CVE-2008-3xxx

There are 989 CVE in this subgroup.
Last updated: 
← Back to 2008
ID Summary Flags Max Score
CVE-2008-3000 The Aggregation module 5.x before 5.x-4.4 for Drupal, when node access modules are used, does not pr...
S
CVE-2008-3001 The Aggregation module 5.x before 5.x-4.4 for Drupal allows remote attackers to upload files with ar...
S
CVE-2008-3002 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2008-3003 Microsoft Office Excel 2007 Gold and SP1 does not properly delete the PWD (password) string from con...
CVE-2008-3004 Microsoft Office Excel 2000 SP3, 2002 SP3, and 2003 SP2 and SP3; Office Excel Viewer 2003; and Offic...
CVE-2008-3005 Array index vulnerability in Microsoft Office Excel 2000 SP3 and 2002 SP3, and Office 2004 and 2008 ...
CVE-2008-3006 Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Vie...
CVE-2008-3007 Argument injection vulnerability in a URI handler in Microsoft Office XP SP3, 2003 SP2 and SP3, 2007...
CVE-2008-3008 Stack-based buffer overflow in the WMEncProfileManager ActiveX control in wmex.dll in Microsoft Wind...
E
CVE-2008-3009 Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media S...
CVE-2008-3010 Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media S...
CVE-2008-3011 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2008-3012 gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 an...
CVE-2008-3013 gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 an...
CVE-2008-3014 Buffer overflow in gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3,...
CVE-2008-3015 Integer overflow in gdiplus.dll in GDI+ in Microsoft Office XP SP3, Office 2003 SP2 and SP3, 2007 Mi...
E
CVE-2008-3016 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2008-3017 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2008-3018 Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 do not properly ...
CVE-2008-3019 Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 do not properly ...
S
CVE-2008-3020 Microsoft Office 2000 SP3 and XP SP3; Office Converter Pack; and Works 8 do not properly parse the l...
CVE-2008-3021 Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 do not properly ...
S
CVE-2008-3022 Multiple PHP remote file inclusion vulnerabilities in sablonlar/gunaysoft/gunaysoft.php in PHPortal ...
E
CVE-2008-3023 Cross-site scripting (XSS) vulnerability in FreeStyle Wiki 3.6.2 and earlier, and 3.6.3 dev3 and ear...
CVE-2008-3024 Stack-based buffer overflow in phgrafx in QNX Momentics (aka RTOS) 6.3.2 and earlier allows local us...
E
CVE-2008-3025 SQL injection vulnerability in ad.php in plx Ad Trader 3.2 allows remote attackers to execute arbitr...
E
CVE-2008-3026 SQL injection vulnerability in index.php in OneClick CMS (aka Sisplet CMS) 2008-01-24 allows remote ...
E
CVE-2008-3027 SQL injection vulnerability in get_article.php in VanGogh Web CMS 0.9 allows remote attackers to exe...
E
CVE-2008-3028 Multiple cross-site scripting (XSS) vulnerabilities in the Send-A-Card (sr_sendcard) extension 2.2.2...
S
CVE-2008-3029 Cross-site scripting (XSS) vulnerability in the WEC Discussion Forum (wec_discussion) extension 1.6....
S
CVE-2008-3030 SQL injection vulnerability in default.asp in EfesTECH Shop 2.0 allows remote attackers to execute a...
E
CVE-2008-3031 Directory traversal vulnerability in index.php in Simple PHP Agenda 2.2.4 and earlier allows remote ...
E
CVE-2008-3032 Cross-site scripting (XSS) vulnerability in the phpMyAdmin (phpmyadmin) extension 3.0.1 and earlier ...
S
CVE-2008-3033 RSS-aggregator 1.0 does not require administrative authentication for the admin/fonctions/ directory...
CVE-2008-3034 Multiple SQL injection vulnerabilities in RSS-aggregator 1.0 allow remote attackers to execute arbit...
CVE-2008-3035 SQL injection vulnerability in newThread.php in XchangeBoard 1.70 Final and earlier allows remote au...
E
CVE-2008-3036 Directory traversal vulnerability in index.php in CMS little 0.0.1 allows remote attackers to includ...
E
CVE-2008-3037 Cross-site scripting (XSS) vulnerability in the Address Directory (sp_directory) extension 0.2.10 an...
CVE-2008-3038 SQL injection vulnerability in the Address Directory (sp_directory) extension 0.2.10 and earlier for...
CVE-2008-3039 SQL injection vulnerability in the DAM Frontend (dam_frontend) extension 0.1.0 and earlier for TYPO3...
CVE-2008-3040 Unspecified vulnerability in the DAM Frontend (dam_frontend) extension 0.1.0 and earlier for TYPO3 a...
CVE-2008-3041 Unspecified vulnerability in the DAM Frontend (dam_frontend) extension 0.1.0 and earlier for TYPO3 h...
CVE-2008-3042 Unspecified vulnerability in the DAM Frontend (dam_frontend) extension 0.1.0 and earlier for TYPO3 h...
CVE-2008-3043 Unspecified vulnerability in the WEC Discussion Forum (wec_discussion) extension 1.6.2 and earlier f...
S
CVE-2008-3044 SQL injection vulnerability in the News Calendar (newscalendar) extension 1.0.7 and earlier for TYPO...
S
CVE-2008-3045 Unspecified vulnerability in the Industry Database (aka Branchendatenbank pro_industrydb) extension ...
CVE-2008-3046 Incomplete blacklist vulnerability in the Packman (kb_packman) extension 0.2.1 and earlier for TYPO3...
S
CVE-2008-3047 Incomplete blacklist vulnerability in the KB Unpack (kb_unpack) extension 0.1.0 and earlier for TYPO...
S
CVE-2008-3048 Unspecified vulnerability in the PDF Generator 2 (pdf_generator2) extension 0.5.0 and earlier for TY...
S
CVE-2008-3049 The PDF Generator 2 (pdf_generator2) extension 0.5.0 and earlier for TYPO3 allows attackers to obtai...
S
CVE-2008-3050 Unspecified vulnerability in the PDF Generator 2 (pdf_generator2) extension 0.5.0 and earlier for TY...
S
CVE-2008-3051 SQL injection vulnerability in the Pinboard extension 0.0.6 and earlier for TYPO3 allows remote atta...
S
CVE-2008-3052 Unspecified vulnerability in the SQL Frontend (mh_omsqlio) extension 1.0.11 and earlier for TYPO3 al...
CVE-2008-3053 SQL injection vulnerability in the SQL Frontend (mh_omsqlio) extension 1.0.11 and earlier for TYPO3 ...
S
CVE-2008-3054 SQL injection vulnerability in the Branchenbuch (aka Yellow Pages o (mh_branchenbuch) extension 0.8....
CVE-2008-3055 SQL injection vulnerability in the Support view (ext_tbl) extension 0.0.102 and earlier for TYPO3 al...
CVE-2008-3056 SQL injection vulnerability in the Codeon Petition (cd_petition) extension 0.0.2 and earlier for TYP...
CVE-2008-3057 Octeth Oempro 3.5.5.1, and possibly other versions before 4, does not set the secure flag for the PH...
E
CVE-2008-3058 Multiple SQL injection vulnerabilities in Octeth Oempro 3.5.5.1, and possibly other versions before ...
E
CVE-2008-3059 member/settings_account.php in Octeth Oempro 3.5.5.1, and possibly other versions before 4, uses cle...
E
CVE-2008-3060 V-webmail 1.5.0 allows remote attackers to obtain sensitive information via (1) malformed input in t...
CVE-2008-3061 Open redirect vulnerability in redirect.php in V-webmail 1.5.0 allows remote attackers to redirect u...
CVE-2008-3063 SQL injection vulnerability in login.php in V-webmail 1.5.0 might allow remote attackers to execute ...
CVE-2008-3064 Unspecified vulnerability in RealNetworks RealPlayer Enterprise, RealPlayer 10, and RealPlayer 10.5 ...
CVE-2008-3066 Stack-based buffer overflow in a certain ActiveX control in rjbdll.dll in RealNetworks RealPlayer En...
CVE-2008-3067 sudo in SUSE openSUSE 10.3 does not clear the stdin buffer when password entry times out, which migh...
CVE-2008-3068 Microsoft Crypto API 5.131.2600.2180 through 6.0, as used in Outlook, Windows Live Mail, and Office ...
CVE-2008-3069 Multiple cross-site scripting (XSS) vulnerabilities in MyBB before 1.2.13 allow remote attackers to ...
CVE-2008-3070 Unspecified vulnerability in inc/datahandler/user.php in MyBB before 1.2.13 has unknown impact and a...
S
CVE-2008-3071 Directory traversal vulnerability in inc/class_language.php in MyBB before 1.2.13 has unknown impact...
S
CVE-2008-3072 Simple Machines Forum (SMF) 1.1.x before 1.1.5 and 1.0.x before 1.0.13, when running in PHP before 4...
CVE-2008-3073 Unspecified vulnerability in Simple Machines Forum (SMF) 1.1.x before 1.1.5 and 1.0.x before 1.0.13 ...
CVE-2008-3074 The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers t...
E S
CVE-2008-3075 The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers t...
E S
CVE-2008-3076 The Netrw plugin 125 in netrw.vim in Vim 7.2a.10 allows user-assisted attackers to execute arbitrary...
E S
CVE-2008-3077 arch/x86/kernel/ptrace.c in the Linux kernel before 2.6.25.10 on the x86_64 platform leaks task_stru...
CVE-2008-3078 Opera before 9.51 does not properly manage memory within functions supporting the CANVAS element, wh...
CVE-2008-3079 Unspecified vulnerability in Opera before 9.51 on Windows allows attackers to execute arbitrary code...
CVE-2008-3080 Cross-site request forgery (CSRF) vulnerability in admin.php in myWebland myBloggie 2.1.6 allows rem...
E
CVE-2008-3081 Multiple unspecified "input validation" vulnerabilities in the Web management interface (aka Messagi...
CVE-2008-3082 Cross-site scripting (XSS) vulnerability in UPM/English/login/login.asp in Commtouch Enterprise Anti...
CVE-2008-3083 SQL injection vulnerability in Brightcode Weblinks (com_brightweblinks) component for Joomla! allows...
E
CVE-2008-3084 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2008-3085 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2008-3086 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2008-3087 Directory traversal vulnerability in Kasseler CMS 1.3.0 allows remote attackers to read arbitrary fi...
E
CVE-2008-3088 Cross-site scripting (XSS) vulnerability in the Files module in Kasseler CMS 1.3.0 and 1.3.1 Lite al...
E
CVE-2008-3089 SQL injection vulnerability in user.html in Xpoze Pro 3.06 (aka Xpoze Pro CMS 2008) allows remote at...
E
CVE-2008-3090 Multiple SQL injection vulnerabilities in index.php in BlognPlus (BURO GUN +) 2.5.5 MySQL and Postgr...
E S
CVE-2008-3091 Cross-site scripting (XSS) vulnerability in the Taxonomy Autotagger module 5.x before 5.x-1.8 for Dr...
CVE-2008-3092 SQL injection vulnerability in the Taxonomy Autotagger module 5.x before 5.x-1.8 for Drupal allows r...
S
CVE-2008-3093 Unrestricted file upload vulnerability in ImperialBB 2.3.5 and earlier allows remote authenticated u...
E
CVE-2008-3094 The Organic Groups (OG) module 5.x before 5.x-7.3 and 6.x before 6.x-1.0-RC1, a module for Drupal, a...
S
CVE-2008-3095 Cross-site scripting (XSS) vulnerability in the Organic Groups (OG) module 5.x before 5.x-7.3 and 6....
CVE-2008-3096 The Outline Designer module 5.x before 5.x-1.4 for Drupal changes each content reader's authenticati...
S
CVE-2008-3097 Cross-site scripting (XSS) vulnerability in the Tinytax module (aka Tinytax taxonomy block) 5.x befo...
CVE-2008-3098 Cross-site scripting (XSS) vulnerability in admin/usercheck.php in fuzzylime (cms) before 3.03 allow...
E S
CVE-2008-3100 Cross-site scripting (XSS) vulnerability in lib/owl.lib.php in Steve Bourgeois and Chris Vincent Owl...
E S
CVE-2008-3101 Multiple cross-site scripting (XSS) vulnerabilities in vtiger CRM 5.0.4 allow remote attackers to in...
E S
CVE-2008-3102 Mantis 1.1.x through 1.1.2 and 1.2.x through 1.2.0a2 does not set the secure flag for the session co...
CVE-2008-3103 Unspecified vulnerability in the Java Management Extensions (JMX) management agent in Sun Java Runti...
S
CVE-2008-3104 Multiple unspecified vulnerabilities in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before U...
S
CVE-2008-3105 Unspecified vulnerability in the JAX-WS client and service in Sun Java Runtime Environment (JRE) in ...
S
CVE-2008-3106 Unspecified vulnerability in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlie...
CVE-2008-3107 Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JR...
CVE-2008-3108 Buffer overflow in Sun Java Runtime Environment (JRE) in JDK and JRE 5.0 before Update 10, SDK and J...
CVE-2008-3109 Unspecified vulnerability in scripting language support in Sun Java Runtime Environment (JRE) in JDK...
S
CVE-2008-3110 Unspecified vulnerability in scripting language support in Sun Java Runtime Environment (JRE) in JDK...
S
CVE-2008-3111 Multiple buffer overflows in Sun Java Web Start in JDK and JRE 6 before Update 4, JDK and JRE 5.0 be...
S
CVE-2008-3112 Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JR...
S
CVE-2008-3113 Unspecified vulnerability in Sun Java Web Start in JDK and JRE 5.0 before Update 16 and SDK and JRE ...
S
CVE-2008-3114 Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 be...
S
CVE-2008-3115 Secure Static Versioning in Sun Java JDK and JRE 6 Update 6 and earlier, and 5.0 Update 6 through 15...
S
CVE-2008-3116 Format string vulnerability in dx8render.dll in Snail Game (aka Suzhou Snail Electronic Company) 5th...
CVE-2008-3117 Unrestricted file upload vulnerability in update_profile.php in PHPmotion 2.0 and earlier allows rem...
E
CVE-2008-3118 SQL injection vulnerability in play.php in PHPmotion 2.0 and earlier allows remote attackers to exec...
E
CVE-2008-3119 SQL injection vulnerability in index.php in DreamPics Builder allows remote attackers to execute arb...
E
CVE-2008-3120 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-3363. Reason: This candida...
R
CVE-2008-3121 Multiple cross-site scripting (XSS) vulnerabilities in Xerox CentreWare Web (CWW) before 4.6.46 allo...
S
CVE-2008-3122 Multiple SQL injection vulnerabilities in Xerox CentreWare Web (CWW) before 4.6.46 allow remote auth...
S
CVE-2008-3123 SQL injection vulnerability in index.php in Mole Group Real Estate Script 1.1 and earlier allows rem...
E
CVE-2008-3124 SQL injection vulnerability in index.php in Mole Group Hotel Script 1.0 allows remote attackers to e...
E
CVE-2008-3125 SQL injection vulnerability in index.php in Mole Group Lastminute Script 4.0 allows remote attackers...
E
CVE-2008-3126 Multiple stack-based buffer overflows in the ServerView web interface (SnmpGetMibValues.exe) in Fuji...
CVE-2008-3127 PHP remote file inclusion vulnerability in hioxBannerRotate.php in HIOX Banner Rotator (HBR) 1.3, wh...
E
CVE-2008-3128 Directory traversal vulnerability in search.php in Pivot 1.40.5 allows remote attackers to read arbi...
E S
CVE-2008-3129 Multiple SQL injection vulnerabilities in index.php in Catviz 0.4 beta 1 allow remote attackers to e...
E
CVE-2008-3130 Multiple cross-site scripting (XSS) vulnerabilities in index.php in OpenCart 0.7.7 allow remote atta...
CVE-2008-3131 SQL injection vulnerability in chatbox.php in pSys 0.7.0 Alpha, when magic_quotes_gpc is disabled, a...
