CVE-2008-2711 fetchmail 6.3.8 and earlier, when running in -v -v (aka verbose) mode, allows remote attackers to ca...
CVE-2008-2712 Vim 7.1.314, 6.4, and other versions allows user-assisted remote attackers to execute arbitrary comm...
CVE-2008-2713 libclamav/petite.c in ClamAV before 0.93.1 allows remote attackers to cause a denial of service via ...
E
CVE-2008-2714 Opera before 9.26 allows remote attackers to misrepresent web page addresses using "certain characte...
S
CVE-2008-2715 Unspecified vulnerability in Opera before 9.5 allows remote attackers to read cross-domain images vi...
S
CVE-2008-2716 Unspecified vulnerability in Opera before 9.5 allows remote attackers to spoof the contents of trust...
S
CVE-2008-2717 TYPO3 4.0.x before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.2.1, uses an insufficiently restric...
CVE-2008-2718 Cross-site scripting (XSS) vulnerability in fe_adminlib.inc in TYPO3 4.0.x before 4.0.9, 4.1.x befor...
CVE-2008-2719 Off-by-one error in the ppscan function (preproc.c) in Netwide Assembler (NASM) 2.02 allows context-...
CVE-2008-2720 Cross-site scripting (XSS) vulnerability in Menalto Gallery before 2.2.5 allows remote attackers to ...
CVE-2008-2721 Unspecified vulnerability in the album-select module in Menalto Gallery before 2.2.5 allows remote a...
S
CVE-2008-2722 Menalto Gallery before 2.2.5 allows remote attackers to bypass permissions for sub-albums via a ZIP ...
CVE-2008-2723 embed.php in Menalto Gallery before 2.2.5 allows remote attackers to obtain the full path via unknow...
CVE-2008-2724 Menalto Gallery before 2.2.5 does not enforce permissions for non-album items that have been protect...
CVE-2008-2725 Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p23...
S
CVE-2008-2726 Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p23...
S
CVE-2008-2727 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-2725. Reason: This candida...
R
CVE-2008-2728 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-2726. Reason: This candida...
R
CVE-2008-2729 arch/x86_64/lib/copy_user.S in the Linux kernel before 2.6.19 on some AMD64 systems does not erase d...
CVE-2008-2730 The Real-Time Information Server (RIS) Data Collector service in Cisco Unified Communications Manage...
S
CVE-2008-2732 Multiple unspecified vulnerabilities in the SIP inspection functionality in Cisco PIX and Adaptive S...
CVE-2008-2733 Cisco PIX and Adaptive Security Appliance (ASA) 5500 devices 7.2 before 7.2(4)2, 8.0 before 8.0(3)14...
CVE-2008-2734 Memory leak in the crypto functionality in Cisco Adaptive Security Appliance (ASA) 5500 devices 7.2 ...
CVE-2008-2735 The HTTP server in Cisco Adaptive Security Appliance (ASA) 5500 devices 8.0 before 8.0(3)15 and 8.1 ...
CVE-2008-2736 Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) 5500 devices 8.0(3)15, 8.0(3)16...
CVE-2008-2737 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-3558. Reason: This candida...
R
CVE-2008-2739 The SERVICE.DNS signature engine in the Intrusion Prevention System (IPS) in Cisco IOS 12.3 and 12.4...
CVE-2008-2742 Unrestricted file upload in the mcpuk file editor (atk/attributes/fck/editor/filemanager/browser/mcp...
E
CVE-2008-2743 Cross-site scripting (XSS) vulnerability in the embedded web server in Xerox 4110, 4590, and 4595 Co...
CVE-2008-2744 Cross-site scripting (XSS) vulnerability in vBulletin 3.6.10 and 3.7.1 allows remote attackers to in...
E
CVE-2008-2745 Stack-based buffer overflow in BiAnno ActiveX Control (BiAnno.ocx) in Black Ice Software Annotation ...
E
CVE-2008-2746 SQL injection vulnerability in login.php in Gryphon gllcTS2 4.2.4 allows remote attackers to execute...
E
CVE-2008-2747 No-IP Dynamic Update Client (DUC) 2.2.1 on Windows uses weak permissions for the HKLM\SOFTWARE\Vital...
CVE-2008-2748 Skulltag 0.97d2-RC2 and earlier allows remote attackers to cause a denial of service (daemon hang) v...
CVE-2008-2749 Unspecified vulnerability in cshttpd in Sun Java System Calendar Server 6 and 6.3, and Sun ONE Calen...
S
CVE-2008-2750 The pppol2tp_recvmsg function in drivers/net/pppol2tp.c in the Linux kernel 2.6 before 2.6.26-rc6 al...
S
CVE-2008-2751 Multiple cross-site scripting (XSS) vulnerabilities in the Glassfish webadmin interface in Sun Java ...
