| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2008-5000 | SQL injection vulnerability in admin/includes/news.inc.php in PHPX 3.5.16, when magic_quotes_gpc is ... | E | |
| CVE-2008-5001 | Multiple stack-based buffer overflows in multiple functions in vncviewer/FileTransfer.cpp in vncview... | | |
| CVE-2008-5002 | Insecure method vulnerability in the ChilkatCrypt2.ChilkatCrypt2.1 ActiveX control (ChilkatCrypt2.dl... | E | |
| CVE-2008-5003 | SQL injection vulnerability in ndetail.php in Shahrood allows remote attackers to execute arbitrary ... | E | |
| CVE-2008-5004 | SQL injection vulnerability in genscode.php in myWebland Bloggie Lite 0.0.2 beta allows remote attac... | E | |
| CVE-2008-5005 | Multiple stack-based buffer overflows in (1) University of Washington IMAP Toolkit 2002 through 2007... | S | |
| CVE-2008-5006 | smtp.c in the c-client library in University of Washington IMAP Toolkit 2007b allows remote SMTP ser... | | |
| CVE-2008-5007 | create_lazarus_export_tgz.sh in lazarus 0.9.24 allows local users to overwrite or delete arbitrary f... | E | |
| CVE-2008-5008 | Buffer overflow in src/src_sinc.c in Secret Rabbit Code (aka SRC or libsamplerate) before 0.1.4, whe... | | |
| CVE-2008-5009 | Race condition in the s_xout kernel module in Sun Solstice X.25 9.2, when running on a multiple CPU ... | S | |
| CVE-2008-5010 | in.dhcpd in the DHCP implementation in Sun Solaris 8 through 10, and OpenSolaris before snv_103, all... | S | |
| CVE-2008-5011 | Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Quickr 8.1 before 8.1.0.2 services ... | S | |
| CVE-2008-5012 | Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.1... | | |
| CVE-2008-5013 | Mozilla Firefox 2.x before 2.0.0.18 and SeaMonkey 1.x before 1.1.13 do not properly check when the F... | | |
| CVE-2008-5014 | jslock.cpp in Mozilla Firefox 3.x before 3.0.2, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before ... | | |
| CVE-2008-5015 | Mozilla Firefox 3.x before 3.0.4 assigns chrome privileges to a file: URI when it is accessed in the... | | |
| CVE-2008-5016 | The layout engine in Mozilla Firefox 3.x before 3.0.4, Thunderbird 2.x before 2.0.0.18, and SeaMonke... | | |
| CVE-2008-5017 | Integer overflow in xpcom/io/nsEscape.cpp in the browser engine in Mozilla Firefox 3.x before 3.0.4,... | | |
| CVE-2008-5018 | The JavaScript engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird ... | | |
| CVE-2008-5019 | The session restore feature in Mozilla Firefox 3.x before 3.0.4 and 2.x before 2.0.0.18 allows remot... | | |
| CVE-2008-5020 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-0017. Reason: This candida... | R | |
| CVE-2008-5021 | nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.... | | |
| CVE-2008-5022 | The nsXMLHttpRequest::NotifyEventListeners method in Firefox 3.x before 3.0.4, Firefox 2.x before 2.... | | |
| CVE-2008-5023 | Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote... | | |
| CVE-2008-5024 | Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and ... | E | |
| CVE-2008-5025 | Stack-based buffer overflow in the hfs_cat_find_brec function in fs/hfs/catalog.c in the Linux kerne... | | |
| CVE-2008-5026 | Microsoft SharePoint uses URLs with the same hostname and port number for a web site's primary files... | | |
| CVE-2008-5027 | The Nagios process in (1) Nagios before 3.0.5 and (2) op5 Monitor before 4.0.1 allows remote authent... | S | |
| CVE-2008-5028 | Cross-site request forgery (CSRF) vulnerability in cmd.cgi in (1) Nagios 3.0.5 and (2) op5 Monitor b... | S | |
| CVE-2008-5029 | The __scm_destroy function in net/core/scm.c in the Linux kernel 2.6.27.4, 2.6.26, and earlier makes... | E S | |
| CVE-2008-5030 | Heap-based buffer overflow in the cddb_read_disc_data function in cddb.c in libcdaudio 0.99.12p2 all... | | |