E
CVE-2008-3132 SQL injection vulnerability in the beamospetition (com_beamospetition) component for Joomla! allows ...
E
CVE-2008-3133 SQL injection vulnerability in admin/index.php in BareNuked CMS 1.1.0, when magic_quotes_gpc is disa...
E
CVE-2008-3134 Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause ...
CVE-2008-3135 Soldner Secret Wars 33724 and earlier allows remote attackers to cause a denial of service (CPU cons...
CVE-2008-3136 SQL injection vulnerability in catalogue.php in AShop Deluxe 4.x allows remote attackers to execute ...
E
CVE-2008-3137 The GSM SMS dissector in Wireshark (formerly Ethereal) 0.99.2 through 1.0.0 allows remote attackers ...
E S
CVE-2008-3138 The (1) PANA and (2) KISMET dissectors in Wireshark (formerly Ethereal) 0.99.3 through 1.0.0 allow r...
CVE-2008-3139 The RTMPT dissector in Wireshark (formerly Ethereal) 0.99.8 through 1.0.0 allows remote attackers to...
CVE-2008-3140 The syslog dissector in Wireshark (formerly Ethereal) 1.0.0 allows remote attackers to cause a denia...
CVE-2008-3141 Unspecified vulnerability in the RMI dissector in Wireshark (formerly Ethereal) 0.9.5 through 1.0.0 ...
E S
CVE-2008-3142 Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent att...
E
CVE-2008-3143 Multiple integer overflows in Python before 2.5.2 might allow context-dependent attackers to have an...
CVE-2008-3144 Multiple integer overflows in the PyOS_vsnprintf function in Python/mysnprintf.c in Python 2.5.2 and...
E
CVE-2008-3145 The fragment_add_work function in epan/reassemble.c in Wireshark 0.8.19 through 1.0.1 allows remote ...
S
CVE-2008-3146 Multiple buffer overflows in packet_ncp2222.inc in Wireshark (formerly Ethereal) 0.9.7 through 1.0.2...
CVE-2008-3147 WeFi 3.2.1.4.1, when diagnostic mode is enabled, stores (1) WEP, (2) WPA, and (3) WPA2 access-point ...
CVE-2008-3148 Stack-based buffer overflow in (1) OllyDBG 1.10 and (2) ImpREC 1.7f allows user-assisted attackers t...
E
CVE-2008-3149 The SNMP daemon in the F5 FirePass 1200 6.0.2 hotfix 3 allows remote attackers to cause a denial of ...
CVE-2008-3150 Directory traversal vulnerability in index.php in Neutrino Atomic Edition 0.8.4 allows remote attack...
E
CVE-2008-3151 SQL injection vulnerability in the 4ndvddb 0.91 module for PHP-Nuke allows remote attackers to execu...
CVE-2008-3152 SQL injection vulnerability in directory.php in SmartPPC and SmartPPC Pro allows remote attackers to...
E
CVE-2008-3153 SQL injection vulnerability in Triton CMS Pro allows remote attackers to execute arbitrary SQL comma...
E
CVE-2008-3154 SQL injection vulnerability in index.php in WebBlizzard CMS allows remote attackers to execute arbit...
E
CVE-2008-3155 Stack-based buffer overflow in the ActiveX control (as2guiie.dll) in Panda ActiveScan before 1.02.00...
E
CVE-2008-3156 The ActiveScan ActiveX Control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attac...
E
CVE-2008-3157 Nortel SIP Multimedia PC Client 4.x MCS5100 and MCS5200 does not limit the number of concurrent sess...
CVE-2008-3158 Unspecified vulnerability in NWFS.SYS in Novell Client for Windows 4.91 SP4 has unknown impact and a...
S
CVE-2008-3159 Integer overflow in ds.dlm, as used by dhost.exe, in Novell eDirectory 8.7.3.10 before 8.7.3 SP10b a...
CVE-2008-3160 Multiple unspecified vulnerabilities in IBM Data ONTAP 7.1 before 7.1.3, as used by IBM System Stora...
CVE-2008-3161 Multiple cross-site scripting (XSS) vulnerabilities in jsp/common/system/debug.jsp in IBM Maximo 4.1...
E
CVE-2008-3162 Stack-based buffer overflow in the str_read_packet function in libavformat/psxstr.c in FFmpeg before...
CVE-2008-3163 Directory traversal vulnerability in dodosmail.php in DodosMail 2.5 allows remote attackers to inclu...
E
CVE-2008-3164 Directory traversal vulnerability in blog.php in fuzzylime (cms) 3.01, when magic_quotes_gpc is disa...
E
CVE-2008-3165 Directory traversal vulnerability in rss.php in fuzzylime (cms) 3.01a and earlier, when magic_quotes...
E
CVE-2008-3166 PHP remote file inclusion vulnerability in modules/global/inc/content.inc.php in BoonEx Ray 3.5, whe...
E
CVE-2008-3167 Multiple PHP remote file inclusion vulnerabilities in BoonEx Dolphin 6.1.2, when register_globals is...
E
CVE-2008-3168 The files utility in Empire Server before 4.3.15 discloses the world creation time, which makes it e...
S
CVE-2008-3169 Multiple heap-based buffer overflows in Empire Server before 4.3.15 allow remote attackers to cause ...
CVE-2008-3170 Apple Safari allows web sites to set cookies for country-specific top-level domains, such as co.uk a...
CVE-2008-3171 Apple Safari sends Referer headers containing https URLs to different https web sites, which allows ...
CVE-2008-3172 Opera allows web sites to set cookies for country-specific top-level domains that have DNS A records...
CVE-2008-3173 Microsoft Internet Explorer allows web sites to set cookies for domains that have a public suffix wi...
CVE-2008-3174 Unspecified vulnerability in the kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIPS...
CVE-2008-3175 Integer underflow in rxRPC.dll in the LGServer service in the server in CA ARCserve Backup for Lapto...
S
CVE-2008-3177 Sophos virus detection engine 2.75 on Linux and Unix, as used in Sophos Email Appliance, Pure Messag...
CVE-2008-3178 Unrestricted file upload vulnerability in upload_pictures.php in WebXell Editor 0.1.3 allows remote ...
E
CVE-2008-3179 Directory traversal vulnerability in website.php in Web 2 Business (W2B) phpDatingClub (aka Dating C...
E
CVE-2008-3180 Multiple cross-site scripting (XSS) vulnerabilities in upload/file/language_menu.php in ContentNow C...
E
CVE-2008-3181 Unrestricted file upload vulnerability in upload.php in ContentNow CMS 1.4.1 allows remote authentic...
E
CVE-2008-3182 Stack-based buffer overflow in DAP.exe in Download Accelerator Plus (DAP) 7.0.1.3, 8.6.6.3, and othe...
E
CVE-2008-3183 PHP remote file inclusion vulnerability in ktmlpro/includes/ktedit/toolbar.php in gapicms 9.0.2 allo...
E
CVE-2008-3184 Multiple cross-site scripting (XSS) vulnerabilities in vBulletin 3.6.10 PL2 and earlier, and 3.7.2 a...
CVE-2008-3185 SQL injection vulnerability in index.php in Relative Real Estate Systems 3.0 and earlier allows remo...
E
CVE-2008-3186 Multiple cross-site scripting (XSS) vulnerabilities in Chipmunk Blog (Blogger) allow remote attacker...
CVE-2008-3187 zypp-refresh-patches in zypper in SUSE openSUSE 10.2, 10.3, and 11.0 does not ask the user before ac...
CVE-2008-3188 libxcrypt in SUSE openSUSE 11.0 uses the DES algorithm when the configuration specifies the MD5 algo...
CVE-2008-3189 SQL injection vulnerability in dreamnews-rss.php in DreamNews Manager allows remote attackers to exe...
E
CVE-2008-3190 Directory traversal vulnerability in list.php in 1Scripts CodeDB 1.1.1 allows remote attackers to in...
E
CVE-2008-3191 Multiple SQL injection vulnerabilities in usercp.php in mForum 0.1a, when magic_quotes_gpc is disabl...
E
CVE-2008-3192 Directory traversal vulnerability in index.php in jSite 1.0 OE allows remote attackers to include an...
E
CVE-2008-3193 SQL injection vulnerability in jSite 1.0 OE allows remote attackers to execute arbitrary SQL command...
E
CVE-2008-3194 Multiple directory traversal vulnerabilities in data/inc/themes/predefined_variables.php in pluck 4....
E
CVE-2008-3195 Directory traversal vulnerability in bin/configure in TWiki before 4.2.3, when a certain step in the...
E S
CVE-2008-3196 skeleton.c in yacc does not properly handle reduction of a rule with an empty right hand side, which...
CVE-2008-3197 Cross-site request forgery (CSRF) vulnerability in phpMyAdmin before 2.11.7.1 allows remote attacker...
E
CVE-2008-3198 Mozilla Firefox 3.x before 3.0.1 allows remote attackers to inject arbitrary web script into a chrom...
CVE-2008-3199 Multiple unspecified vulnerabilities in ReSIProcate before 1.3.4 allow remote attackers to cause a d...
CVE-2008-3200 SQL injection vulnerability in vlc_forum.php in Avlc Forum as of 20080715 allows remote attackers to...
E
CVE-2008-3201 Multiple cross-site scripting (XSS) vulnerabilities in index.php in Pagefusion 1.5 allow remote atta...
E
CVE-2008-3202 Cross-site scripting (XSS) vulnerability in index.php in Xomol CMS 1.2 allows remote attackers to in...
E
CVE-2008-3203 js/pages/pages_data.php in AuraCMS 2.2 through 2.2.2 does not perform authentication, which allows r...
E
CVE-2008-3204 SQL injection vulnerability in tops_top.php in E-topbiz Million Pixels 3 allows remote attackers to ...
E
CVE-2008-3205 Directory traversal vulnerability in index.php in Easy-Script Wysi Wiki Wyg 1.0 allows remote attack...
E
CVE-2008-3206 SQL injection vulnerability in browse.groups.php in Yuhhu Pubs Black Cat allows remote attackers to ...
E
CVE-2008-3207 PHP remote file inclusion vulnerability in cms/modules/form.lib.php in Pragyan CMS 2.6.2, when regis...
E
CVE-2008-3208 Simple DNS Plus 4.1, 5.0, and possibly other versions before 5.1.101 allows remote attackers to caus...
E
CVE-2008-3209 Heap-based buffer overflow in the OpenGifFile function in BiGif.dll in Black Ice Document Imaging SD...
E
CVE-2008-3210 rutil/dns/DnsStub.cxx in ReSIProcate 1.3.2, as used by repro, allows remote attackers to cause a den...
E S
CVE-2008-3211 Scripteen Free Image Hosting Script 1.2 and 1.2.1 allows remote attackers to bypass authentication a...
E
CVE-2008-3212 Multiple SQL injection vulnerabilities in Scripteen Free Image Hosting Script 1.2.1 allow remote att...
CVE-2008-3213 SQL injection vulnerability in secciones/tablon/tablon.php in WebCMS Portal Edition allows remote at...
E
CVE-2008-3214 dnsmasq 2.25 allows remote attackers to cause a denial of service (daemon crash) by (1) renewing a n...
E
CVE-2008-3215 libclamav/petite.c in ClamAV before 0.93.3 allows remote attackers to cause a denial of service via ...
E
CVE-2008-3216 The save function in br/prefmanager.d in projectl 1.001 creates a projectL.prf file in the current w...
CVE-2008-3217 PowerDNS Recursor before 3.1.6 does not always use the strongest random number generator for source ...
S
CVE-2008-3218 Multiple cross-site scripting (XSS) vulnerabilities in Drupal 6.x before 6.3 allow remote attackers ...
S
CVE-2008-3219 The Drupal filter_xss_admin function in 5.x before 5.8 and 6.x before 6.3 does not "prevent use of t...
S
CVE-2008-3220 Cross-site request forgery (CSRF) vulnerability in Drupal 5.x before 5.8 and 6.x before 6.3 allows r...
S
CVE-2008-3221 Cross-site request forgery (CSRF) vulnerability in Drupal 6.x before 6.3 allows remote attackers to ...
S
CVE-2008-3222 Session fixation vulnerability in Drupal 5.x before 5.9 and 6.x before 6.3, when contributed modules...
S
CVE-2008-3223 SQL injection vulnerability in the Schema API in Drupal 6.x before 6.3 allows remote attackers to ex...
S
CVE-2008-3224 Unspecified vulnerability in phpBB before 3.0.1 has unknown impact and attack vectors related to "ur...
CVE-2008-3225 Joomla! before 1.5.4 allows attackers to access administration functionality, which has unknown impa...
S
CVE-2008-3226 The file caching implementation in Joomla! before 1.5.4 allows attackers to access cached pages via ...
CVE-2008-3227 Unspecified vulnerability in Joomla! before 1.5.4 has unknown impact and attack vectors related to a...
CVE-2008-3228 Joomla! before 1.5.4 does not configure .htaccess to apply certain security checks that "block commo...
CVE-2008-3229 Stack-based buffer overflow in op before Changeset 563, when xauth support is enabled, allows local ...
E
CVE-2008-3230 The ffmpeg lavf demuxer allows user-assisted attackers to cause a denial of service (application cra...
E
CVE-2008-3231 xine-lib before 1.1.15 allows remote attackers to cause a denial of service (crash) via a crafted OG...
E S
CVE-2008-3232 Unrestricted file upload vulnerability in ecrire/images.php in Dotclear 1.2.7.1 and earlier allows r...
CVE-2008-3233 Cross-site scripting (XSS) vulnerability in WordPress before 2.6, SVN development versions only, all...
E
CVE-2008-3234 sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH snapshot, allows remote authenticate...
E
CVE-2008-3235 Unspecified vulnerability in the PropFilePasswordEncoder utility in the Security component in IBM We...
CVE-2008-3236 Unspecified vulnerability in Wsadmin in the System Management/Repository component in IBM WebSphere ...
CVE-2008-3237 Cross-site scripting (XSS) vulnerability in forward_to_friend.php in ITechBids 7.0 Gold allows remot...
E
CVE-2008-3238 Multiple SQL injection vulnerabilities in ITechBids 7.0 Gold allow remote attackers to execute arbit...
E
CVE-2008-3239 Unrestricted file upload vulnerability in the writeLogEntry function in system/v_cron_proc.php in PH...
E
CVE-2008-3240 SQL injection vulnerability in index.php in AlstraSoft Affiliate Network Pro allows remote attackers...
E
CVE-2008-3241 SQL injection vulnerability in players-detail.php in UltraStats 0.2.136, 0.2.140, and 0.2.142 allows...
E
CVE-2008-3242 Heap-based buffer overflow in the PPMedia Class ActiveX control in PPMPlayer.dll in PPMate 2.3.1.93 ...
E
CVE-2008-3243 Multiple unspecified vulnerabilities in the scanning engine before 4.4.4 in F-Prot Antivirus before ...
S
CVE-2008-3244 The scanning engine before 4.4.4 in F-Prot Antivirus before 6.0.9.0 allows remote attackers to cause...
CVE-2008-3245 SQL injection vulnerability in phpHoo3.php in phpHoo3 4.3.9, 4.3.10, 4.4.8, and 5.2.6 allows remote ...
E
CVE-2008-3246 Unspecified vulnerability in the PDF distiller component in the BlackBerry Attachment Service in Bla...
CVE-2008-3247 The LDT implementation in the Linux kernel 2.6.25.x before 2.6.25.11 on x86_64 platforms uses an inc...
S
CVE-2008-3248 qiomkfile in the Quick I/O for Database feature in Symantec Veritas File System (VxFS) on HP-UX, and...
S
CVE-2008-3249 The client in Lenovo System Update before 3.14 does not properly validate the certificate when estab...
S
CVE-2008-3250 SQL injection vulnerability in index.php in Arctic Issue Tracker 2.0.0 allows remote attackers to ex...
E
CVE-2008-3251 Multiple SQL injection vulnerabilities in tplSoccerSite 1.0 allow remote attackers to execute arbitr...