CVE-2008-2752 Microsoft Word 2000 9.0.2812 and 2003 11.8106.8172 does not properly handle unordered lists, which a...
E
CVE-2008-2753 Multiple SQL injection vulnerabilities in Pooya Site Builder (PSB) 6.0 allow remote attackers to exe...
E
CVE-2008-2754 SQL injection vulnerability in toplists.php in eFiction 3.0 and 3.4.3, when magic_quotes_gpc is disa...
E
CVE-2008-2755 SQL injection vulnerability in index.php in JAMM CMS allows remote attackers to execute arbitrary SQ...
E
CVE-2008-2756 Cross-site scripting (XSS) vulnerability in admin/users.asp in Xigla Absolute Control Panel XE 1.0 a...
E
CVE-2008-2757 SQL injection vulnerability in search.asp in Xigla Absolute News Manager XE 3.2 allows remote authen...
E
CVE-2008-2758 Multiple cross-site scripting (XSS) vulnerabilities in Xigla Absolute News Manager XE 3.2 allow remo...
E
CVE-2008-2759 Multiple cross-site scripting (XSS) vulnerabilities in Xigla Absolute Form Processor XE 4.0 allow re...
E
CVE-2008-2760 SQL injection vulnerability in searchbanners.asp in Xigla Absolute Banner Manager XE 2.0 allows remo...
E
CVE-2008-2761 Multiple cross-site scripting (XSS) vulnerabilities in Xigla Absolute Banner Manager XE 2.0 allow re...
E
CVE-2008-2762 SQL injection vulnerability in search.asp in Xigla Absolute Form Processor XE 4.0 allows remote auth...
E
CVE-2008-2763 SQL injection vulnerability in search.asp in Xigla Absolute Live Support XE 5.1 allows remote authen...
E
CVE-2008-2764 Cross-site scripting (XSS) vulnerability in admin/search.asp in Xigla Absolute Live Support XE 5.1 a...
E
CVE-2008-2765 SQL injection vulnerability in gallery.asp in Xigla Absolute Image Gallery XE allows remote attacker...
E
CVE-2008-2766 Cross-site scripting (XSS) vulnerability in Xigla Absolute Image Gallery XE allows remote attackers ...
E
CVE-2008-2767 SQL injection vulnerability in search.asp in Xigla Poll Manager XE allows remote authenticated users...
E
CVE-2008-2768 Cross-site scripting (XSS) vulnerability in admin/search.asp in Xigla Poll Manager XE allows remote ...
E
CVE-2008-2769 PHP remote file inclusion vulnerability in authentication/smf/smf.functions.php in Simple Machines p...
CVE-2008-2770 SQL injection vulnerability in index.php in MycroCMS 0.5, when magic_quotes_gpc is disabled, allows ...
E
CVE-2008-2771 The Node Hierarchy module 5.x before 5.x-1.1 and 6.x before 6.x-1.0 for Drupal does not properly imp...
S
CVE-2008-2772 The Magic Tabs module 5.x before 5.x-1.1 for Drupal allows remote attackers to execute arbitrary PHP...
S
CVE-2008-2773 Cross-site scripting (XSS) vulnerability in the Taxonomy Image module 5.x before 5.x-1.3 and 6.x bef...
S
CVE-2008-2774 SQL injection vulnerability in item.php in CartKeeper CKGold Shopping Cart 2.5 and 2.7 allows remote...
E
CVE-2008-2775 SQL injection vulnerability in search.asp in DT Centrepiece 4.0 allows remote attackers to execute a...
CVE-2008-2776 Cross-site scripting (XSS) vulnerability in search.asp in DT Centrepiece 4.0 allows remote attackers...
CVE-2008-2777 Cross-site scripting (XSS) vulnerability in Ortro before 1.3.1 allows remote attackers to inject arb...
CVE-2008-2778 SQL injection vulnerability in inc/class_search.php in the Search System in RevokeBB 1.0 RC11 allows...
E
CVE-2008-2779 Directory traversal vulnerability in GlobalSCAPE CuteFTP Home 8.2.0 Build 02.26.2008.4 and CuteFTP P...
E
CVE-2008-2780 The Anubis (aka Anubis+Ripe160) plugin before 1.3 for encrypt stores the unencrypted file's size in ...
CVE-2008-2781 SQL injection vulnerability in index.php in DZOIC Handshakes 3.5 allows remote attackers to execute ...
CVE-2008-2782 Multiple directory traversal vulnerabilities in OtomiGenX 2.2 allow remote attackers to include and ...
E
CVE-2008-2783 Multiple cross-site scripting (XSS) vulnerabilities in Horde Groupware, Groupware Webmail Edition, a...
E
CVE-2008-2784 The smtp_filter function in spamdyke before 3.1.8 does not filter RCPT commands after encountering t...
CVE-2008-2785 Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird before 2.0.0.16, and SeaMonkey bef...