| CVE-2008-5031 | Multiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6, allow context-dependent attackers... | | |
| CVE-2008-5032 | Stack-based buffer overflow in VideoLAN VLC media player 0.5.0 through 0.9.5 might allow user-assist... | E | |
| CVE-2008-5033 | The chip_command function in drivers/media/video/tvaudio.c in the Linux kernel 2.6.25.x before 2.6.2... | S | |
| CVE-2008-5034 | master-filter in printfilters-ppd 2.13 allows local users to overwrite arbitrary files via a symlink... | E | |
| CVE-2008-5035 | The Resource Monitoring and Control (RMC) daemon in IBM Hardware Management Console (HMC) 7 release ... | | |
| CVE-2008-5036 | Stack-based buffer overflow in VideoLAN VLC media player 0.9.x before 0.9.6 might allow user-assiste... | E | |
| CVE-2008-5037 | SQL injection vulnerability in view.php in ElkaGroup Image Gallery 1.0 allows remote attackers to ex... | E | |
| CVE-2008-5038 | Use-after-free vulnerability in the NetWare Core Protocol (NCP) feature in Novell eDirectory 8.7.3 S... | S | |
| CVE-2008-5039 | Cross-site scripting (XSS) vulnerability in the League module for PHP-Nuke, possibly 2.4, allows rem... | E | |
| CVE-2008-5040 | Graphiks MyForum 1.3 allows remote attackers to bypass authentication and gain administrative access... | E | |
| CVE-2008-5041 | Sweex RO002 Router with firmware Ts03-072 has "rdc123" as its default password for the "rdc123" acco... | | |
| CVE-2008-5042 | Zeeways PhotoVideoTube 1.1 and earlier allows remote attackers to bypass authentication and perform ... | E | |
| CVE-2008-5043 | Multiple cross-site scripting (XSS) vulnerabilities in the web-based interface in IBM Metrica Servic... | E | |
| CVE-2008-5044 | Race condition in Microsoft Windows Server 2003 and Vista allows local users to cause a denial of se... | E | |
| CVE-2008-5045 | Heap-based buffer overflow in Network-Client FTP Now 2.6, and possibly other versions, allows remote... | E | |
| CVE-2008-5046 | SQL injection vulnerability in index.php in Mole Group Pizza Script allows remote attackers to execu... | E | |
| CVE-2008-5047 | SQL injection vulnerability in admin/index.php in Mole Group Rental Script allows remote attackers t... | E | |
| CVE-2008-5048 | Buffer overflow in Atepmon.sys in ISecSoft Anti-Trojan Elite 4.2.1 and earlier, and possibly 4.2.2, ... | | |
| CVE-2008-5049 | Buffer overflow in AKEProtect.sys 3.3.3.0 in ISecSoft Anti-Keylogger Elite 3.3.0 and earlier, and po... | E | |
| CVE-2008-5050 | Off-by-one error in the get_unicode_name function (libclamav/vba_extract.c) in Clam Anti-Virus (Clam... | E S | |
| CVE-2008-5051 | SQL injection vulnerability in the JooBlog (com_jb2) component 0.1.1 for Joomla! allows remote attac... | E | |
| CVE-2008-5052 | The AppendAttributeValue function in the JavaScript engine in Mozilla Firefox 2.x before 2.0.0.18, T... | | |
| CVE-2008-5053 | PHP remote file inclusion vulnerability in admin.rssreader.php in the Simple RSS Reader (com_rssread... | E | |
| CVE-2008-5054 | Multiple SQL injection vulnerabilities in Develop It Easy Membership System 1.3 allow remote attacke... | E | |
| CVE-2008-5055 | SQL injection vulnerability in department_offline_context.php in ActiveCampaign TrioLive before 1.58... | S | |
| CVE-2008-5056 | Cross-site scripting (XSS) vulnerability in department_offline_context.php in ActiveCampaign TrioLiv... | S | |
| CVE-2008-5057 | SQL injection vulnerability in film.asp in Yigit Aybuga Dizi Portali allows remote attackers to exec... | E | |
| CVE-2008-5058 | SQL injection vulnerability in siteadmin/loginsucess.php in Pre Simple CMS allows remote attackers t... | E | |
| CVE-2008-5059 | Cross-site scripting (XSS) vulnerability in index.php in ModernBill 4.4 and earlier allows remote at... | E | |
| CVE-2008-5060 | Multiple PHP remote file inclusion vulnerabilities in ModernBill 4.4 and earlier allow remote attack... | E | |