E S
CVE-2008-3252 Stack-based buffer overflow in the read_article function in getarticle.c in newsx 1.6 allows remote ...
S
CVE-2008-3253 Cross-site scripting (XSS) vulnerability in the XenAPI HTTP interfaces in Citrix XenServer Express, ...
CVE-2008-3254 SQL injection vulnerability in index.php in preCMS 1 allows remote attackers to execute arbitrary SQ...
E
CVE-2008-3255 Cross-site scripting (XSS) vulnerability in LunarNight Laboratory WebProxy 1.7.8 and earlier allows ...
CVE-2008-3256 SQL injection vulnerability in folder.php in Siteframe CMS 3.2.3 and earlier, and Siteframe Beaumont...
E
CVE-2008-3257 Stack-based buffer overflow in the Apache Connector (mod_wl) in Oracle WebLogic Server (formerly BEA...
E
CVE-2008-3258 Multiple SQL injection vulnerabilities in Zoph before 0.7.0.5 allow remote attackers to execute arbi...
S
CVE-2008-3259 OpenSSH before 5.1 sets the SO_REUSEADDR socket option when the X11UseLocalhost configuration settin...
CVE-2008-3260 Multiple cross-site scripting (XSS) vulnerabilities in Claroline before 1.8.10 allow remote attacker...
E
CVE-2008-3261 Open redirect vulnerability in claroline/redirector.php in Claroline before 1.8.10 allows remote att...
E
CVE-2008-3262 Cross-site request forgery (CSRF) vulnerability in Claroline before 1.8.10 allows remote attackers t...
CVE-2008-3263 The IAX2 protocol implementation in Asterisk Open Source 1.0.x, 1.2.x before 1.2.30, and 1.4.x befor...
E
CVE-2008-3264 The FWDOWNL firmware-download implementation in Asterisk Open Source 1.0.x, 1.2.x before 1.2.30, and...
CVE-2008-3265 SQL injection vulnerability in the DT Register (com_dtregister) 2.2.3 component for Joomla! allows r...
E
CVE-2008-3266 SQL injection vulnerability in picture_pic_bv.asp in SoftAcid Hotel Reservation System (HRS) Multi a...
E
CVE-2008-3267 SQL injection vulnerability in mojoJobs.cgi in MojoJobs allows remote attackers to execute arbitrary...
E
CVE-2008-3268 Unspecified vulnerability in phpScheduleIt 1.2.0 through 1.2.9, when useLogonName is enabled, allows...
CVE-2008-3269 WRPCServer.exe in WinSoftMagic WinRemotePC (WRPC) Lite 2008 and Full 2008 allows remote attackers to...
E
CVE-2008-3270 yum-rhn-plugin in Red Hat Enterprise Linux (RHEL) 5 does not verify the SSL certificate for a file d...
CVE-2008-3271 Apache Tomcat 5.5.0 and 4.1.0 through 4.1.31 allows remote attackers to bypass an IP address restric...
CVE-2008-3272 The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss_synth.c in the sound subsyste...
CVE-2008-3273 JBoss Enterprise Application Platform (aka JBossEAP or EAP) before 4.2.0.CP03, and 4.3.0 before 4.3....
CVE-2008-3274 The default configuration of Red Hat Enterprise IPA 1.0.0 and FreeIPA before 1.1.1 places ldap:///an...
S
CVE-2008-3275 The (1) real_lookup and (2) __lookup_hash functions in fs/namei.c in the vfs implementation in the L...
E S
CVE-2008-3276 Integer overflow in the dccp_setsockopt_change function in net/dccp/proto.c in the Datagram Congesti...
CVE-2008-3277 Untrusted search path vulnerability in a certain Red Hat build script for the ibmssh executable in i...
CVE-2008-3278 frysk packages through 2008-08-05 as shipped in Red Hat Enterprise Linux 5 are built with an insecur...
CVE-2008-3279 Untrusted search path vulnerability in libbrlttybba.so in brltty 3.7.2 allows local users to gain pr...
CVE-2008-3280 It was found that various OpenID Providers (OPs) had TLS Server Certificates that used weak keys, as...
E M
CVE-2008-3281 libxml2 2.6.32 and earlier does not properly detect recursion during entity expansion in an attribut...
S
CVE-2008-3282 Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in the memory a...
CVE-2008-3283 Multiple memory leaks in Red Hat Directory Server 7.1 before SP7, Red Hat Directory Server 8, and Fe...
S
CVE-2008-3284 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-3283. Reason: This candida...
R
CVE-2008-3285 The Filesys::SmbClientParser module 2.7 and earlier for Perl allows remote SMB servers to execute ar...
CVE-2008-3286 SWAT 4 1.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via a (1)...
E
CVE-2008-3287 retroclient.exe in EMC Dantz Retrospect Backup Client 7.5.116 allows remote attackers to cause a den...
S
CVE-2008-3288 The Server Authentication Module in EMC Dantz Retrospect Backup Server 7.5.508 uses a "weak hash alg...
S
CVE-2008-3289 EMC Dantz Retrospect Backup Client 7.5.116 sends the password hash in cleartext at an unspecified po...
S
CVE-2008-3290 retroclient.exe in EMC Dantz Retrospect Backup Client 7.5.116 allows remote attackers to cause a den...
S
CVE-2008-3291 SQL injection vulnerability in index.php in AproxEngine (aka Aprox CMS Engine) 5.1.0.4 allows remote...
E
CVE-2008-3292 constants.inc in EZWebAlbum 1.0 allows remote attackers to bypass authentication and gain administra...
E
CVE-2008-3293 Directory traversal vulnerability in download.php in EZWebAlbum allows remote attackers to read arbi...
E
CVE-2008-3294 src/configure.in in Vim 5.0 through 7.1, when used for a build with Python support, does not ensure ...
CVE-2008-3295 Cross-site scripting (XSS) vulnerability in modules/system/admin.php in XOOPS 2.0.18.1 allows remote...
E
CVE-2008-3296 Directory traversal vulnerability in modules/system/admin.php in XOOPS 2.0.18 1 allows remote attack...
CVE-2008-3297 Multiple SQL injection vulnerabilities in SocialEngine (SE) before 2.83 allow remote attackers to ex...
S
CVE-2008-3298 SocialEngine (SE) before 2.83 grants certain write privileges for templates, which allows remote aut...
S
CVE-2008-3299 eSyndiCat 1.6 allows remote attackers to bypass authentication and gain administrative access by set...
E
CVE-2008-3300 AlphAdmin CMS 1.0.5/03 allows remote attackers to bypass authentication and gain administrative acce...
E
CVE-2008-3301 Multiple cross-site scripting (XSS) vulnerabilities in BilboBlog 0.2.1 allow remote authenticated ad...
E
CVE-2008-3302 SQL injection vulnerability in admin/delete.php in BilboBlog 0.2.1, when magic_quotes_gpc is disable...
E
CVE-2008-3303 admin/login.php in BilboBlog 0.2.1, when register_globals is enabled, allows remote attackers to byp...
E
CVE-2008-3304 BilboBlog 0.2.1 allows remote attackers to obtain sensitive information via (1) an enable_cache=fals...
E
CVE-2008-3305 Cross-site scripting (XSS) vulnerability in mensaje.php in C. Desseno YouTube Blog (ytb) 0.1 allows ...
E
CVE-2008-3306 SQL injection vulnerability in info.php in C. Desseno YouTube Blog (ytb) 0.1 allows remote attackers...
CVE-2008-3307 SQL injection vulnerability in todos.php in C. Desseno YouTube Blog (ytb) 0.1 allows remote attacker...
E
CVE-2008-3308 PHP remote file inclusion vulnerability in cuenta/cuerpo.php in C. Desseno YouTube Blog (ytb) 0.1, w...
E
CVE-2008-3309 SQL injection vulnerability in info_book.asp in DigiLeave 1.2 and earlier allows remote attackers to...
E
CVE-2008-3310 SQL injection vulnerability in default.asp in Pre Survey Poll allows remote attackers to execute arb...
E
CVE-2008-3311 PHP remote file inclusion vulnerability in config.php in Adam Scheinberg Flip 3.0 allows remote atta...
E
CVE-2008-3312 Directory traversal vulnerability in lemon_includes/FCKeditor/editor/filemanager/browser/browser.php...
E
CVE-2008-3313 Multiple PHP remote file inclusion vulnerabilities in CreaCMS 1.0 allow remote attackers to execute ...
E
CVE-2008-3314 ZDaemon 1.08.07 and earlier allows remote attackers to cause a denial of service (daemon crash) via ...
E
CVE-2008-3315 Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.8.10 allow remote attackers to in...
E S
CVE-2008-3316 Cross-site scripting (XSS) vulnerability in the search feature in the Forum plugin before 2.7.1 for ...
CVE-2008-3317 admin/index.php in Maian Search 1.1 and earlier allows remote attackers to bypass authentication and...
E S
CVE-2008-3318 admin/index.php in Maian Weblog 4.0 and earlier allows remote attackers to bypass authentication and...
E S
CVE-2008-3319 admin/index.php in Maian Links 3.1 and earlier allows remote attackers to bypass authentication and ...
E S
CVE-2008-3320 admin/index.php in Maian Guestbook 3.2 and earlier allows remote attackers to bypass authentication ...
E
CVE-2008-3321 admin/index.php in Maian Uploader 4.0 and earlier allows remote attackers to bypass authentication a...
E S
CVE-2008-3322 admin/index.php in Maian Recipe 1.2 and earlier allows remote attackers to bypass authentication and...
E S
CVE-2008-3323 setup.exe before 2.573.2.3 in Cygwin does not properly verify the authenticity of packages, which al...
CVE-2008-3324 The PartyGaming PartyPoker client program 121/120 does not properly verify the authenticity of updat...
CVE-2008-3325 Cross-site request forgery (CSRF) vulnerability in Moodle 1.6.x before 1.6.7 and 1.7.x before 1.7.5 ...
S
CVE-2008-3326 Cross-site scripting (XSS) vulnerability in blog/edit.php in Moodle 1.6.x before 1.6.7 and 1.7.x bef...
E
CVE-2008-3327 Moodle 1.6.5, when display_errors is enabled, allows remote attackers to obtain sensitive informatio...
CVE-2008-3328 Cross-site scripting (XSS) vulnerability in the wiki engine in Trac before 0.10.5 allows remote atta...
CVE-2008-3329 Unspecified vulnerability in Links before 2.1, when "only proxies" is enabled, has unknown impact an...
CVE-2008-3330 Cross-site scripting (XSS) vulnerability in services/obrowser/index.php in Horde 3.2 and Turba 2.2 a...
E
CVE-2008-3331 Cross-site scripting (XSS) vulnerability in return_dynamic_filters.php in Mantis before 1.1.2 allows...
E
CVE-2008-3332 Eval injection vulnerability in adm_config_set.php in Mantis before 1.1.2 allows remote authenticate...
E
CVE-2008-3333 Directory traversal vulnerability in core/lang_api.php in Mantis before 1.1.2 allows remote attacker...
CVE-2008-3334 Cross-site scripting (XSS) vulnerability in MyBB 1.2.x before 1.2.14 allows remote attackers to inje...
S
CVE-2008-3335 Unspecified vulnerability in PunBB before 1.2.19 allows remote attackers to inject arbitrary SMTP co...
CVE-2008-3336 Multiple cross-site scripting (XSS) vulnerabilities in PunBB before 1.2.19 allow remote attackers to...
CVE-2008-3337 PowerDNS Authoritative Server before 2.9.21.1 drops malformed queries, which might make it easier fo...
S
CVE-2008-3338 Multiple buffer overflows in TIBCO Hawk (1) AMI C library (libtibhawkami) and (2) Hawk HMA (tibhawkh...
CVE-2008-3339 search_result.cfm in Jobbex JobSite allows remote attackers to obtain sensitive information via unsp...
S
CVE-2008-3340 Cross-site scripting (XSS) vulnerability in search_result.cfm in Jobbex JobSite allows remote attack...
S
CVE-2008-3341 Multiple SQL injection vulnerabilities in search_result.cfm in Jobbex JobSite allow remote attackers...
S
CVE-2008-3342 Cross-site scripting (XSS) vulnerability in staticpages/easypublish/index.php in MyioSoft EasyPublis...
E
CVE-2008-3343 SQL injection vulnerability in staticpages/easypublish/index.php in MyioSoft EasyPublish 3.0tr (tria...
CVE-2008-3344 Multiple cross-site scripting (XSS) vulnerabilities in staticpages/easyecards/index.php in MyioSoft ...
S
CVE-2008-3345 SQL injection vulnerability in staticpages/easyecards/index.php in MyioSoft EasyE-Cards 3.5 trial ed...
E
CVE-2008-3346 SQL injection vulnerability in product_detail.php in ShopCart DX allows remote attackers to execute ...
E
CVE-2008-3347 SQL injection vulnerability in staticpages/easycalendar/index.php in MyioSoft EasyDynamicPages 3.0 t...
E
CVE-2008-3348 Cross-site scripting (XSS) vulnerability in staticpages/easycalendar/index.php in MyioSoft EasyDynam...
E
CVE-2008-3349 Multiple unspecified vulnerabilities in NetApp Data ONTAP, as used on NetApp and IBM eServer platfor...
CVE-2008-3350 dnsmasq 2.43 allows remote attackers to cause a denial of service (daemon crash) by (1) sending a DH...
S
CVE-2008-3351 SQL injection vulnerability in atomPhotoBlog.php in Atom PhotoBlog 1.0.9.1 and 1.1.5b1 allows remote...
E
CVE-2008-3352 SQL injection vulnerability in index.php in Live Music Plus 1.1.0 allows remote attackers to execute...
E
CVE-2008-3353 Multiple cross-site scripting (XSS) vulnerabilities in Pure Software Lore before 1.7.0 allow remote ...
CVE-2008-3354 Multiple PHP remote file inclusion vulnerabilities in the Newbb Plus (newbb_plus) module 0.93 in Run...
E
CVE-2008-3355 SQL injection vulnerability in sitemap.xml.php in Camera Life 2.6.2 allows remote attackers to execu...
E
CVE-2008-3356 verifydb in Ingres 2.6, Ingres 2006 release 1 (aka 9.0.4), and Ingres 2006 release 2 (aka 9.1.0) on ...
CVE-2008-3357 Untrusted search path vulnerability in ingvalidpw in Ingres 2.6, Ingres 2006 release 1 (aka 9.0.4), ...
CVE-2008-3358 Cross-site scripting (XSS) vulnerability in Web Dynpro (WD) in the SAP NetWeaver portal, when Intern...
S
CVE-2008-3359 SQL injection vulnerability in register.php in Steve Bourgeois and Chris Vincent Owl Intranet Knowle...
CVE-2008-3360 Stack-based buffer overflow in the HTML parser in IntelliTamper 2.0.7 allows remote attackers to exe...
E
CVE-2008-3361 Stack-based buffer overflow in IntelliTamper 2.07 allows remote web sites to execute arbitrary code ...
E
CVE-2008-3362 Unrestricted file upload vulnerability in upload.php in the Giulio Ganci Wp Downloads Manager module...
E
CVE-2008-3363 Directory traversal vulnerability in user_portal.php in the Dokeos E-Learning System 1.8.5 on Window...
E
CVE-2008-3364 Buffer overflow in the ObjRemoveCtrl Class ActiveX control in OfficeScanRemoveCtrl.dll 7.3.0.1020 in...
E
CVE-2008-3365 Directory traversal vulnerability in index.php in Pixelpost 1.7.1 on Windows, when register_globals ...
E S
CVE-2008-3366 SQL injection vulnerability in story.php in Pligg CMS Beta 9.9.0 allows remote attackers to execute ...
E
CVE-2008-3367 Cross-site scripting (XSS) vulnerability in RTE_popup_link.asp in Web Wiz Rich Text Editor (RTE) 3.x...
E
CVE-2008-3368 PHP remote file inclusion vulnerability in tools/packages/import.php in ATutor 1.6.1 pl1 and earlier...