S
CVE-2008-2786 Buffer overflow in Firefox 3.0 and 2.0.x has unknown impact and attack vectors. NOTE: due to lack o...
CVE-2008-2787 Cross-site scripting (XSS) vulnerability in out.php in OpenDocMan 1.2.5 allows remote attackers to i...
E S
CVE-2008-2788 Cross-site scripting (XSS) vulnerability in index.php in OpenDocMan 1.2.5 allows remote attackers to...
S
CVE-2008-2789 SQL injection vulnerability in pages/index.php in BASIC-CMS allows remote attackers to execute arbit...
E
CVE-2008-2790 SQL injection vulnerability in detail.php in MountainGrafix easyTrade 2.x allows remote attackers to...
E S
CVE-2008-2791 SQL injection vulnerability in product.detail.php in Kalptaru Infotech Comparison Engine Power Scrip...
E
CVE-2008-2792 SQL injection vulnerability in index.php in eroCMS 1.4 and earlier allows remote attackers to execut...
E
CVE-2008-2793 SQL injection vulnerability in group_posts.php in ClipShare before 3.0.1 allows remote attackers to ...
E
CVE-2008-2794 Unspecified vulnerability in the GUI in Symantec Altiris Notification Server Agent 6.x before 6.0 SP...
S
CVE-2008-2795 Directory traversal vulnerability in the FTP and SFTP clients in IDM Computer Solutions Inc UltraEdi...
E
CVE-2008-2796 SQL injection vulnerability in index.php in FreeCMS 0.2 allows remote attackers to execute arbitrary...
E
CVE-2008-2797 Cross-site scripting (XSS) vulnerability in MainLayout.do in ManageEngine OpUtils 5.0 allows remote ...
CVE-2008-2798 Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and ea...
CVE-2008-2799 Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and ea...
CVE-2008-2800 Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 allow remote attackers to bypass the Sam...
CVE-2008-2801 Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly implement JAR signing, w...
CVE-2008-2802 Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow...
CVE-2008-2803 The mozIJSSubScriptLoader.LoadScript function in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0....
CVE-2008-2804 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-2800. Reason: This candida...
R
CVE-2008-2805 Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 allow remote attackers to force the uplo...
CVE-2008-2806 Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 on Mac OS X allow remote attackers to by...
CVE-2008-2807 Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly handle an invalid .prope...
CVE-2008-2808 Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly escape HTML in file:// U...
CVE-2008-2809 Mozilla 1.9 M8 and earlier, Mozilla Firefox 2 before 2.0.0.15, SeaMonkey 1.1.5 and other versions be...
CVE-2008-2810 Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly identify the context of ...
CVE-2008-2811 The block reflow implementation in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier...
CVE-2008-2812 The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users...
S
CVE-2008-2813 Directory traversal vulnerability in index.php in WallCity-Server Shoutcast Admin Panel 2.0, when ma...
E
CVE-2008-2814 Cross-site scripting (XSS) vulnerability in WallCity-Server Shoutcast Admin Panel 2.0 allows remote ...
CVE-2008-2815 SQL injection vulnerability in shopping/index.php in MyMarket 1.72 allows remote attackers to execut...
E
CVE-2008-2816 SQL injection vulnerability in post.php in Oxygen (aka O2PHP Bulletin Board) 2.0 allows remote attac...
E
CVE-2008-2817 SQL injection vulnerability in albums.php in NiTrO Web Gallery 1.4.3 and earlier allows remote attac...
E
CVE-2008-2818 Directory traversal vulnerability in Easy-Clanpage 3.0 b1 allows remote attackers to include and exe...
E
CVE-2008-2819 SQL injection vulnerability in BlognPlus (BURO GUN +) 2.5.4 and earlier MySQL and PostgreSQL edition...
CVE-2008-2820 Directory traversal vulnerability in lang/lang-system.php in Open Azimyt CMS 0.22 minimal and 0.21 s...
E S
CVE-2008-2821 Directory traversal vulnerability in the FTP client in Glub Tech Secure FTP before 2.5.16 on Windows...
E
CVE-2008-2822 Multiple directory traversal vulnerabilities in the FTP client in 3D-FTP Client 8.01 (8.0 build 1) a...
E
CVE-2008-2823 SQL injection vulnerability in newsarchive.php in PHPeasyblog (formerly phpeasynews) 1.13 RC2 and ea...
E
CVE-2008-2824 Unspecified vulnerability in the Extensible Interface Platform in Web Services in Xerox WorkCentre 7...
S
CVE-2008-2825 Cross-site scripting (XSS) vulnerability in the embedded Web Server in Xerox WorkCentre M123, M128, ...
S
CVE-2008-2826 Integer overflow in the sctp_getsockopt_local_addrs_old function in net/sctp/socket.c in the Stream ...
CVE-2008-2827 The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check permissions before perf...