| CVE-2008-5061 | Cross-site scripting (XSS) vulnerability in php/cal_default.php in Mini Web Calendar (mwcal) 1.2 all... | E | |
| CVE-2008-5062 | Directory traversal vulnerability in php/cal_pdf.php in Mini Web Calendar (mwcal) 1.2 allows remote ... | E | |
| CVE-2008-5063 | PHP remote file inclusion vulnerability in Admin/ADM_Pagina.php in OTManager 2.4 allows remote attac... | E | |
| CVE-2008-5064 | SQL injection vulnerability in liga.php in H&H WebSoccer 2.80 allows remote attackers to execute arb... | E | |
| CVE-2008-5065 | TlGuestBook 1.2 allows remote attackers to bypass authentication and gain administrative access by s... | E | |
| CVE-2008-5066 | PHP remote file inclusion vulnerability in upload/admin/frontpage_right.php in Agares Media ThemeSit... | E | |
| CVE-2008-5067 | Cross-site scripting (XSS) vulnerability in search.php in Kmita Catalogue 2.x allows remote attacker... | E | |
| CVE-2008-5068 | Multiple cross-site scripting (XSS) vulnerabilities in Kmita Gallery allow remote attackers to injec... | | |
| CVE-2008-5069 | SQL injection vulnerability in go.php in Panuwat PromoteWeb MySQL, when magic_quotes_gpc is disabled... | E | |
| CVE-2008-5070 | SQL injection vulnerability in Pro Chat Rooms 3.0.3, when magic_quotes_gpc is disabled, allows remot... | E | |
| CVE-2008-5071 | Multiple eval injection vulnerabilities in itpm_estimate.php in Yoxel 1.23beta and earlier allow rem... | E | |
| CVE-2008-5072 | vsfilter.dll in K-Lite Mega Codec Pack 3.5.7.0 allows remote attackers to cause a denial of service ... | E | |
| CVE-2008-5073 | Heap-based buffer overflow in an ActiveX control in Novell ZENworks Desktop Management 6.5 allows re... | | |
| CVE-2008-5074 | SQL injection vulnerability in index.php in the Freshlinks 1.0 RC1 module for PHP-Fusion allows remo... | E | |
| CVE-2008-5075 | Multiple SQL injection vulnerabilities in E-Uploader Pro 1.0 (aka Uploader PRO), when magic_quotes_g... | E | |
| CVE-2008-5076 | htop 0.7 writes process names to a terminal without sanitizing non-printable characters, which might... | E | |
| CVE-2008-5077 | OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal functio... | | |
| CVE-2008-5078 | Multiple buffer overflows in the (1) recognize_eps_file function (src/psgen.c) and (2) tilde_subst f... | | |
| CVE-2008-5079 | net/atm/svc.c in the ATM subsystem in the Linux kernel 2.6.27.8 and earlier allows local users to ca... | | |
| CVE-2008-5080 | awstats.pl in AWStats 6.8 and earlier does not properly remove quote characters, which allows remote... | | |
| CVE-2008-5081 | The originates_from_local_legacy_unicast_socket function (avahi-core/server.c) in avahi-daemon in Av... | E | |
| CVE-2008-5082 | The verifyProof function in the Token Processing System (TPS) component in Red Hat Certificate Syste... | | |
| CVE-2008-5083 | In JON 2.1.x before 2.1.2 SP1, users can obtain unauthorized security information about private reso... | | |
| CVE-2008-5084 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2008-5085 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2008-5086 | Multiple methods in libvirt 0.3.2 through 0.5.1 do not check if a connection is read-only, which all... | S | |
| CVE-2008-5087 | SQL injection vulnerability in TYPO3 Another Backend Login (wrg_anotherbelogin) extension before 0.0... | | |
| CVE-2008-5088 | Multiple SQL injection vulnerabilities in PHPKB Knowledge Base Software 1.5 Professional allow remot... | E | |
| CVE-2008-5089 | Multiple insecure method vulnerabilities in the DDActiveReportsViewer2.ARViewer2 ActiveX control (ar... | | |
| CVE-2008-5090 | Electron Inc. Advanced Electron Forum before 1.0.7 allows remote attackers to execute arbitrary PHP ... | E | |
| CVE-2008-5091 | Buffer overflow in the LDAP Service in Novell eDirectory 8.7.3 before SP10a and 8.8 before SP3 allow... | | |
| CVE-2008-5092 | Heap-based buffer overflows in Novell eDirectory HTTP protocol stack (HTTPSTK) before 8.8 SP3 have u... | | |