E
CVE-2008-3369 SQL injection vulnerability in products_rss.php in ViArt Shop 3.5 and earlier allows remote attacker...
E S
CVE-2008-3370 SQL injection vulnerability in the CUA Login Module in EMC Centera Universal Access (CUA) 4.0_4735.p...
CVE-2008-3371 Directory traversal vulnerability in install/help.php in TalkBack 2.3.5, and other versions before 2...
E
CVE-2008-3372 SQL injection vulnerability in search_form.php in Getacoder Clone allows remote attackers to execute...
E
CVE-2008-3373 The files parsing engine in Grisoft AVG Anti-Virus before 8.0.156 allows remote attackers to cause a...
CVE-2008-3374 SQL injection vulnerability in ajax.php in Gregarius 0.5.4 and earlier allows remote attackers to ex...
E
CVE-2008-3375 The jrCookie function in includes/jamroom-misc.inc.php in JamRoom before 3.4.0 allows remote attacke...
E S
CVE-2008-3376 Multiple unspecified vulnerabilities in JamRoom before 3.4.0 have unknown impact and attack vectors....
CVE-2008-3377 SQL injection vulnerability in picture.php in phpTest 0.6.3 allows remote attackers to execute arbit...
E
CVE-2008-3378 SQL injection vulnerability in comment.php in Fizzmedia 1.51.2 allows remote attackers to execute ar...
E
CVE-2008-3379 Cross-site scripting (XSS) vulnerability in Snark VisualPic 0.3.1 allows remote attackers to inject ...
CVE-2008-3380 Cross-site scripting (XSS) vulnerability in ajaxp_backend.php in MyioSoft EasyBookMarker 4.0 trial e...
E
CVE-2008-3381 Multiple cross-site scripting (XSS) vulnerabilities in macro/AdvancedSearch.py in moin (and MoinMoin...
E
CVE-2008-3382 SQL injection vulnerability in mojoClassified.cgi in MojoClassifieds 2.0 allows remote attackers to ...
E
CVE-2008-3383 SQL injection vulnerability in mojoAuto.cgi in MojoAuto allows remote attackers to execute arbitrary...
E
CVE-2008-3384 Multiple directory traversal vulnerabilities in help/help.php in Interact Learning Community Environ...
E
CVE-2008-3385 Directory traversal vulnerability in include/head_chat.inc.php in php Help Agent 1.0 and 1.1 Full al...
E
CVE-2008-3386 SQL injection vulnerability in album.php in AlstraSoft Video Share Enterprise 4.51 allows remote att...
E
CVE-2008-3387 SQL injection vulnerability in show.php in PHPFootball 1.6 allows remote attackers to execute arbitr...
E
CVE-2008-3388 Multiple SQL injection vulnerabilities in Def-Blog 1.0.3 allow remote attackers to execute arbitrary...
E
CVE-2008-3389 Stack-based buffer overflow in the libbecompat library in Ingres 2.6, Ingres 2006 release 1 (aka 9.0...
CVE-2008-3390 Directory traversal vulnerability in libraries/general.init.php in Minishowcase Image Gallery 09b136...
E
CVE-2008-3391 Multiple cross-site scripting (XSS) vulnerabilities in Web Wiz Forum 9.5 allow remote attackers to i...
E
CVE-2008-3392 Cross-site request forgery (CSRF) vulnerability in Web Wiz Forum 9.5 allows remote attackers to log ...
E
CVE-2008-3393 SQL injection vulnerability in events.cfm in BookMine allows remote attackers to execute arbitrary S...
CVE-2008-3394 Multiple cross-site scripting (XSS) vulnerabilities in search.cfm in BookMine allow remote attackers...
CVE-2008-3395 Calacode @Mail 5.41 on Linux uses weak world-readable permissions for (1) webmail/libs/Atmail/Config...
CVE-2008-3396 Unreal Tournament 2004 (UT2004) 3369 and earlier allows remote attackers to cause a denial of servic...
CVE-2008-3397 Cross-site scripting (XSS) vulnerability in Runesoft Cerberus CMS before 3_1.4_0.9 allows remote att...
CVE-2008-3398 Multiple cross-site scripting (XSS) vulnerabilities in XRMS CRM 1.99.2 allow remote attackers to inj...
E
CVE-2008-3399 PHP remote file inclusion vulnerability in activities/workflow-activities.php in XRMS CRM 1.99.2, wh...
E
CVE-2008-3400 XRMS CRM 1.99.2 allows remote attackers to obtain configuration information via a direct request to ...
E
CVE-2008-3401 PHP remote file inclusion vulnerability in hioxRandomAd.php in HIOX Random Ad (HRA) 1.3 allows remot...
E
CVE-2008-3402 Multiple PHP remote file inclusion vulnerabilities in HIOX Browser Statistics (HBS) 2.0 allow remote...
E
CVE-2008-3403 SQL injection vulnerability in mojoClassified.cgi in MojoPersonals allows remote attackers to execut...
E
CVE-2008-3404 Cross-site scripting (XSS) vulnerability in guestbook.js.php in MJGuest 6.8 GT allows remote attacke...
CVE-2008-3405 Directory traversal vulnerability in index.php in Ricardo Amaral nzFotolog 0.4.1 allows remote attac...
E
CVE-2008-3406 SQL injection vulnerability in showcat.php in phpLinkat 0.1 allows remote attackers to execute arbit...
E
CVE-2008-3407 phpLinkat 0.1 allows remote attackers to bypass authentication and access unspecified pages under ad...
E
CVE-2008-3408 Stack-based buffer overflow in CoolPlayer 2.18, and possibly other versions, allows user-assisted re...
E
CVE-2008-3409 Buffer overflow in Unreal Tournament 3 1.3beta4 and earlier allows remote attackers to cause a denia...
CVE-2008-3410 Unreal Tournament 3 1.3beta4 and earlier allows remote attackers to cause a denial of service (NULL ...
E
CVE-2008-3411 The Axesstel AXW-D800 modem with D2_ETH_109_01_VEBR Jun-14-2006 software does not require authentica...
CVE-2008-3412 SQL injection vulnerability in Comsenz EPShop (aka ECShop) before 3.0 allows remote attackers to exe...
E
CVE-2008-3413 SQL injection vulnerability in category.php in Greatclone GC Auction Platinum allows remote attacker...
E
CVE-2008-3414 SQL injection vulnerability in line2.php in SiteAdmin allows remote attackers to execute arbitrary S...
E
CVE-2008-3415 Directory traversal vulnerability in common.php in CMScout 2.05, when .htaccess is not supported, al...
E
CVE-2008-3416 SQL injection vulnerability in modules/members.php in IceBB before 1.0-rc9.3 allows remote attackers...
E
CVE-2008-3417 SQL injection vulnerability in home/index.asp in fipsCMS light 2.1 and earlier allows remote attacke...
E
CVE-2008-3418 SQL injection vulnerability in browse.php in TriO 2.1 and earlier allows remote attackers to execute...
E
CVE-2008-3419 SQL injection vulnerability in ugroups.php in Youtuber Clone allows remote attackers to execute arbi...
E
CVE-2008-3420 Multiple SQL injection vulnerabilities in Mobius for Mimsy XG 1 1.4.4.1 and earlier allow remote att...
E
CVE-2008-3421 Multiple cross-site request forgery (CSRF) vulnerabilities in Blackboard Academic Suite 8.0.260.7 al...
CVE-2008-3422 Multiple cross-site scripting (XSS) vulnerabilities in the ASP.net class libraries in Mono 2.0 and e...
CVE-2008-3423 IBM WebSphere Portal 5.1 through 6.1.0.0 allows remote attackers to bypass authentication and obtain...
S
CVE-2008-3424 Condor before 7.0.4 does not properly handle wildcards in the ALLOW_WRITE, DENY_WRITE, HOSTALLOW_WRI...
CVE-2008-3425 Unspecified vulnerability in the Sun Java System Web Server 7.0 plugin in Sun N1 Service Provisionin...
CVE-2008-3426 Unspecified vulnerability in the Solaris Platform Information and Control Library daemon (picld) in ...
CVE-2008-3427 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-3420. Reason: This candida...
R
CVE-2008-3428 Session fixation vulnerability in phpFreeChat 1.1 allows remote authenticated users to hijack web se...
S
CVE-2008-3429 Buffer overflow in URI processing in HTTrack and WinHTTrack before 3.42-3 allows remote attackers to...
CVE-2008-3430 Buffer overflow in the CoVideoWindow.ocx ActiveX control 5.0.907.1 in Eyeball MessengerSDK, as used ...
E
CVE-2008-3431 The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHO...
KEV E
CVE-2008-3432 Heap-based buffer overflow in the mch_expand_wildcards function in os_unix.c in Vim 6.2 and 6.3 allo...
S
CVE-2008-3433 SpeedBit Download Accelerator Plus (DAP) before 8.6.3.9 does not properly verify the authenticity of...
S
CVE-2008-3434 Apple iTunes before 10.5.1 does not properly verify the authenticity of updates, which allows man-in...
CVE-2008-3435 LinkedIn Browser Toolbar 3.0.3.1100 and earlier does not properly verify the authenticity of updates...
CVE-2008-3436 The GUP generic update process in Notepad++ before 4.8.1 does not properly verify the authenticity o...
CVE-2008-3437 OpenOffice.org (OOo) before 2.1.0 does not properly verify the authenticity of updates, which allows...
CVE-2008-3438 Apple Mac OS X does not properly verify the authenticity of updates, which allows man-in-the-middle ...
CVE-2008-3439 SpeedBit Video Acceleration before 2.2.1.8 does not properly verify the authenticity of updates, whi...
CVE-2008-3440 Sun Java 1.6.0_03 and earlier versions, and possibly later versions, does not properly verify the au...
CVE-2008-3441 Nullsoft Winamp before 5.24 does not properly verify the authenticity of updates, which allows man-i...
CVE-2008-3442 WinZip before 11.0 does not properly verify the authenticity of updates, which allows man-in-the-mid...
CVE-2008-3443 The regular expression engine (regex.c) in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 t...
E
CVE-2008-3444 The content layout component in Mozilla Firefox 3.0 and 3.0.1 allows remote attackers to cause a den...
CVE-2008-3445 SQL injection vulnerability in index.php in phpMyRealty (PMR) 2.0.0 allows remote attackers to execu...
E
CVE-2008-3446 Directory traversal vulnerability in inc/wysiwyg.php in LetterIt 2 allows remote attackers to includ...
E
CVE-2008-3447 The scanning engine in F-Prot Antivirus 6.2.1 4252 allows remote attackers to cause a denial of serv...
E
CVE-2008-3448 Cross-site scripting (XSS) vulnerability in index.php in common solutions csphonebook 1.02 allows re...
E
CVE-2008-3449 MailEnable Professional 3.5.2 and Enterprise 3.52 allow remote attackers to cause a denial of servic...
S
CVE-2008-3450 Unspecified vulnerability in the namefs kernel module in Sun Solaris 8 through 10 allows local users...
S
CVE-2008-3451 PhpWebGallery 1.7.0 and 1.7.1 allows remote authenticated users with advisor privileges to obtain th...
S
CVE-2008-3452 SQL injection vulnerability in the Calendar module in eNdonesia 8.4 allows remote attackers to execu...
E
CVE-2008-3453 Multiple unspecified vulnerabilities in ImpressCMS 1.0 have unknown impact and attack vectors, relat...
CVE-2008-3454 JnSHosts PHP Hosting Directory 2.0 allows remote attackers to bypass authentication and gain adminis...
E
CVE-2008-3455 PHP remote file inclusion vulnerability in include/admin.php in JnSHosts PHP Hosting Directory 2.0 a...
E
CVE-2008-3456 phpMyAdmin before 2.11.8 does not sufficiently prevent its pages from using frames that point to pag...
E
CVE-2008-3457 Cross-site scripting (XSS) vulnerability in setup.php in phpMyAdmin before 2.11.8 allows user-assist...
E
CVE-2008-3458 Vtiger CRM before 5.0.4 stores sensitive information under the web root with insufficient access con...
E S
CVE-2008-3459 Unspecified vulnerability in OpenVPN 2.1-beta14 through 2.1-rc8, when running on non-Windows systems...
CVE-2008-3460 WPGIMP32.FLT in Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 ...
CVE-2008-3461 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2008-3462 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2008-3463 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2008-3464 afd.sys in the Ancillary Function Driver (AFD) component in Microsoft Windows XP SP2 and SP3 and Win...
E S
CVE-2008-3465 Heap-based buffer overflow in an API in GDI in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 20...
CVE-2008-3466 Microsoft Host Integration Server (HIS) 2000, 2004, and 2006 does not limit RPC access to administra...
E S
CVE-2008-3467 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2008-3468 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2008-3469 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2008-3470 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2008-3471 Stack-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold a...
S
CVE-2008-3472 Microsoft Internet Explorer 6 and 7 does not properly determine the domain or security zone of origi...
S
CVE-2008-3473 Microsoft Internet Explorer 6 and 7 does not properly determine the domain or security zone of origi...
S
CVE-2008-3474 Microsoft Internet Explorer 6 and 7 does not properly determine the domain or security zone of origi...
CVE-2008-3475 Microsoft Internet Explorer 6 does not properly handle errors related to using the componentFromPoin...
S
CVE-2008-3476 Microsoft Internet Explorer 5.01 SP4 and 6 does not properly handle errors associated with access to...
S
CVE-2008-3477 Microsoft Excel 2000 SP3, 2002 SP3, and 2003 SP2 and SP3 does not properly validate data in the VBA ...
S
CVE-2008-3478 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2008-3479 Heap-based buffer overflow in the Microsoft Message Queuing (MSMQ) service (mqsvc.exe) in Microsoft ...
S
CVE-2008-3480 Stack-based buffer overflow in the Anzio Web Print Object (WePO) ActiveX control 3.2.19 and 3.2.24, ...
E S
CVE-2008-3481 themes/sample/theme.php in Coppermine Photo Gallery (CPG) 1.4.18 and earlier allows remote attackers...
E
CVE-2008-3482 Cross-site scripting (XSS) vulnerability in the error page feature in Panasonic Network Camera BL-C1...
S
CVE-2008-3483 Cross-site scripting (XSS) vulnerability in ScrewTurn Wiki 2.0.29 and 2.0.30 allows remote attackers...
CVE-2008-3484 SQL injection vulnerability in eStoreAff 0.1 allows remote attackers to execute arbitrary SQL comman...
E
CVE-2008-3485 Untrusted search path vulnerability in Citrix MetaFrame Presentation Server allows local users to ga...
CVE-2008-3486 Directory traversal vulnerability in the user_get_profile function in include/functions.inc.php in C...
E
CVE-2008-3487 SQL injection vulnerability in profile.php in PHPAuction GPL Enhanced 2.51 allows remote attackers t...
E
CVE-2008-3488 Unspecified vulnerability in Novell iManager before 2.7 SP1 (2.7.1) allows remote attackers to delet...
S
CVE-2008-3489 SQL injection vulnerability in checkCookie function in includes/functions.inc.php in PHPX 3.5.16 all...
E
CVE-2008-3490 SQL injection vulnerability in members/mail.php in E-topbiz Online Dating 3 1.0 allows remote authen...
E
CVE-2008-3491 SQL injection vulnerability in go.php in Scripts24 iPost 1.0.1 and iTGP 1.0.4 allows remote attacker...
E
CVE-2008-3492 America's Army (aka AA or Army Game Project) 2.8.3.1 and earlier allows remote attackers to cause a ...
E
CVE-2008-3493 vncviewer.exe in RealVNC Windows Client 4.1.2.0 allows remote VNC servers to cause a denial of servi...
E
CVE-2008-3494 8e6 R3000 Internet Filter 2.0.12.10 allows remote attackers to bypass intended restrictions via an e...
E
CVE-2008-3495 SQL injection vulnerability in kategori.asp in Pcshey Portal allows remote attackers to execute arbi...