E
CVE-2008-2828 Stack-based buffer overflow in tmsnc allows remote attackers to cause a denial of service (crash) an...
CVE-2008-2829 php_imap.c in PHP 5.2.5, 5.2.6, 4.x, and other versions, uses obsolete API calls that allow context-...
S
CVE-2008-2830 Open Scripting Architecture in Apple Mac OS X 10.4.11 and 10.5.4, and some other 10.4 and 10.5 versi...
E
CVE-2008-2831 Multiple cross-site scripting (XSS) vulnerabilities in the delegated spam management feature in the ...
CVE-2008-2832 Unrestricted file upload vulnerability in calendar_admin.asp in Full Revolution aspWebCalendar 2008 ...
E
CVE-2008-2833 admin/upload.php in le.cms 1.4 and earlier allows remote attackers to bypass administrative authenti...
E
CVE-2008-2834 SQL injection vulnerability in projects.php in Scientific Image DataBase 0.41 allows remote attacker...
E
CVE-2008-2835 SQL injection vulnerability in cgi-bin/igsuite in IGSuite 3.2.4 allows remote attackers to execute a...
E
CVE-2008-2836 PHP remote file inclusion vulnerability in send_reminders.php in WebCalendar 1.0.4 allows remote att...
E
CVE-2008-2837 SQL injection vulnerability in index.php in CMS-BRD allows remote attackers to execute arbitrary SQL...
E
CVE-2008-2838 Directory traversal vulnerability in index.php in Traindepot 0.1 allows remote attackers to read arb...
E
CVE-2008-2839 Cross-site scripting (XSS) vulnerability in the search module in Traindepot 0.1 allows remote attack...
E
CVE-2008-2840 Multiple directory traversal vulnerabilities in Exero CMS 1.0.0 and 1.0.1 allow remote attackers to ...
S
CVE-2008-2841 Argument injection vulnerability in XChat 2.8.7b and earlier on Windows, when Internet Explorer is u...
E
CVE-2008-2842 Cross-site scripting (XSS) vulnerability in edit/showmedia.asp in doITLive CMS 2.50 and earlier allo...
E
CVE-2008-2843 Multiple SQL injection vulnerabilities in doITLive CMS 2.50 and earlier allow remote attackers to ex...
E
CVE-2008-2844 SQL injection vulnerability in index.php in Carscripts Classifieds allows remote attackers to execut...
E
CVE-2008-2845 SQL injection vulnerability in index.php in MyBizz-Classifieds allows remote attackers to execute ar...
E
CVE-2008-2846 SQL injection vulnerability in index.php in BoatScripts Classifieds allows remote attackers to execu...
E
CVE-2008-2847 SQL injection vulnerability in the Trade module in Maxtrade AIO 1.3.23 allows remote attackers to ex...
E
CVE-2008-2848 Cross-site scripting (XSS) vulnerability in the search functionality in MindTouch DekiWiki before 8....
CVE-2008-2849 Cross-site scripting (XSS) vulnerability in the TrailScout module 5.x before 5.x-1.4 for Drupal allo...
CVE-2008-2850 SQL injection vulnerability in the TrailScout module 5.x before 5.x-1.4 for Drupal allows remote att...
S
CVE-2008-2851 Multiple buffer overflows in OFF System before 0.19.14 allow remote attackers to have an unknown imp...
S
CVE-2008-2852 Cross-site scripting (XSS) vulnerability in CGIWrap before 4.1, when an Internet Explorer based brow...
S
CVE-2008-2853 SQL injection vulnerability in index.php in Easy Webstore 1.2 allows remote attackers to execute arb...
E
CVE-2008-2854 Multiple PHP remote file inclusion vulnerabilities in Orlando CMS 0.6 allow remote attackers to exec...
E
CVE-2008-2855 Cross-site scripting (XSS) vulnerability in clanek.php in OwnRS Beta 3 allows remote attackers to in...
E
CVE-2008-2856 SQL injection vulnerability in clanek.php in OwnRS Beta 3 allows remote attackers to execute arbitra...
E
CVE-2008-2857 AlstraSoft AskMe Pro 2.1 and earlier stores passwords in cleartext in a MySQL database, which allows...
E
CVE-2008-2858 SQL injection vulnerability in index.php in WebChamado 1.1 allows remote attackers to execute arbitr...
CVE-2008-2859 Unspecified vulnerability in the IMAP service in NetWin SurgeMail before 3.9g2 allows remote attacke...
CVE-2008-2860 SQL injection vulnerability in category.php in AJSquare AJ Auction Pro web 2.0 allows remote attacke...
E
CVE-2008-2861 Multiple cross-site scripting (XSS) vulnerabilities in eLineStudio Site Composer (ESC) 2.6 and earli...
E
CVE-2008-2862 Multiple SQL injection vulnerabilities in eLineStudio Site Composer (ESC) 2.6 and earlier allow remo...