E
CVE-2008-3496 Buffer overflow in format descriptor parsing in the uvc_parse_format function in drivers/media/video...
CVE-2008-3497 SQL injection vulnerability in pages.php in MyPHP CMS 0.3.1 allows remote attackers to execute arbit...
E
CVE-2008-3498 SQL injection vulnerability in the nBill (com_netinvoice) component 1.2.0 SP1 for Joomla! allows rem...
E
CVE-2008-3499 Unspecified vulnerability in "a page in the workarea folder" in Ektron CMS400.NET 7.00 through 7.04 ...
S
CVE-2008-3500 Cross-site scripting (XSS) vulnerability in the Suggested Terms module 5.x before 5.x-1.2 for Drupal...
CVE-2008-3501 Cross-site scripting (XSS) vulnerability in the WebAccess simple interface in Novell Groupwise 7.0.x...
S
CVE-2008-3502 Unspecified vulnerability in Best Practical Solutions RT 3.0.0 through 3.6.6 allows remote authentic...
CVE-2008-3503 RSSFromParent in Plain Black WebGUI before 7.5.13 does not restrict view access to Collaboration Sys...
CVE-2008-3504 Unspecified vulnerability in mask PHP File Manager (mPFM) before 2.3 has unknown impact and remote a...
CVE-2008-3505 Cross-site scripting (XSS) vulnerability in PolyPager 1.0 rc2 and earlier allows remote attackers to...
E
CVE-2008-3506 SQL injection vulnerability in PolyPager 1.0 rc2 and earlier allows remote attackers to execute arbi...
E
CVE-2008-3507 SQL injection vulnerability in index.php in LiteNews 0.1 (aka 01), and possibly 1.2 and earlier, all...
E
CVE-2008-3508 LiteNews 0.1 (aka 01), and possibly 1.2 and earlier, allows remote attackers to bypass authenticatio...
E
CVE-2008-3509 LoveCMS 1.6.2 does not require administrative authentication for (1) addblock.php, (2) blocks.php, a...
E
CVE-2008-3510 Cross-site scripting (XSS) vulnerability in livehelp_js.php in Crafty Syntax Live Help (CSLH) 2.14.6...
E
CVE-2008-3511 Multiple cross-site scripting (XSS) vulnerabilities in Softbiz Image Gallery (Photo Gallery) allow r...
E
CVE-2008-3512 SQL injection vulnerability in the Kleinanzeigen module for PHP-Nuke allows remote attackers to exec...
CVE-2008-3513 SQL injection vulnerability in the Book Catalog module 1.0 for PHP-Nuke allows remote attackers to e...
E
CVE-2008-3514 VMware VirtualCenter 2.5 before Update 2 and 2.0.2 before Update 5 relies on client-side "enabled/di...
S
CVE-2008-3515 Multiple cross-site scripting (XSS) vulnerabilities in files generated by Adobe Presenter 6 and 7 be...
S
CVE-2008-3516 Multiple cross-site scripting (XSS) vulnerabilities in files generated by Adobe Presenter 6 and 7 be...
S
CVE-2008-3517 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-3522. Reason: This candida...
R
CVE-2008-3518 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-3283. Reason: This candida...
R
CVE-2008-3519 The default configuration of the JBossAs component in Red Hat JBoss Enterprise Application Platform ...
S
CVE-2008-3520 Multiple integer overflows in JasPer 1.900.1 might allow context-dependent attackers to have an unkn...
S
CVE-2008-3521 Race condition in the jas_stream_tmpfile function in libjasper/base/jas_stream.c in JasPer 1.900.1 a...
E
CVE-2008-3522 Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 m...
E
CVE-2008-3523 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2008-3524 rc.sysinit in initscripts before 8.76.3-1 on Fedora 9 and other Linux platforms allows local users t...
CVE-2008-3525 The sbni_ioctl function in drivers/net/wan/sbni.c in the wan subsystem in the Linux kernel 2.6.26.3 ...
CVE-2008-3526 Integer overflow in the sctp_setsockopt_auth_key function in net/sctp/socket.c in the Stream Control...
CVE-2008-3527 arch/i386/kernel/sysenter.c in the Virtual Dynamic Shared Objects (vDSO) implementation in the Linux...
CVE-2008-3528 The error-reporting functionality in (1) fs/ext2/dir.c, (2) fs/ext3/dir.c, and possibly (3) fs/ext4/...
E
CVE-2008-3529 Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 before 2.7...
E
CVE-2008-3530 sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1, NetBSD 3.0 through 4.0, and possibly ...
S
CVE-2008-3531 Stack-based buffer overflow in sys/kern/vfs_mount.c in the kernel in FreeBSD 7.0 and 7.1, when vfs.u...
S
CVE-2008-3532 The NSS plugin in libpurple in Pidgin 2.4.3 does not verify SSL certificates, which makes it easier ...
E S
CVE-2008-3533 Format string vulnerability in the window_error function in yelp-window.c in yelp in Gnome after 2.1...
E S
CVE-2008-3534 The shmem_delete_inode function in mm/shmem.c in the tmpfs implementation in the Linux kernel before...
E
CVE-2008-3535 Off-by-one error in the iov_iter_advance function in mm/filemap.c in the Linux kernel before 2.6.27-...
E
CVE-2008-3536 Unspecified vulnerability in ovalarmsrv in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and...
CVE-2008-3537 Unspecified vulnerability in ovalarmsrv in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and...
CVE-2008-3538 Unspecified vulnerability in HP Enterprise Discovery 2.0 through 2.52 on Windows allows remote authe...
CVE-2008-3539 Unspecified vulnerability in HP OpenView Select Identity (HPSI) Connectors on Windows, as used in HP...
S
CVE-2008-3541 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2008-3542 Unspecified vulnerability in HP Insight Diagnostics before 7.9.1.2402 allows remote attackers to rea...
S
CVE-2008-3543 Unspecified vulnerability in NFS / ONCplus B.11.31_04 and earlier on HP-UX B.11.31 allows remote att...
CVE-2008-3544 Multiple stack-based buffer overflows in ovalarmsrv in HP OpenView Network Node Manager (OV NNM) 7.5...
E
CVE-2008-3545 Unspecified vulnerability in ovtopmd in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7....
CVE-2008-3546 Stack-based buffer overflow in the (1) diff_addremove and (2) diff_change functions in GIT before 1....
E
CVE-2008-3547 Buffer overflow in the server in OpenTTD 0.6.1 and earlier allows remote authenticated users to caus...
CVE-2008-3548 Unspecified vulnerability in the Sun Netra T5220 Server with firmware 7.1.3 allows local users to ca...
S
CVE-2008-3549 Unspecified vulnerability in the pthread_mutex_reltimedlock_np API in Sun Solaris 10 and OpenSolaris...
S
CVE-2008-3550 The CQWeb login page in IBM Rational ClearQuest 7.0.1 allows remote attackers to obtain potentially ...
CVE-2008-3551 Multiple unspecified vulnerabilities in Sun Java Platform Micro Edition (aka Java ME, J2ME, or mobil...
CVE-2008-3552 Multiple unspecified vulnerabilities in Nokia Series 40 3rd edition FP1, and possibly later devices,...
CVE-2008-3553 Multiple unspecified vulnerabilities in Nokia Series 40 3rd edition devices allow remote attackers t...
CVE-2008-3554 SQL injection vulnerability in index.php in Discuz! 6.0.1 allows remote attackers to execute arbitra...
E
CVE-2008-3555 Directory traversal vulnerability in index.php in (1) WSN Forum 4.1.43 and earlier, (2) Gallery 4.1....
E
CVE-2008-3556 Multiple SQL injection vulnerabilities in index.php in Battle.net Clan Script 1.5.2 allow remote att...
E
CVE-2008-3557 Free Hosting Manager 1.2 and 2.0 allows remote attackers to bypass authentication and gain administr...
E
CVE-2008-3558 Stack-based buffer overflow in the WebexUCFObject ActiveX control in atucfobj.dll in Cisco WebEx Mee...
E
CVE-2008-3559 Multiple cross-site scripting (XSS) vulnerabilities in KAPhotoservice allow remote attackers to inje...
CVE-2008-3560 Cross-site scripting (XSS) vulnerability in kshop_search.php in the Kshop module 2.22 for Xoops allo...
E
CVE-2008-3561 SQL injection vulnerability in s03.php in Powergap Shopsystem, when magic_quotes_gpc is disabled, al...
E
CVE-2008-3562 Directory traversal vulnerability in index.php in the Contact module in Chupix CMS 0.1.0, when magic...
E
CVE-2008-3563 Multiple SQL injection vulnerabilities in Plogger 3.0 and earlier allow remote attackers to execute ...
E
CVE-2008-3564 Multiple directory traversal vulnerabilities in index.php in Dayfox Blog 4 allow remote attackers to...
E
CVE-2008-3565 Multiple cross-site scripting (XSS) vulnerabilities in Meeting Room Booking System (MRBS) 1.2.6 allo...
E
CVE-2008-3566 Cross-site scripting (XSS) vulnerability in ZoneO-soft freeForum 1.7 allows remote attackers to inje...
E
CVE-2008-3567 Cross-zone scripting vulnerability in the NowPlaying functionality in NullSoft Winamp before 5.541 a...
S
CVE-2008-3568 Absolute path traversal vulnerability in fckeditor/editor/filemanager/browser/default/connectors/php...
E
CVE-2008-3569 Multiple cross-site scripting (XSS) vulnerabilities in XAMPP 1.6.7, when register_globals is enabled...
CVE-2008-3570 PHP remote file inclusion vulnerability in index.php in Africa Be Gone (ABG) 1.0a allows remote atta...
E
CVE-2008-3571 The Xerox Phaser 8400 allows remote attackers to cause a denial of service (reboot) via an empty UDP...
E
CVE-2008-3572 Cross-site scripting (XSS) vulnerability in index.php in Pligg 9.9.5 allows remote attackers to inje...
E
CVE-2008-3573 The CAPTCHA implementation in (1) Pligg 9.9.5 and possibly (2) Francisco Burzi PHP-Nuke 8.1 provides...
E
CVE-2008-3574 Multiple cross-site scripting (XSS) vulnerabilities in Pluck 4.5.2, when register_globals is enabled...
CVE-2008-3575 PHP remote file inclusion vulnerability in modules/calendar/minicalendar.php in ezContents CMS allow...
CVE-2008-3576 Buffer overflow in the TruncateString function in src/gfx.cpp in OpenTTD before 0.6.2 allows remote ...
CVE-2008-3577 Buffer overflow in src/openttd.cpp in OpenTTD before 0.6.2 allows local users to execute arbitrary c...
CVE-2008-3578 HydraIRC 0.3.164 and earlier allows remote attackers to cause a denial of service (NULL pointer dere...
E
CVE-2008-3579 Calacode @Mail 5.41 on Linux does not require administrative authentication for build-plesk-upgrade....
CVE-2008-3580 Multiple SQL injection vulnerabilities in Qsoft K-Links allow remote attackers to execute arbitrary ...
E
CVE-2008-3581 Cross-site scripting (XSS) vulnerability in index.php in Qsoft K-Links allows remote attackers to in...
E
CVE-2008-3582 SQL injection vulnerability in login.php in Keld PHP-MySQL News Script 0.7.1 allows remote attackers...
E
CVE-2008-3583 Buffer overflow in the HTML parser in IntelliTamper 2.07 allows remote attackers to execute arbitrar...
E
CVE-2008-3584 NetBSD 3.0, 3.1, and 4.0, when a pppoe instance exists, does not properly check the length of a PPPo...
CVE-2008-3585 Multiple SQL injection vulnerabilities in PozScripts GreenCart PHP Shopping Cart allow remote attack...
E
CVE-2008-3586 SQL injection vulnerability in the EZ Store (com_ezstore) component for Joomla! allows remote attack...
E
CVE-2008-3587 Cross-site scripting (XSS) vulnerability in result.php in Chris Bunting Homes 4 Sale allows remote a...
E
CVE-2008-3588 Multiple SQL injection vulnerabilities in phsBlog 0.1.1 allow remote attackers to execute arbitrary ...
E
CVE-2008-3589 Directory traversal vulnerability in download.php in moziloCMS 1.10.1, when magic_quotes_gpc is disa...
E
CVE-2008-3590 Multiple SQL injection vulnerabilities in admin/login.asp in E. Z. Poll 2 allow remote attackers to ...
CVE-2008-3591 SQL injection vulnerability in lib/class.admin.php in Twentyone Degrees Symphony 1.7.01 and earlier ...
E S
CVE-2008-3592 Unrestricted file upload vulnerability in the File Manager in the admin panel in Twentyone Degrees S...
E S
CVE-2008-3593 Directory traversal vulnerability in index.php in SyzygyCMS 0.3 allows remote attackers to include a...
E
CVE-2008-3594 SQL injection vulnerability in viewdetails.php in MagicScripts E-Store Kit-1, E-Store Kit-2, E-Store...
E
CVE-2008-3595 PHP remote file inclusion vulnerability in examples/txtSQLAdmin/startup.php in txtSQL 2.2 Final allo...
E
CVE-2008-3596 Cross-site scripting (XSS) vulnerability in Harmoni before 1.4.7 allows remote attackers to inject a...
E
CVE-2008-3597 Skulltag before 0.97d2-RC6 allows remote attackers to cause a denial of service (NULL pointer derefe...
S
CVE-2008-3598 Multiple SQL injection vulnerabilities in psipuss 1.0 allow remote attackers to execute arbitrary SQ...
E
CVE-2008-3599 SQL injection vulnerability in image.php in OpenImpro 1.1 allows remote attackers to execute arbitra...
E
CVE-2008-3600 Directory traversal vulnerability in contrib/phpBB2/modules.php in Gallery 1.5.7 and 1.6-alpha3, whe...
E
CVE-2008-3601 SQL injection vulnerability in index.php in Quicksilver Forums 1.4.1 allows remote attackers to exec...
E
CVE-2008-3602 admin/wr_admin.php in PHP-Ring Webring System (aka uPHP_ring_website) 0.9.1 allows remote attackers ...
E
CVE-2008-3603 SQL injection vulnerability in index.php in Vacation Rental Script 3.0 allows remote attackers to ex...
E
CVE-2008-3604 SQL injection vulnerability in bannerclick.php in ZeeBuddy 2.1 allows remote attackers to execute ar...
E
CVE-2008-3605 Unspecified vulnerability in McAfee Encrypted USB Manager 3.1.0.0, when the Re-use Threshold for pas...
S
CVE-2008-3606 Heap-based buffer overflow in the IMAP service in Qbik WinGate 6.2.2.1137 and earlier allows remote ...
E
CVE-2008-3607 The IMAP server in NoticeWare Email Server NG 4.6.3 and earlier allows remote attackers to cause a d...
E
CVE-2008-3608 ImageIO in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows context-dependent attackers to caus...
S
CVE-2008-3609 The kernel in Apple Mac OS X 10.5 through 10.5.4 does not properly flush cached credentials during r...
S
CVE-2008-3610 Race condition in Login Window in Apple Mac OS X 10.5 through 10.5.4, when a blank-password account ...
S
CVE-2008-3611 Login Window in Apple Mac OS X 10.4.11 does not clear the current password when a user makes a passw...
S
CVE-2008-3612 The Networking subsystem in Apple iPod touch 2.0 through 2.0.2, and iPhone 2.0 through 2.0.2, uses p...
CVE-2008-3613 Finder in Apple Mac OS X 10.5.2 through 10.5.4 allows remote attackers to cause a denial of service ...
S
CVE-2008-3614 Integer overflow in Apple QuickTime before 7.5.5 on Windows allows remote attackers to execute arbit...
CVE-2008-3615 ir50_32.qtx in an unspecified third-party Indeo v5 codec for QuickTime, when used with Apple QuickTi...
S
CVE-2008-3616 Multiple integer overflows in the SearchKit API in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 al...
S
CVE-2008-3617 Remote Management and Screen Sharing in Apple Mac OS X 10.5 through 10.5.4, when used to set a passw...
S
CVE-2008-3618 The File Sharing pane in the Sharing preference pane in Apple Mac OS X 10.5 through 10.5.4 does not ...
S
CVE-2008-3619 Time Machine in Apple Mac OS X 10.5 through 10.5.4 uses weak permissions for Time Machine Backup log...
S
CVE-2008-3621 VideoConference in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows remote attackers to cause a...
S
CVE-2008-3622 Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac OS X 10.5 through 10.5.4 allows...
S
CVE-2008-3623 Heap-based buffer overflow in CoreGraphics in Apple Safari before 3.2 on Windows, in iPhone OS 1.0 t...
CVE-2008-3624 Heap-based buffer overflow in Apple QuickTime before 7.5.5 allows remote attackers to execute arbitr...
CVE-2008-3625 Stack-based buffer overflow in Apple QuickTime before 7.5.5 allows remote attackers to execute arbit...
S
CVE-2008-3626 The CallComponentFunctionWithStorage function in Apple QuickTime before 7.5.5 does not properly hand...
S
CVE-2008-3627 Apple QuickTime before 7.5.5 does not properly handle (1) MDAT atoms in MP4 video files within Quick...
S
CVE-2008-3628 Apple QuickTime before 7.5.5 on Windows allows remote attackers to execute arbitrary code or cause a...
S
CVE-2008-3629 Apple QuickTime before 7.5.5 allows remote attackers to cause a denial of service (application crash...
S
CVE-2008-3630 mDNSResponder in Apple Bonjour for Windows before 1.0.5, when an application uses the Bonjour API fo...
S
CVE-2008-3631 Application Sandbox in Apple iPod touch 2.0 through 2.0.2, and iPhone 2.0 through 2.0.2, does not pr...
CVE-2008-3632 Use-after-free vulnerability in WebKit in Apple iPod touch 1.1 through 2.0.2, and iPhone 1.0 through...
S
CVE-2008-3634 Apple iTunes before 8.0 on Mac OS X 10.4.11, when iTunes Music Sharing is enabled but blocked by the...
S
CVE-2008-3635 Stack-based buffer overflow in QuickTimeInternetExtras.qtx in an unspecified third-party Indeo v3.2 ...
CVE-2008-3636 Integer overflow in the IopfCompleteRequest API in the kernel in Microsoft Windows 2000, XP, Server ...
S
CVE-2008-3637 The Hash-based Message Authentication Code (HMAC) provider in Java on Apple Mac OS X 10.4.11, 10.5.4...
CVE-2008-3638 Java on Apple Mac OS X 10.5.4 and 10.5.5 does not prevent applets from accessing file:// URLs, which...
CVE-2008-3639 Heap-based buffer overflow in the read_rle16 function in imagetops in CUPS before 1.3.9 allows remot...
CVE-2008-3640 Integer overflow in the WriteProlog function in texttops in CUPS before 1.3.9 allows remote attacker...
S
CVE-2008-3641 The Hewlett-Packard Graphics Language (HPGL) filter in CUPS before 1.3.9 allows remote attackers to ...
E S
CVE-2008-3642 Buffer overflow in ColorSync in Mac OS X 10.4.11 and 10.5.5 allows remote attackers to cause a denia...
S
CVE-2008-3643 Unspecified vulnerability in Finder in Mac OS X 10.5.5 allows user-assisted attackers to cause a den...
S
CVE-2008-3644 Apple Safari before 3.2 does not properly prevent caching of form data for form fields that have aut...
CVE-2008-3645 Heap-based buffer overflow in the local IPC component in the EAPOLController plugin for configd (Net...
S
CVE-2008-3646 The Postfix configuration file in Mac OS X 10.5.5 causes Postfix to be network-accessible when mail ...
S
CVE-2008-3647 Buffer overflow in PSNormalizer in Mac OS X 10.4.11 and 10.5.5 allows remote attackers to cause a de...
S
CVE-2008-3648 nslookup.exe in Microsoft Windows XP SP2 allows user-assisted remote attackers to execute arbitrary ...
E
CVE-2008-3649 SQL injection vulnerability in categorydetail.php in Article Friendly Standard allows remote attacke...
E
CVE-2008-3650 Multiple unspecified vulnerabilities in Horde Groupware Webmail before Edition 1.1.1 (final) have un...
S
CVE-2008-3651 Memory leak in racoon/proposal.c in the racoon daemon in ipsec-tools before 0.7.1 allows remote auth...
CVE-2008-3652 src/racoon/handler.c in racoon in ipsec-tools does not remove an "orphaned ph1" (phase 1) handle whe...
CVE-2008-3653 Multiple unspecified vulnerabilities in TikiWiki CMS/Groupware before 2.0 have unknown impact and at...
CVE-2008-3654 Unspecified vulnerability in TikiWiki CMS/Groupware before 2.0 allows attackers to obtain "path and ...
CVE-2008-3655 Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 do...
E S
CVE-2008-3656 Algorithmic complexity vulnerability in the WEBrick::HTTPUtils.split_header_value function in WEBric...
E
CVE-2008-3657 The dl module in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 ...
E S
CVE-2008-3658 Buffer overflow in the imageloadfont function in ext/gd/gd.c in PHP 4.4.x before 4.4.9 and PHP 5.2 b...
E
CVE-2008-3659 Buffer overflow in the memnstr function in PHP 4.4.x before 4.4.9 and PHP 5.6 through 5.2.6 allows c...
S
CVE-2008-3660 PHP 4.4.x before 4.4.9, and 5.x through 5.2.6, when used as a FastCGI module, allows remote attacker...
CVE-2008-3661 Drupal, probably 5.10 and 6.4, does not set the secure flag for the session cookie in an https sessi...
CVE-2008-3662 Gallery before 1.5.9, and 2.x before 2.2.6, does not set the secure flag for the session cookie in a...
S
CVE-2008-3663 Squirrelmail 1.4.15 does not set the secure flag for the session cookie in an https session, which c...
CVE-2008-3664 Multiple cross-site scripting (XSS) vulnerabilities in XRMS allow remote attackers to inject arbitra...
CVE-2008-3666 Unspecified vulnerability in Sun Solaris 10 and OpenSolaris before snv_96 allows (1) context-depende...
S
CVE-2008-3667 Stack-based buffer overflow in Maxthon Browser 2.0 and earlier allows remote attackers to execute ar...
E
CVE-2008-3668 Multiple cross-site scripting (XSS) vulnerabilities in the Yogurt Social Network module 3.2 rc1 for ...
CVE-2008-3669 SQL injection vulnerability in comments.php in ZeeScripts Reviews Opinions Rating Posting Engine Web...
E
CVE-2008-3670 SQL injection vulnerability in authordetail.php in Article Friendly Pro allows remote attackers to e...
E
CVE-2008-3671 Acronis True Image Echo Server 9.x build 8072 on Linux does not properly encrypt backups to an FTP s...
CVE-2008-3672 SQL injection vulnerability in showcategory.php in PozScripts Classified Ads allows remote attackers...
CVE-2008-3673 SQL injection vulnerability in browsecats.php in PozScripts Classified Ads allows remote attackers t...
E
CVE-2008-3674 SQL injection vulnerability in ugroups.php in PozScripts TubeGuru Video Sharing Script allows remote...
E
CVE-2008-3675 Directory traversal vulnerability in classes/imgsize.php in Gelato 0.95 allows remote attackers to r...
E
CVE-2008-3676 Unspecified vulnerability in the IMAP server in hMailServer 4.4.1 allows remote authenticated users ...
E S
CVE-2008-3677 Directory traversal vulnerability in includes/events_application_top.php in Freeway before 1.4.2.197...
CVE-2008-3678 Cross-site scripting (XSS) vulnerability in admin/search_links.php in Freeway before 1.4.2.197 allow...
CVE-2008-3679 Multiple cross-site scripting (XSS) vulnerabilities in index.php in IDevSpot PhpLinkExchange 1.01 al...
E
CVE-2008-3680 The decryption function in Flagship Industries Ventrilo 3.0.2 and earlier allows remote attackers to...
E
CVE-2008-3681 components/com_user/models/reset.php in Joomla! 1.5 through 1.5.5 does not properly validate reset t...
E
CVE-2008-3682 SQL injection vulnerability in dpage.php in YPN PHP Realty allows remote attackers to execute arbitr...
E
CVE-2008-3683 Unspecified vulnerability in the FTP subsystem in Sun Java System Web Proxy Server 4.0 through 4.0.5...
S
CVE-2008-3684 Heap-based buffer overflow in aws_tmxn.exe in the Admin Agent service in the server in EMC Documentu...
CVE-2008-3685 Directory traversal vulnerability in aws_tmxn.exe in the Admin Agent service in the server in EMC Do...
CVE-2008-3686 The rt6_fill_node function in net/ipv6/route.c in Linux kernel 2.6.26-rc4, 2.6.26.2, and possibly ot...
E
CVE-2008-3687 Heap-based buffer overflow in the flask_security_label function in Xen 3.3, when compiled with the X...
S
CVE-2008-3688 sockethandler.cpp in HTTP Antivirus Proxy (HAVP) 0.88 allows remote attackers to cause a denial of s...
S
CVE-2008-3691 Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 buil...
S
CVE-2008-3692 Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 buil...
S
CVE-2008-3693 Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 buil...
S
CVE-2008-3694 Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 buil...
S
CVE-2008-3695 Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 buil...
S
CVE-2008-3696 Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 buil...
S
CVE-2008-3697 An unspecified ISAPI extension in VMware Server before 1.0.7 build 108231 allows remote attackers to...
CVE-2008-3698 Unspecified vulnerability in the OpenProcess function in VMware Workstation 5.5.x before 5.5.8 build...
S
CVE-2008-3699 The MagnatuneBrowser::listDownloadComplete function in magnatunebrowser/magnatunebrowser.cpp in Amar...
CVE-2008-3700 Multiple cross-site scripting (XSS) vulnerabilities in Kayako SupportSuite 3.20.02 and earlier allow...
CVE-2008-3701 SQL injection vulnerability in staff/index.php in Kayako SupportSuite 3.20.02 and earlier allows rem...
CVE-2008-3702 Multiple stack-based buffer overflows in the Animation GIF ActiveX control in JComSoft AniGIF.ocx 1....
E
CVE-2008-3703 The management console in the Volume Manager Scheduler Service (aka VxSchedService.exe) in Symantec ...
S
CVE-2008-3704 Heap-based buffer overflow in the MaskedEdit ActiveX control in Msmask32.ocx 6.0.81.69, and possibly...
E S
CVE-2008-3705 Stack-based buffer overflow in the CLogger::WriteFormated function in echoware/Logger.cpp in EchoVNC...
CVE-2008-3706 SQL injection vulnerability in bannerclick.php in ZEEJOBSITE 2.0 allows remote attackers to execute ...
E
CVE-2008-3707 Multiple PHP remote file inclusion vulnerabilities in CyBoards PHP Lite 1.21 allow remote attackers ...
CVE-2008-3708 Multiple directory traversal vulnerabilities in dotCMS 1.6.0.9 allow remote attackers to read arbitr...
E
CVE-2008-3709 Multiple cross-site scripting (XSS) vulnerabilities in CyBoards PHP Lite 1.21 allow remote attackers...
CVE-2008-3710 Multiple directory traversal vulnerabilities in CyBoards PHP Lite 1.21 allow remote attackers to inc...
E
CVE-2008-3711 SQL injection vulnerability in index.php in PHPArcadeScript (PHP Arcade Script) 4.0 allows remote at...
E
CVE-2008-3712 Multiple cross-site scripting (XSS) vulnerabilities in Mambo 4.6.2 and 4.6.5, when register_globals ...
E
CVE-2008-3713 SQL injection vulnerability in product.php in PHPBasket allows remote attackers to execute arbitrary...
E
CVE-2008-3714 Cross-site scripting (XSS) vulnerability in awstats.pl in AWStats 6.8 allows remote attackers to inj...
CVE-2008-3715 Cross-site scripting (XSS) vulnerability in inc-core-admin-editor-previouscolorsjs.php in the FlexCM...
CVE-2008-3716 Cross-site request forgery (CSRF) vulnerability in Harmoni before 1.6.0 allows remote attackers to m...
S
CVE-2008-3717 Harmoni before 1.6.0 does not require administrative privileges to list (1) user names or (2) asset ...
CVE-2008-3718 Multiple SQL injection vulnerabilities in cyberBB 0.6 allow remote authenticated users to execute ar...
E
CVE-2008-3719 SQL injection vulnerability in directory.php in SFS Affiliate Directory allows remote attackers to e...
E
CVE-2008-3720 SQL injection vulnerability in index.php in DeeEmm CMS (DMCMS) 0.7.4 allows remote attackers to exec...
E
CVE-2008-3721 PHP remote file inclusion vulnerability in user_language.php in DeeEmm CMS (DMCMS) 0.7.4 allows remo...
E
CVE-2008-3722 SQL injection vulnerability in forum/neu.asp in fipsCMS 2.1 allows remote attackers to execute arbit...
E
CVE-2008-3723 Directory traversal vulnerability in index.php in PHPizabi 0.848b C1 HFP3 allows remote authenticate...
E
CVE-2008-3724 SQL injection vulnerability in index.php in Papoo before 3.7.2 allows remote attackers to execute ar...
S
CVE-2008-3725 SQL injection vulnerability in trr.php in YourFreeWorld Ad Board Script allows remote attackers to e...
E
CVE-2008-3726 Cross-site scripting (XSS) vulnerability in Web Based Administration in MicroWorld Technologies Mail...
E
CVE-2008-3727 Directory traversal vulnerability in Web Based Administration in MicroWorld Technologies MailScan 5....
E
CVE-2008-3728 Web Based Administration in MicroWorld Technologies MailScan 5.6.a espatch 1 stores sensitive inform...
E
CVE-2008-3729 Web Based Administration in MicroWorld Technologies MailScan 5.6.a espatch 1 allows remote attackers...
E
CVE-2008-3730 Cross-site scripting (XSS) vulnerability in Nordicwind Document Management System (NOAH) before 3.2....
CVE-2008-3731 Unspecified vulnerability in Serv-U File Server 7.0.0.1, and other versions before 7.2.0.1, allows r...
CVE-2008-3732 Integer overflow in the Open function in modules/demux/tta.c in VLC Media Player 0.8.6i allows remot...
E
CVE-2008-3733 Stack-based buffer overflow in EO Video (eo-video) 1.36 allows remote attackers to cause a denial of...
E
CVE-2008-3734 Format string vulnerability in Ipswitch WS_FTP Home 2007.0.0.2 and WS_FTP Professional 2007.1.0.0 al...
E
CVE-2008-3735 Cross-site scripting (XSS) vulnerability in index.php in PHPizabi before 848 Core HotFix Pack 3 allo...
E
CVE-2008-3736 Multiple cross-site request forgery (CSRF) vulnerabilities in (1) System Consultants La!Cooda WIZ 1....
CVE-2008-3737 Unspecified vulnerability in (1) System Consultants La!Cooda WIZ 1.4.0 and earlier and (2) SpaceTag ...
CVE-2008-3738 Session fixation vulnerability in SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to hi...
CVE-2008-3739 Cross-site scripting (XSS) vulnerability in (1) System Consultants La!Cooda WIZ 1.4.0 and earlier an...
CVE-2008-3740 Cross-site scripting (XSS) vulnerability in the output filter in Drupal 5.x before 5.10 and 6.x befo...
S
CVE-2008-3741 The private filesystem in Drupal 5.x before 5.10 and 6.x before 6.4 trusts the MIME type sent by a w...
S
CVE-2008-3742 Unrestricted file upload vulnerability in the BlogAPI module in Drupal 5.x before 5.10 and 6.x befor...
CVE-2008-3743 Multiple cross-site request forgery (CSRF) vulnerabilities in forms in Drupal 6.x before 6.4 allow r...
CVE-2008-3744 Multiple cross-site request forgery (CSRF) vulnerabilities in Drupal 5.x before 5.10 and 6.x before ...