E
CVE-2008-2863 Multiple absolute path traversal vulnerabilities in eLineStudio Site Composer (ESC) 2.6 allow remote...
E
CVE-2008-2864 eLineStudio Site Composer (ESC) 2.6 and earlier allows remote attackers to obtain sensitive informat...
E
CVE-2008-2865 SQL injection vulnerability in index.php in Kalptaru Infotech PHP Site Lock 2.0 allows remote attack...
E
CVE-2008-2866 SQL injection vulnerability in csc_article_details.php in Caupo.net CaupoShop Classic 1.3 allows rem...
E
CVE-2008-2867 SQL injection vulnerability in adclick.php in E-topbiz Viral DX 1 2.07 allows remote attackers to ex...
E
CVE-2008-2868 SQL injection vulnerability in detail.asp in DUware DUcalendar 1.0 and possibly earlier allows remot...
E
CVE-2008-2869 SQL injection vulnerability in out.php in E-topbiz Link ADS 1 allows remote attackers to execute arb...
E
CVE-2008-2870 Multiple SQL injection vulnerabilities in ShareCMS 0.1 Beta allow remote attackers to execute arbitr...
E
CVE-2008-2871 Multiple cross-site scripting (XSS) vulnerabilities in template2.php in PEGames allow remote attacke...
CVE-2008-2872 SQL injection vulnerability in default.asp in sHibby sHop 2.2 and earlier allows remote attackers to...
E
CVE-2008-2873 sHibby sHop 2.2 and earlier stores sensitive information under the web root with insufficient access...
E
CVE-2008-2874 SQL injection vulnerability in index.php in Softbiz Jokes & Funny Pics Script allows remote attacker...
E
CVE-2008-2875 SQL injection vulnerability in index.php in Webdevindo-CMS 1.0.0 allows remote attackers to execute ...
E
CVE-2008-2876 Directory traversal vulnerability in index.php in mUnky 0.0.1 allows remote attackers to include and...
E
CVE-2008-2877 PHP remote file inclusion vulnerability in admin/include/lib.module.php in cmsWorks 2.2 RC4, when re...
E
CVE-2008-2878 Open redirect vulnerability in rss_getfile.php in Academic Web Tools (AWT YEKTA) 1.4.3.1, and 1.4.2....
E
CVE-2008-2879 Benja CMS 0.1 does not require authentication for access to admin/, which allows remote attackers to...
E
CVE-2008-2880 Heap-based buffer overflow in the IBM AFP Viewer Plug-in 2.0.7.1 and 3.2.1.1 allows remote attackers...
S
CVE-2008-2881 Relative Real Estate Systems 3.0 and earlier stores passwords in cleartext in a MySQL database, whic...
E
CVE-2008-2882 upgrade.asp in sHibby sHop 2.2 and earlier does not require administrative authentication, which all...
E
CVE-2008-2883 PHP remote file inclusion vulnerability in include/plugins/jrBrowser/payment.php in Jamroom 3.3.0 th...
E
CVE-2008-2884 PHP remote file inclusion vulnerability in display.php in RSS-aggregator allows remote attackers to ...
E
CVE-2008-2885 PHP remote file inclusion vulnerability in src/browser/resource/categories/resource_categories_view....
E
CVE-2008-2886 PHP remote file inclusion vulnerability in include/plugins/jrBrowser/purchase.php in Jamroom 3.3.0 t...
E S
CVE-2008-2887 Directory traversal vulnerability in index.php in chaozz@work FubarForum 1.5 allows remote attackers...
E
CVE-2008-2888 Multiple PHP remote file inclusion vulnerabilities in MiGCMS 2.0.5, when register_globals is enabled...
E
CVE-2008-2889 Directory traversal vulnerability in the FTP client in AceBIT WISE-FTP 4.1.0 and 5.5.8 allows remote...
S
CVE-2008-2890 Multiple SQL injection vulnerabilities in Online Fantasy Football League (OFFL) 0.2.6 and earlier al...
E
CVE-2008-2891 SQL injection vulnerability in index.php in eMuSOFT emuCMS 0.3 allows remote attackers to execute ar...
E
CVE-2008-2892 SQL injection vulnerability in the EXP Shop (com_expshop) component 1.0 for Joomla! allows remote at...
E
CVE-2008-2893 SQL injection vulnerability in news.php in AJ Square aj-hyip (aka AJ HYIP Acme) allows remote attack...
E
CVE-2008-2894 Directory traversal vulnerability in the FTP client in NCH Software Classic FTP 1.02 for Windows all...
CVE-2008-2895 Directory traversal vulnerability in index.php in AproxEngine 5.1.0.4 allows remote attackers to inc...
E
CVE-2008-2896 Directory traversal vulnerability in index.php in FireAnt 1.3 allows remote attackers to include and...
E
CVE-2008-2897 SQL injection vulnerability in index.php in PageSquid CMS 0.3 Beta allows remote attackers to execut...
E
CVE-2008-2898 Directory traversal vulnerability in includes/header.php in Hedgehog-CMS 1.21 allows remote attacker...
E
CVE-2008-2899 Unspecified vulnerability in includes/classes/page.php in j00lean-CMS 1.03 has unknown impact and at...
S
CVE-2008-2900 SQL injection vulnerability in item.php in PHPAuction 3.2 allows remote attackers to execute arbitra...
E
CVE-2008-2901 Multiple SQL injection vulnerabilities in Haudenschilt Family Connections CMS (FCMS) 1.4 allow remot...
E
CVE-2008-2902 SQL injection vulnerability in profile.php in AlstraSoft AskMe Pro 2.1 and earlier allows remote att...
E
CVE-2008-2903 SQL injection vulnerability in news.php in Advanced Webhost Billing System (AWBS) 2.3.3 through 2.7....
E
CVE-2008-2904 SQL injection vulnerability in shop.php in Conkurent PHPMyCart allows remote attackers to execute ar...
E
CVE-2008-2905 PHP remote file inclusion vulnerability in includes/Cache/Lite/Output.php in the Cache_Lite package ...
E
CVE-2008-2906 SQL injection vulnerability in lista_anexos.php in WebChamado 1.1 allows remote attackers to execute...
E
CVE-2008-2907 SQL injection vulnerability in admin/index.php in WebChamado 1.1, when magic_quotes_gpc is disabled,...
E
CVE-2008-2908 Multiple stack-based buffer overflows in a certain ActiveX control in ienipp.ocx in Novell iPrint Cl...
CVE-2008-2909 SQL injection vulnerability in results.php in Clever Copy 3.0 allows remote attackers to execute arb...
E
CVE-2008-2910 Buffer overflow in the DXTTextOutEffect ActiveX control (aka the Text-Effect DXT Filter), as distrib...
E
CVE-2008-2911 Multiple cross-site scripting (XSS) vulnerabilities in index.php in Contenido 4.8.4 allow remote att...
E S
CVE-2008-2912 Multiple PHP remote file inclusion vulnerabilities in Contenido CMS 4.8.4 allow remote attackers to ...
E S
CVE-2008-2913 Directory traversal vulnerability in func.php in Devalcms 1.4a, when magic_quotes_gpc is disabled, a...
E
CVE-2008-2914 SQL injection vulnerability in jobseekers/JobSearch3.php (aka the search module) in PHP JOBWEBSITE P...
E
CVE-2008-2915 Multiple SQL injection vulnerabilities in jobseekers/JobSearch.php (aka the search module) in Pre Jo...
E
CVE-2008-2916 Multiple SQL injection vulnerabilities in Pre ADS Portal 2.0 and earlier, when magic_quotes_gpc is d...
E
CVE-2008-2917 SQL injection vulnerability in productsofcat.asp in E-SMART CART allows remote attackers to execute ...
E
CVE-2008-2918 SQL injection vulnerability in details.php in Application Dynamics Cartweaver 3.0 allows remote atta...
E
CVE-2008-2919 SQL injection vulnerability in listing.php in Gryphon gllcTS2 4.2.4 allows remote attackers to execu...
E
CVE-2008-2920 admin/filemanager/ (aka the File Manager) in EZTechhelp EZCMS 1.2 and earlier does not require authe...
E S
CVE-2008-2921 SQL injection vulnerability in index.php in EZTechhelp EZCMS 1.2 and earlier allows remote attackers...
E S
CVE-2008-2922 Stack-based buffer overflow in artegic Dana IRC client 1.3 and earlier allows remote attackers to ca...
E
CVE-2008-2923 Cross-site scripting (XSS) vulnerability in read/search/results in Lyris ListManager 8.8, 8.95, and ...
CVE-2008-2924 Cross-site scripting (XSS) vulnerability in Webmatic before 2.8 allows remote attackers to inject ar...
S
CVE-2008-2925 SQL injection vulnerability in Webmatic before 2.8 allows remote attackers to execute arbitrary SQL ...
S
CVE-2008-2926 The kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIPS) r8, as used in CA Internet ...
S
CVE-2008-2927 Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (...
CVE-2008-2928 Multiple buffer overflows in the adminutil library in CGI applications in Red Hat Directory Server 7...
S
CVE-2008-2929 Multiple cross-site scripting (XSS) vulnerabilities in the adminutil library in the Directory Server...
S
CVE-2008-2930 Red Hat Directory Server 7.1 before SP7, Red Hat Directory Server 8, and Fedora Directory Server 1.1...
S
CVE-2008-2931 The do_change_type function in fs/namespace.c in the Linux kernel before 2.6.22 does not verify that...