S
CVE-2008-3745 The Upload module in Drupal 6.x before 6.4 allows remote authenticated users to edit nodes, delete f...
S
CVE-2008-3746 neon 0.28.0 through 0.28.2 allows remote servers to cause a denial of service (NULL pointer derefere...
S
CVE-2008-3747 The (1) get_edit_post_link and (2) get_edit_comment_link functions in wp-includes/link-template.php ...
S
CVE-2008-3748 SQL injection vulnerability in view_group.php in Active PHP Bookmarks (APB) 1.1.02 and 1.2.06 allows...
E
CVE-2008-3749 SQL injection vulnerability in tr.php in YourFreeWorld Banner Management Script allows remote attack...
E
CVE-2008-3750 SQL injection vulnerability in tr.php in YourFreeWorld URL Rotator Script allows remote attackers to...
E
CVE-2008-3751 SQL injection vulnerability in tr.php in YourFreeWorld Short Url & Url Tracker Script allows remote ...
E
CVE-2008-3752 SQL injection vulnerability in tr.php in YourFreeWorld Ad-Exchange Script allows remote attackers to...
E
CVE-2008-3753 SQL injection vulnerability in details.php in YourFreeWorld Programs Rating Script allows remote att...
E
CVE-2008-3754 SQL injection vulnerability in trl.php in YourFreeWorld Stylish Text Ads Script allows remote attack...
E
CVE-2008-3755 SQL injection vulnerability in view.php in YourFreeWorld Classifieds Script allows remote attackers ...
E
CVE-2008-3756 SQL injection vulnerability in tr.php in YourFreeWorld Viral Marketing Script allows remote attacker...
E
CVE-2008-3757 SQL injection vulnerability in tr1.php in YourFreeWorld Forced Matrix Script allows remote attackers...
E
CVE-2008-3758 Multiple cross-site scripting (XSS) vulnerabilities in Lussumo Vanilla 1.1.4 and earlier (1) allow r...
E S
CVE-2008-3759 Cross-site request forgery (CSRF) vulnerability in ajax/UpdateCheck.php in Vanilla 1.1.4 and earlier...
E
CVE-2008-3760 Cross-site request forgery (CSRF) vulnerability in the sign-out page in Vanilla 1.1.4 and earlier al...
E
CVE-2008-3761 hcmon.sys in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1...
E
CVE-2008-3762 SQL injection vulnerability in onlinestatus_html.php in Turnkey PHP Live Helper 2.0.1 and earlier al...
E
CVE-2008-3763 Variable overwrite vulnerability in libsecure.php in Turnkey PHP Live Helper 2.0.1 and earlier, when...
E
CVE-2008-3764 Eval injection vulnerability in globalsoff.php in Turnkey PHP Live Helper 2.0.1 and earlier allows r...
E
CVE-2008-3765 SQL injection vulnerability in code.php in Quick Poll Script allows remote attackers to execute arbi...
E
CVE-2008-3766 Realtime Internet Band Rehearsal Low-Latency (Internet) Connection tool (llcon) before 2.1.2 allows ...
S
CVE-2008-3767 SQL injection vulnerability in classified.php in phpBazar 2.0.2 allows remote attackers to execute a...
E
CVE-2008-3768 Multiple SQL injection vulnerabilities in class.ajax.php in Turnkey Web Tools SunShop Shopping Cart ...
E S
CVE-2008-3769 PHP remote file inclusion vulnerability in admin/create_order_new.php in Freeway 1.4.1.171, when reg...
CVE-2008-3770 Multiple directory traversal vulnerabilities in Freeway 1.4.1.171, when register_globals is enabled,...
E
CVE-2008-3771 Cross-site scripting (XSS) vulnerability in members.php in Pars4u Videosharing 1 allows remote attac...
E
CVE-2008-3772 SQL injection vulnerability in categories_portal.php in Pars4u Videosharing 1 allows remote attacker...
E
CVE-2008-3773 Cross-site scripting (XSS) vulnerability in vBulletin 3.7.2 PL1 and 3.6.10 PL3, when "Show New Priva...
S
CVE-2008-3774 SQL injection vulnerability in index.php in Simasy CMS allows remote attackers to execute arbitrary ...
E
CVE-2008-3775 Folder Lock 5.9.5 and earlier uses weak encryption (ROT-25) for the password, which allows local adm...
CVE-2008-3776 Directory traversal vulnerability in Fujitsu Web-Based Admin View 2.1.2 allows remote attackers to r...
E
CVE-2008-3777 The SIP Enablement Services (SES) Server in Avaya SIP Enablement Services 5.0, and Communication Man...
CVE-2008-3778 The remote management interface in SIP Enablement Services (SES) Server in Avaya SIP Enablement Serv...
CVE-2008-3779 Cross-site scripting (XSS) vulnerability in search/index.php in Five Star Review Script allows remot...
E
CVE-2008-3780 SQL injection vulnerability in recommend.php in Five Star Review Script allows remote attackers to e...
E
CVE-2008-3781 Cross-site scripting (XSS) vulnerability in GMOD GBrowse before 1.69 allows remote attackers to inje...
S
CVE-2008-3782 Multiple cross-site scripting (XSS) vulnerabilities in admin/index.php in ACG-PTP 1.0.6 allow remote...
CVE-2008-3783 Multiple SQL injection vulnerabilities in index.php in Matterdaddy Market 1.1, when magic_quotes_gpc...
E
CVE-2008-3784 SQL injection vulnerability in scrape.php in BtiTracker 1.4.7 and earlier and xBtiTracker 2.0.542 an...
E
CVE-2008-3785 Multiple SQL injection vulnerabilities in the com_content component in MiaCMS 4.6.5 allow remote att...
E S
CVE-2008-3786 Cross-site scripting (XSS) vulnerability in index.php in PICTURESPRO Photo Cart 3.9 allows remote at...
CVE-2008-3787 SQL injection vulnerability in listing_view.php in Web Directory Script 2.0 and earlier allows remot...
E
CVE-2008-3788 Multiple SQL injection vulnerabilities in PICTURESPRO Photo Cart 3.9, when magic_quotes_gpc is disab...
E
CVE-2008-3789 Samba 3.2.0 uses weak permissions (0666) for the (1) group_mapping.tdb and (2) group_mapping.ldb fil...
CVE-2008-3790 The REXML module in Ruby 1.8.6 through 1.8.6-p287, 1.8.7 through 1.8.7-p72, and 1.9 allows context-d...
E S
CVE-2008-3791 src/main-win.c in GPicView 0.1.9 in Lightweight X11 Desktop Environment (LXDE) allows local users to...
CVE-2008-3792 net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux ker...
E S
CVE-2008-3793 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-3792. Reason: This candidate...
R
CVE-2008-3794 Integer signedness error in the mms_ReceiveCommand function in modules/access/mms/mmstu.c in VLC Med...
E
CVE-2008-3795 Buffer overflow in Ipswitch WS_FTP Home client allows remote FTP servers to have an unknown impact v...
E
CVE-2008-3796 Swfdec 0.6 before 0.6.8 allows remote attackers to cause a denial of service (application crash) via...
S
CVE-2008-3798 Cisco IOS 12.4 allows remote attackers to cause a denial of service (device crash) via a normal, pro...
CVE-2008-3799 Memory leak in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4, ...
CVE-2008-3800 Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 ...
CVE-2008-3801 Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 ...
CVE-2008-3802 Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 ...
CVE-2008-3803 A "logic error" in Cisco IOS 12.0 through 12.4, when a Multiprotocol Label Switching (MPLS) VPN with...
CVE-2008-3804 Unspecified vulnerability in the Multi Protocol Label Switching (MPLS) Forwarding Infrastructure (MF...
CVE-2008-3805 Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP...
CVE-2008-3806 Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP...
CVE-2008-3807 Cisco IOS 12.2 and 12.3 on Cisco uBR10012 series devices, when linecard redundancy is configured, en...
CVE-2008-3808 Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial o...
CVE-2008-3809 Cisco IOS 12.0 through 12.4 on Gigabit Switch Router (GSR) devices (aka 12000 Series routers) allows...
CVE-2008-3810 Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) Fragmentation Support is enabl...
CVE-2008-3811 Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) Fragmentation Support is enabl...
S
CVE-2008-3812 Cisco IOS 12.4, when IOS firewall Application Inspection Control (AIC) with HTTP Deep Packet Inspect...
CVE-2008-3813 Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when the L2TP mgmt daemon process is enabled, ...
CVE-2008-3814 Unspecified vulnerability in Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x befo...
S
CVE-2008-3815 Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security A...
CVE-2008-3816 Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security A...
S
CVE-2008-3817 Memory leak in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 8.0 ...
S
CVE-2008-3818 Cisco ONS 15310-CL, 15310-MA, 15327, 15454, 15454 SDH, and 15600 with software 7.0.2 through 7.0.6, ...
CVE-2008-3819 dnsserver in Cisco Application Control Engine Global Site Selector (GSS) before 3.0(1) allows remote...
S
CVE-2008-3820 Cisco Security Manager 3.1 and 3.2 before 3.2.2, when Cisco IPS Event Viewer (IEV) is used, exposes ...
S
CVE-2008-3821 Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 11.0 through 12....
E
CVE-2008-3822 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2008-3823 Cross-site scripting (XSS) vulnerability in MIME/MIME/Contents.php in the MIME library in Horde 3.2....
E S
CVE-2008-3824 Cross-site scripting (XSS) vulnerability in (1) Text_Filter/Filter/xss.php in Horde 3.1.x before 3.1...
E S
CVE-2008-3825 pam_krb5 2.2.14 in Red Hat Enterprise Linux (RHEL) 5 and earlier, when the existing_ticket option is...
CVE-2008-3826 Unspecified vulnerability in Condor before 7.0.5 allows attackers to execute jobs as other users via...
CVE-2008-3827 Multiple integer underflows in the Real demuxer (demux_real.c) in MPlayer 1.0_rc2 and earlier allow ...
S
CVE-2008-3828 Stack-based buffer overflow in the condor_ schedd daemon in Condor before 7.0.5 allows attackers to ...
CVE-2008-3829 Unspecified vulnerability in the condor_ schedd daemon in Condor before 7.0.5 allows attackers to ca...
CVE-2008-3830 Condor before 7.0.5 does not properly handle when the configuration specifies overlapping netmasks i...
CVE-2008-3831 The i915 driver in (1) drivers/char/drm/i915_dma.c in the Linux kernel 2.6.24 on Debian GNU/Linux an...
S
CVE-2008-3832 A certain Fedora patch for the utrace subsystem in the Linux kernel before 2.6.26.5-28 on Fedora 8, ...
E
CVE-2008-3833 The generic_file_splice_write function in fs/splice.c in the Linux kernel before 2.6.19 does not pro...
CVE-2008-3834 The dbus_signature_validate function in the D-bus library (libdbus) before 1.2.4 allows remote attac...
E
CVE-2008-3835 The nsXMLDocument::OnChannelRedirect function in Mozilla Firefox before 2.0.0.17, Thunderbird before...
CVE-2008-3836 feedWriter in Mozilla Firefox before 2.0.0.17 allows remote attackers to execute scripts with chrome...
S
CVE-2008-3837 Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, and SeaMonkey before 1.1.12, allow user-assist...
S
CVE-2008-3838 Unspecified vulnerability in the NFS Remote Procedure Calls (RPC) zones implementation in Sun Solari...
S
CVE-2008-3839 Unspecified vulnerability in the NFS module in the kernel in Sun Solaris 10 and OpenSolaris snv_59 t...
CVE-2008-3840 Crafty Syntax Live Help (CSLH) 2.14.6 and earlier stores passwords in cleartext in a MySQL database,...
E S
CVE-2008-3841 Cross-site scripting (XSS) vulnerability in admin/search_links.php in Freeway eCommerce 1.4.1.171 al...
CVE-2008-3842 Request Validation (aka the ValidateRequest filters) in ASP.NET in Microsoft .NET Framework without ...
CVE-2008-3843 Request Validation (aka the ValidateRequest filters) in ASP.NET in Microsoft .NET Framework with the...
CVE-2008-3844 Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using...
CVE-2008-3845 Multiple SQL injection vulnerabilities in Crafty Syntax Live Help (CSLH) 2.14.6 and earlier allow re...
E S
CVE-2008-3846 Cross-site scripting (XSS) vulnerability in mysql-lists 1.2 and earlier allows remote attackers to i...
CVE-2008-3847 Multiple cross-site scripting (XSS) vulnerabilities in AN Guestbook (ANG) before 0.7.6 allow remote ...
S
CVE-2008-3848 SQL injection vulnerability in single.php in Z-Breaknews 2.0 allows remote attackers to execute arbi...
E
CVE-2008-3849 Cross-site scripting (XSS) vulnerability in the calendar controller in Civic Website Manager before ...
S
CVE-2008-3850 Cross-site scripting (XSS) vulnerability in Accellion File Transfer FTA_7_0_135 allows remote attack...
CVE-2008-3851 Multiple directory traversal vulnerabilities in Pluck CMS 4.5.2 on Windows allow remote attackers to...
E S
CVE-2008-3852 Unspecified vulnerability in the CLR stored procedure deployment from IBM Database Add-Ins for Visua...
CVE-2008-3853 Buffer overflow in the DAS server program in the Core DAS function component in IBM DB2 9.1 before F...
S
CVE-2008-3854 Multiple stack-based buffer overflows in IBM DB2 9.1 before Fixpak 5 and 9.5 before Fixpak 1 allow r...
S
CVE-2008-3855 Unspecified vulnerability in the DB2 Administration Server (DAS) in the Core DAS function component ...
S
CVE-2008-3856 The routine infrastructure component in IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP1 on...
S
CVE-2008-3857 The Base Service Utilities component in IBM DB2 9.1 before Fixpak 5 retains a cleartext password in ...
S
CVE-2008-3858 The Downlevel DB2RA Support component in IBM DB2 9.1 before Fixpak 4a allows remote attackers to cau...
S
CVE-2008-3859 Davlin Thickbox Gallery 2 allows remote attackers to obtain the administrative username and MD5 pass...
E
CVE-2008-3860 Multiple cross-site scripting (XSS) vulnerabilities (1) in the WYSIWYG editors, (2) during local gro...
CVE-2008-3861 Multiple SQL injection vulnerabilities in phpMyRealty (PMR) 1.0.9 and earlier allow remote attackers...
E
CVE-2008-3862 Stack-based buffer overflow in CGI programs in the server in Trend Micro OfficeScan 7.3 Patch 4 buil...
S
CVE-2008-3863 Stack-based buffer overflow in the read_special_escape function in src/psgen.c in GNU Enscript 1.6.1...
CVE-2008-3864 The ApiThread function in the firewall service (aka TmPfw.exe) in Trend Micro Network Security Compo...
S
CVE-2008-3865 Multiple heap-based buffer overflows in the ApiThread function in the firewall service (aka TmPfw.ex...
S
CVE-2008-3866 The Trend Micro Personal Firewall service (aka TmPfw.exe) in Trend Micro Network Security Component ...
S
CVE-2008-3867 SQL injection vulnerability in spaces/emailuser.php in Interact 2.4.1 allows remote attackers to exe...
CVE-2008-3868 Cross-site request forgery (CSRF) vulnerability in Interact 2.4.1 allows remote attackers to hijack ...
CVE-2008-3869 Heap-based buffer overflow in sadmind in Sun Solaris 8 and 9 allows remote attackers to execute arbi...
S
CVE-2008-3870 Integer overflow in sadmind in Sun Solaris 8 and 9 allows remote attackers to execute arbitrary code...
S
CVE-2008-3871 Multiple format string vulnerabilities in UltraISO 9.3.1.2633, and possibly other versions before 9....
S
CVE-2008-3872 Adobe Flash Player 8.0.39.0 and earlier, and 9.x up to 9.0.115.0, allows remote attackers to bypass ...
CVE-2008-3873 The System.setClipboard method in ActionScript in Adobe Flash Player 9.0.124.0 and earlier allows re...