S
CVE-2008-2932 Heap-based buffer overflow in Red Hat adminutil 1.1.6 allows remote attackers to cause a denial of s...
CVE-2008-2933 Mozilla Firefox before 2.0.0.16, and 3.x before 3.0.1, interprets '|' (pipe) characters in a command...
CVE-2008-2934 Mozilla Firefox 3 before 3.0.1 on Mac OS X allows remote attackers to cause a denial of service (app...
E
CVE-2008-2935 Multiple heap-based buffer overflows in the rc4 (1) encryption (aka exsltCryptoRc4EncryptFunction) a...
E S
CVE-2008-2936 Postfix before 2.3.15, 2.4 before 2.4.8, 2.5 before 2.5.4, and 2.6 before 2.6-20080814, when the ope...
E S
CVE-2008-2937 Postfix 2.5 before 2.5.4 and 2.6 before 2.6-20080814 delivers to a mailbox file even when this file ...
S
CVE-2008-2938 Directory traversal vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6...
E
CVE-2008-2939 Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63...
CVE-2008-2940 The alert-mailing implementation in HP Linux Imaging and Printing (HPLIP) 1.6.7 allows local users t...
CVE-2008-2941 The hpssd message parser in hpssd.py in HP Linux Imaging and Printing (HPLIP) 1.6.7 allows local use...
S
CVE-2008-2942 Directory traversal vulnerability in patch.py in Mercurial 1.0.1 allows user-assisted attackers to m...
E
CVE-2008-2943 Double free vulnerability in IBM Tivoli Directory Server (TDS) 6.1.0.0 through 6.1.0.15 allows remot...
CVE-2008-2944 Double free vulnerability in the utrace support in the Linux kernel, probably 2.6.18, in Red Hat Ent...
E
CVE-2008-2945 Sun Java System Access Manager 6.3 through 7.1 and Sun Java System Identity Server 6.1 and 6.2 do no...
CVE-2008-2946 The SNMP-DMI mapper subagent daemon (aka snmpXdmid) in Solstice Enterprise Agents in Sun Solaris 8 t...
CVE-2008-2947 Cross-domain vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, and 7 allows remote attackers...
E
CVE-2008-2948 Cross-domain vulnerability in Microsoft Internet Explorer 7 and 8 allows remote attackers to change ...
CVE-2008-2949 Cross-domain vulnerability in Microsoft Internet Explorer 6 and 7 allows remote attackers to change ...
CVE-2008-2950 The Page destructor in Page.cc in libpoppler in Poppler 0.8.4 and earlier deletes a pageWidgets obje...
E
CVE-2008-2951 Open redirect vulnerability in the search script in Trac before 0.10.5 allows remote attackers to re...
CVE-2008-2952 liblber/io.c in OpenLDAP 2.2.4 to 2.4.10 allows remote attackers to cause a denial of service (progr...
CVE-2008-2953 Linux DC++ (linuxdcpp) before 0.707 allows remote attackers to cause a denial of service (crash) via...
E
CVE-2008-2954 client/NmdcHub.cpp in Linux DC++ (linuxdcpp) before 0.707 allows remote attackers to cause a denial ...
E
CVE-2008-2955 Pidgin 2.4.1 allows remote attackers to cause a denial of service (crash) via a long filename that c...
CVE-2008-2956 Memory leak in Pidgin 2.0.0, and possibly other versions, allows remote attackers to cause a denial ...
CVE-2008-2957 The UPnP functionality in Pidgin 2.0.0, and possibly other versions, allows remote attackers to trig...
CVE-2008-2958 Race condition in (1) checkinstall 1.6.1 and (2) installwatch allows local users to overwrite arbitr...
E
CVE-2008-2959 Buffer overflow in a certain ActiveX control (vb6skit.dll) in Microsoft Visual Basic Enterprise Edit...
E
CVE-2008-2960 Cross-site scripting (XSS) vulnerability in phpMyAdmin before 2.11.7, when register_globals is enabl...
CVE-2008-2961 Multiple directory traversal vulnerabilities in view/index.php in CMS Mini 0.2.2 allow remote attack...
E
CVE-2008-2962 Multiple cross-site scripting (XSS) vulnerabilities in MyBlog allow remote attackers to inject arbit...
E
CVE-2008-2963 Multiple SQL injection vulnerabilities in MyBlog allow remote attackers to execute arbitrary SQL com...
E
CVE-2008-2964 SQL injection vulnerability in guide.php in ResearchGuide 0.5 allows remote attackers to execute arb...
E
CVE-2008-2965 Cross-site scripting (XSS) vulnerability in viewforum.php in JaxUltraBB (JUBB) 2.0 and earlier allow...
E
CVE-2008-2966 Directory traversal vulnerability in viewprofile.php in JaxUltraBB 2.0 and earlier allows remote att...
E
CVE-2008-2967 Multiple cross-site scripting (XSS) vulnerabilities in Academic Web Tools (AWT YEKTA) 1.4.3.1, and 1...
CVE-2008-2968 SQL injection vulnerability in rating.php in Academic Web Tools (AWT YEKTA) 1.4.3.1, and 1.4.2.8 and...
CVE-2008-2969 Directory traversal vulnerability in download.php in Academic Web Tools (AWT YEKTA) 1.4.3.1, and 1.4...
CVE-2008-2970 Multiple session fixation vulnerabilities in Academic Web Tools (AWT YEKTA) 1.4.3.1, and 1.4.2.8 and...
CVE-2008-2971 SQL injection vulnerability in links-extern.php in CiBlog 3.1 allows remote attackers to execute arb...
E
CVE-2008-2972 SQL injection vulnerability in index.php in KbLance allows remote attackers to execute arbitrary SQL...
E
CVE-2008-2973 Multiple cross-site scripting (XSS) vulnerabilities in chathead.php in MM Chat 1.5 allow remote atta...
E
CVE-2008-2974 Directory traversal vulnerability in chatconfig.php in MM Chat 1.5, when register_globals is enabled...
E
CVE-2008-2975 Cross-site scripting (XSS) vulnerability in admin/objects/obj_image.php in TinX/cms 1.1 allows remot...
E
CVE-2008-2976 Multiple directory traversal vulnerabilities in TinX/cms 1.1, when register_globals is enabled, allo...
E
CVE-2008-2977 Multiple PHP remote file inclusion vulnerabilities in Ourvideo CMS 9.5 allow remote attackers to exe...
E
CVE-2008-2978 Directory traversal vulnerability in phpi/rss.php in Ourvideo CMS 9.5, when register_globals is enab...
E
CVE-2008-2979 Multiple cross-site scripting (XSS) vulnerabilities in phpi/login.php in Ourvideo CMS 9.5 allow remo...
E
CVE-2008-2980 Multiple cross-site scripting (XSS) vulnerabilities in HomePH Design 2.10 RC2 allow remote attackers...
E
CVE-2008-2981 PHP remote file inclusion vulnerability in admin/templates/template_thumbnail.php in HomePH Design 2...
E
CVE-2008-2982 Multiple directory traversal vulnerabilities in HomePH Design 2.10 RC2, when register_globals is ena...
E
CVE-2008-2983 SQL injection vulnerability in index.php in Demo4 CMS 01 Beta allows remote attackers to execute arb...
E
CVE-2008-2984 Cross-site scripting (XSS) vulnerability in backend/umleitung.php in CMReams CMS 1.3.1.1 Beta 2 allo...
E
CVE-2008-2985 Directory traversal vulnerability in load_language.php in CMReams CMS 1.3.1.1 Beta 2, when register_...
E
CVE-2008-2986 Multiple PHP remote file inclusion vulnerabilities in phpDMCA 1.0.0 allow remote attackers to execut...
E
CVE-2008-2987 Multiple cross-site scripting (XSS) vulnerabilities in Benja CMS 0.1 allow remote attackers to injec...
E
CVE-2008-2988 Unrestricted file upload vulnerability in admin/upload.php in Benja CMS 0.1 allows remote attackers ...
E
CVE-2008-2989 SQL injection vulnerability in index.php in HoMaP-CMS 0.1 allows remote attackers to execute arbitra...
E
CVE-2008-2990 PHP remote file inclusion vulnerability in facileforms.frame.php in the FacileForms (com_facileforms...
E
CVE-2008-2991 Cross-site scripting (XSS) vulnerability in Adobe RoboHelp Server 6 and 7 allows remote attackers to...
E
CVE-2008-2992 Stack-based buffer overflow in Adobe Acrobat and Reader 8.1.2 and earlier allows remote attackers to...
KEV E S
CVE-2008-2993 Multiple directory traversal vulnerabilities in index.php in FOG Forum 0.8.1 allow remote attackers ...
E
CVE-2008-2994 Multiple cross-site scripting (XSS) vulnerabilities in PHPEasyData 1.5.4 allow remote attackers to i...
E
CVE-2008-2995 Multiple SQL injection vulnerabilities in PHPEasyData 1.5.4 allow remote attackers to execute arbitr...
E
CVE-2008-2996 Multiple SQL injection vulnerabilities in index.php in Gravity Board X (GBX) 2.0 Beta, when magic_qu...
E
CVE-2008-2997 Cross-site scripting (XSS) vulnerability in index.php in Gravity Board X (GBX) 2.0 Beta allows remot...
E
CVE-2008-2998 Multiple cross-site scripting (XSS) vulnerabilities in the Aggregation module 5.x before 5.x-4.4 for...
S
CVE-2008-2999 Multiple SQL injection vulnerabilities in the Aggregation module 5.x before 5.x-4.4 for Drupal allow...
S
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.