CVE-2008-3874 Cross-site scripting (XSS) vulnerability in account.php in Lussumo Vanilla 1.1.5-rc1, 1.1.4, and ear...
E
CVE-2008-3875 The kernel in Sun Solaris 8 through 10 and OpenSolaris before snv_90 allows local users to bypass ch...
S
CVE-2008-3876 Apple iPhone 2.0.2, in some configurations, allows physically proximate attackers to bypass intended...
E
CVE-2008-3877 Stack-based buffer overflow in Acoustica Mixcraft 4.1 Build 96 and 4.2 Build 98 allows user-assisted...
E
CVE-2008-3878 Stack-based buffer overflow in the Ultra.OfficeControl ActiveX control in OfficeCtrl.ocx 2.0.2008.80...
E
CVE-2008-3879 The Ultra.OfficeControl ActiveX control in OfficeCtrl.ocx 2.0.2008.801 and earlier in Ultra Sharewar...
E
CVE-2008-3880 SQL injection vulnerability in zm_html_view_event.php in ZoneMinder 1.23.3 and earlier allows remote...
CVE-2008-3881 Multiple cross-site scripting (XSS) vulnerabilities in ZoneMinder 1.23.3 and earlier allow remote at...
CVE-2008-3882 Unspecified "Command Injection" vulnerability in ZoneMinder 1.23.3 and earlier allows remote attacke...
CVE-2008-3883 configvar in Caudium 1.4.12 allows local users to overwrite arbitrary files via a symlink attack on ...
CVE-2008-3884 Cross-site scripting (XSS) vulnerability in Blogn (BURO GUN) 1.9.7 and earlier allows remote attacke...
CVE-2008-3885 Cross-site request forgery (CSRF) vulnerability in Blogn (BURO GUN) 1.9.7 and earlier allows remote ...
CVE-2008-3886 Multiple cross-site scripting (XSS) vulnerabilities in index.php in dotProject 2.1.2 allow remote at...
E
CVE-2008-3887 Multiple SQL injection vulnerabilities in index.php in dotProject 2.1.2 allow (1) remote authenticat...
E
CVE-2008-3888 SQL injection vulnerability in members.asp in Mini-NUKE Freehost 2.3 allows remote attackers to exec...
CVE-2008-3889 Postfix 2.4 before 2.4.9, 2.5 before 2.5.5, and 2.6 before 2.6-20080902, when used with the Linux 2....
E S
CVE-2008-3890 The kernel in FreeBSD 6.3 through 7.0 on amd64 platforms can make an extra swapgs call after a Gener...
CVE-2008-3891 The SAML Single Sign-On (SSO) Service for Google Apps allows remote service providers to impersonate...
CVE-2008-3892 Buffer overflow in a certain ActiveX control in the COM API in VMware Workstation 5.5.x before 5.5.8...
E S
CVE-2008-3893 Microsoft Bitlocker in Windows Vista before SP1 stores pre-boot authentication passwords in the BIOS...
CVE-2008-3894 IBM Lenovo firmware 7CETB5WW 2.05 stores pre-boot authentication passwords in the BIOS Keyboard buff...
CVE-2008-3895 LILO 22.6.1 and earlier stores pre-boot authentication passwords in the BIOS Keyboard buffer and doe...
E
CVE-2008-3896 Grub Legacy 0.97 and earlier stores pre-boot authentication passwords in the BIOS Keyboard buffer an...
CVE-2008-3897 DiskCryptor 0.2.6 on Windows stores pre-boot authentication passwords in the BIOS Keyboard buffer an...
CVE-2008-3898 Secu Star DriveCrypt Plus Pack 3.9 stores pre-boot authentication passwords in the BIOS Keyboard buf...
CVE-2008-3899 TrueCrypt 5.0 stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clea...
CVE-2008-3900 Intel firmware PE94510M.86A.0050.2007.0710.1559 stores pre-boot authentication passwords in the BIOS...
CVE-2008-3901 Software suspend 2 2-2.2.1, when used with the Linux kernel 2.6.16, stores pre-boot authentication p...
CVE-2008-3902 HP firmware 68DTT F.0D stores pre-boot authentication passwords in the BIOS Keyboard buffer and does...
CVE-2008-3903 Asterisk Open Source 1.2.x before 1.2.32, 1.4.x before 1.4.24.1, and 1.6.0.x before 1.6.0.8; Asteris...
CVE-2008-3904 src/main-win.c in GPicView 0.1.9 in Lightweight X11 Desktop Environment (LXDE) allows context-depend...
E
CVE-2008-3905 resolv.rb in Ruby 1.8.5 and earlier, 1.8.6 before 1.8.6-p287, 1.8.7 before 1.8.7-p72, and 1.9 r18423...
E S
CVE-2008-3906 CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows remote attackers to inject ar...
E
CVE-2008-3907 The open-in-browser command in newsbeuter before 1.1 allows remote attackers to execute arbitrary co...
CVE-2008-3908 Multiple buffer overflows in Princeton WordNet (wn) 3.0 allow context-dependent attackers to execute...
S
CVE-2008-3909 The administration application in Django 0.91, 0.95, and 0.96 stores unauthenticated HTTP POST reque...
S
CVE-2008-3910 dns2tcp before 0.4.1 does not properly handle negative values in a certain length field in the input...
E
CVE-2008-3911 The proc_do_xprt function in net/sunrpc/sysctl.c in the Linux kernel 2.6.26.3 does not check the len...
E
CVE-2008-3912 libclamav in ClamAV before 0.94 allows attackers to cause a denial of service (NULL pointer derefere...
S
CVE-2008-3913 Multiple memory leaks in freshclam/manager.c in ClamAV before 0.94 might allow attackers to cause a ...
S
CVE-2008-3914 Multiple unspecified vulnerabilities in ClamAV before 0.94 have unknown impact and attack vectors re...
S
CVE-2008-3915 Buffer overflow in nfsd in the Linux kernel before 2.6.26.4, when NFSv4 is enabled, allows remote at...
CVE-2008-3916 Heap-based buffer overflow in the strip_escapes function in signal.c in GNU ed before 1.0 allows con...
CVE-2008-3917 Cross-site scripting (XSS) vulnerability in index.php in Ovidentia 6.6.5 allows remote attackers to ...
CVE-2008-3918 SQL injection vulnerability in index.php in Ovidentia 6.6.5 allows remote attackers to execute arbit...
CVE-2008-3919 Unspecified vulnerability in multiple JustSystems Ichitaro products allows remote attackers to execu...
CVE-2008-3920 Unspecified vulnerability in BitlBee before 1.2.2 allows remote attackers to "recreate" and "hijack"...
CVE-2008-3921 Multiple cross-site scripting (XSS) vulnerabilities in AWStats Totals 1.0 through 1.14 allow remote ...
S
CVE-2008-3922 awstatstotals.php in AWStats Totals 1.0 through 1.14 allows remote attackers to execute arbitrary co...
E S
CVE-2008-3923 Multiple cross-site scripting (XSS) vulnerabilities in statistics.php in Content Management Made Eas...
E
CVE-2008-3924 The "Make a backup" functionality in Content Management Made Easy (CMME) 1.12 stores sensitive infor...
E
CVE-2008-3925 Cross-site request forgery (CSRF) vulnerability in admin.php in Content Management Made Easy (CMME) ...
E
CVE-2008-3926 Multiple directory traversal vulnerabilities in Content Management Made Easy (CMME) 1.12 allow remot...
E
CVE-2008-3927 genmsgidx in Tiger 3.2.2 allows local users to overwrite or delete arbitrary files via a symlink att...
CVE-2008-3928 test.sh in Honeyd 1.5c might allow local users to overwrite arbitrary files via a symlink attack on ...
CVE-2008-3929 gather-messages.sh in Ampache 3.4.1 allows local users to overwrite arbitrary files via a symlink at...
CVE-2008-3930 migrate_aliases.sh in Citadel Server 7.37 allows local users to overwrite arbitrary files via a syml...
CVE-2008-3931 javareconf in R 2.7.2 allows local users to overwrite arbitrary files via a symlink attack on tempor...
CVE-2008-3932 Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allows attackers to cause a denial of service (han...
S
CVE-2008-3933 Wireshark (formerly Ethereal) 0.10.14 through 1.0.2 allows attackers to cause a denial of service (c...
S
CVE-2008-3934 Unspecified vulnerability in Wireshark (formerly Ethereal) 0.99.6 through 1.0.2 allows attackers to ...
S
CVE-2008-3935 Cross-site scripting (XSS) vulnerability in DIC shop_v50 3.0 and earlier and shop_v52 2.0 and earlie...
S
CVE-2008-3936 The web interface in Dreambox DM500C allows remote attackers to cause a denial of service (applicati...
E
CVE-2008-3937 Multiple cross-site scripting (XSS) vulnerabilities in Open Media Collectors Database (OpenDb) 1.0.6...
E
CVE-2008-3938 Cross-site request forgery (CSRF) vulnerability in user_admin.php in Open Media Collectors Database ...
E
CVE-2008-3939 Directory traversal vulnerability in the web interface in AVTECH PageR Enterprise before 5.0.7 allow...
CVE-2008-3940 Format string vulnerability in the finger client in HP TCP/IP Services for OpenVMS 5.x allows local ...
CVE-2008-3941 Cross-site scripting (XSS) vulnerability in BizDirectory 2.04 and earlier allows remote attackers to...
E
CVE-2008-3942 SQL injection vulnerability in landsee.php in Full PHP Emlak Script allows remote attackers to execu...
E
CVE-2008-3943 SQL injection vulnerability in listtest.php in eZoneScripts Living Local 1.1 allows remote attackers...
E
CVE-2008-3944 SQL injection vulnerability in index.php in ACG-PTP 1.0.6 allows remote attackers to execute arbitra...
E
CVE-2008-3945 SQL injection vulnerability in index.php in Words tag 1.2 allows remote attackers to execute arbitra...
E
CVE-2008-3946 The finger client in HP TCP/IP Services for OpenVMS 5.x allows local users to read arbitrary files v...
CVE-2008-3947 DCL (aka the CLI) in OpenVMS Alpha 8.3 allows local users to gain privileges via a long command line...
CVE-2008-3948 SQL injection vulnerability in admin/users/self-2.php in XRMS allows remote attackers to execute arb...
E
CVE-2008-3949 emacs/lisp/progmodes/python.el in Emacs 22.1 and 22.2 imports Python script from the current working...
CVE-2008-3950 Off-by-one error in the _web_drawInRect:withFont:ellipsis:alignment:measureOnly function in WebKit i...
S
CVE-2008-3951 SQL injection vulnerability in view_ann.php in Vastal I-Tech Agent Zone (aka The Real Estate Script)...
E S
CVE-2008-3952 SQL injection vulnerability in questions.php in EsFaq 2.0 allows remote attackers to execute arbitra...
E
CVE-2008-3953 SQL injection vulnerability in keyword_search_action.php in Vastal I-Tech Shaadi Zone 1.0.9 allows r...
E
CVE-2008-3954 SQL injection vulnerability in index.php in AlstraSoft Forum Pay Per Post Exchange allows remote att...
E
CVE-2008-3955 SQL injection vulnerability in index.php in Masir Camp E-Shop Module 3.0 and earlier allows remote a...
E
CVE-2008-3956 orgchart.exe in Microsoft Organization Chart 2.00 allows user-assisted attackers to cause a denial o...
E
CVE-2008-3957 The Microsoft Windows Image Acquisition Logger ActiveX control allows remote attackers to force the ...
E
CVE-2008-3958 IBM DB2 UDB 8 before Fixpak 17 allows remote attackers to cause a denial of service (instance crash)...
CVE-2008-3959 IBM DB2 UDB 8.1 before FixPak 16, 8.2 before FixPak 9, and 9.1 before FixPak 4a allows remote attack...
S
CVE-2008-3960 Unspecified vulnerability in the JDBC Applet Server Service (aka db2jds) in IBM DB2 UDB 8 before Fix...
CVE-2008-3961 Multiple unspecified vulnerabilities in Adobe Illustrator CS2 on Macintosh allow user-assisted attac...
CVE-2008-3962 The from_format function in ssmtp.c in ssmtp 2.61 and 2.62, in certain configurations, uses uninitia...
CVE-2008-3963 MySQL 5.0 before 5.0.66, 5.1 before 5.1.26, and 6.0 before 6.0.6 does not properly handle a b'' (b s...
S
CVE-2008-3964 Multiple off-by-one errors in libpng before 1.2.32beta01, and 1.4 before 1.4.0beta34, allow context-...
E S
CVE-2008-3965 SQL injection vulnerability in misc.php in MyBB (aka MyBulletinBoard) before 1.4.1 allows remote att...
CVE-2008-3966 Multiple cross-site scripting (XSS) vulnerabilities in MyBB (aka MyBulletinBoard) before 1.4.1 allow...
E
CVE-2008-3967 moderation.php in MyBB (aka MyBulletinBoard) before 1.4.1 does not properly check for moderator priv...
CVE-2008-3968 Cross-site scripting (XSS) vulnerability in userlist.php in PunBB before 1.2.20 allows remote attack...
CVE-2008-3969 Multiple unspecified vulnerabilities in BitlBee before 1.2.3 allow remote attackers to "overwrite" a...
CVE-2008-3970 pam_mount 0.10 through 0.45, when luserconf is enabled, does not verify mountpoint and source owners...
CVE-2008-3971 Heap-based buffer overflow in the open_man_file function in callbacks.c in gmanedit 0.4.1 allows rem...
E
CVE-2008-3972 pkcs15-tool in OpenSC before 0.11.6 does not apply security updates to a smart card unless the card'...
CVE-2008-3973 Unspecified vulnerability in the SQL*Plus Windows GUI component in Oracle Database allows local user...
CVE-2008-3974 Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.0.2.8 and 9.2.0.8DV allo...
CVE-2008-3975 Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 9.0.4.3 and 10...
CVE-2008-3976 Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10....
CVE-2008-3977 Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 9.0.4.3 and 10...
CVE-2008-3978 Unspecified vulnerability in the Oracle Spatial component in Oracle Database 10.1.0.5 allows remote ...
CVE-2008-3979 Unspecified vulnerability in the Oracle Spatial component in Oracle Database 10.1.0.5 and 10.2.0.2 a...
E
CVE-2008-3980 Unspecified vulnerability in the Upgrade component in Oracle Database 10.1.0.5 and 10.2.0.3 allows r...
CVE-2008-3981 Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.1.0.1 all...
CVE-2008-3982 Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, ...
CVE-2008-3983 Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, ...
CVE-2008-3984 Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, ...
CVE-2008-3985 Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business...
CVE-2008-3986 Unspecified vulnerability in the Oracle Discoverer Administrator component in Oracle Application Ser...
CVE-2008-3987 Unspecified vulnerability in the Oracle Discoverer Desktop component in Oracle Application Server 10...
CVE-2008-3988 Unspecified vulnerability in the iSupplier Portal component in Oracle E-Business Suite 11.5.10.2 and...
CVE-2008-3989 Unspecified vulnerability in the Oracle Data Mining component in Oracle Database 10.2.0.3 allows rem...
CVE-2008-3990 Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.08, 9.2.0.8DV, and 10....
CVE-2008-3991 Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.08, 9.2.0.8DV, and 10....
S
CVE-2008-3992 Unspecified vulnerability in the Oracle Data Mining component in Oracle Database 10.2.0.4 allows rem...
CVE-2008-3993 Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite ...
CVE-2008-3994 Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, ...
CVE-2008-3995 Unspecified vulnerability in the Change Data Capture component in Oracle Database 10.1.0.5, 10.2.0.4...
CVE-2008-3996 Unspecified vulnerability in the Change Data Capture component in Oracle Database 10.1.0.5, 10.2.0.4...
CVE-2008-3997 Unspecified vulnerability in the Oracle OLAP component in Oracle Database 10.1.0.5 and 10.2.0.3 allo...
CVE-2008-3998 Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 12.0.4 allows re...
CVE-2008-3999 Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.0.8, 9.2.0.8DV, and 10...
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.