| CVE-2008-5093 | Cross-site scripting (XSS) vulnerability in the HTTP Protocol Stack (HTTPSTK) in Novell eDirectory b... | | |
| CVE-2008-5094 | Heap-based buffer overflow in the NDS Service in Novell eDirectory before 8.8 SP3 has unknown impact... | | |
| CVE-2008-5095 | Cross-site scripting (XSS) vulnerability in the Novell User Application 3.0.1, 3.5.0, and 3.5.1; and... | | |
| CVE-2008-5096 | Unspecified vulnerability in the TYPO3 File List (file_list) extension 0.2.1 and earlier allows remo... | | |
| CVE-2008-5097 | SQL injection vulnerability in index.php in MyFWB 1.0 allows remote attackers to execute arbitrary S... | E | |
| CVE-2008-5098 | Cross-site scripting (XSS) vulnerability in Sun Java System Messaging Server 6.2 and 6.3 allows remo... | S | |
| CVE-2008-5099 | Sun Logical Domain Manager (aka LDoms Manager or ldm) 1.0 through 1.0.3 displays the value of the Op... | S | |
| CVE-2008-5100 | The strong name (SN) implementation in Microsoft .NET Framework 2.0.50727 relies on the digital sign... | E | |
| CVE-2008-5101 | Buffer overflow in the BMP reader in OptiPNG 0.6 and 0.6.1 allows user-assisted attackers to execute... | E S | |
| CVE-2008-5102 | PythonScripts in Zope 2 2.11.2 and earlier, as used in Conga and other products, allows remote authe... | S | |
| CVE-2008-5103 | The (1) python-vm-builder and (2) ubuntu-vm-builder implementations in VMBuilder 0.9 in Ubuntu 8.10 ... | E S | |
| CVE-2008-5104 | Ubuntu 6.06 LTS, 7.10, 8.04 LTS, and 8.10, when installed as a virtual machine by (1) python-vm-buil... | E S | |
| CVE-2008-5105 | KarjaSoft Sami FTP Server 2.0.x allows remote attackers to cause a denial of service (daemon crash o... | | |
| CVE-2008-5106 | Buffer overflow in KarjaSoft Sami FTP Server 2.0.x allows remote attackers to cause a denial of serv... | | |
| CVE-2008-5107 | The installation process for Citrix Presentation Server 4.5 and Desktop Server 1.0, when MSI logging... | | |
| CVE-2008-5108 | Unspecified vulnerability in Adobe AIR 1.1 and earlier allows context-dependent attackers to execute... | S | |
| CVE-2008-5109 | The default configuration of Adobe Flash Media Server (FMS) 3.0 does not enable SWF Verification for... | S | |
| CVE-2008-5110 | syslog-ng does not call chdir when it calls chroot, which might allow attackers to escape the intend... | | |
| CVE-2008-5111 | Unspecified vulnerability in the socket function in Sun Solaris 10 and OpenSolaris snv_57 through sn... | S | |
| CVE-2008-5112 | The LDAP server in Active Directory in Microsoft Windows 2000 SP4 and Server 2003 SP1 and SP2 respon... | E | |
| CVE-2008-5113 | WordPress 2.6.3 relies on the REQUEST superglobal array in certain dangerous situations, which makes... | | |
| CVE-2008-5114 | Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Identity Manager 6.0 through ... | S | |
| CVE-2008-5115 | Cross-site request forgery (CSRF) vulnerability in Sun Java System Identity Manager 6.0 through 6.0 ... | S | |
| CVE-2008-5116 | Directory traversal vulnerability in idm/includes/helpServer.jsp in Sun Java System Identity Manager... | E S | |
| CVE-2008-5117 | Open redirect vulnerability in Sun Java System Identity Manager 6.0 through 6.0 SP4, 7.0, and 7.1 al... | S | |
| CVE-2008-5118 | Sun Java System Identity Manager 6.0 through 6.0 SP4, 7.0, and 7.1 allows remote attackers to inject... | | |
| CVE-2008-5119 | Cross-site scripting (XSS) vulnerability in search.php in Scripts4Profit DXShopCart 4.30mc allows re... | | |
| CVE-2008-5120 | Stack-based buffer overflow in the Process Software MultiNet finger service (aka FINGERD) for HP Ope... | | |
| CVE-2008-5121 | dne2000.sys in Citrix Deterministic Network Enhancer (DNE) 2.21.7.233 through 3.21.7.17464, as used ... | E | |
| CVE-2008-5122 | SQL injection vulnerability in WorkArea/ContentRatingGraph.aspx in Ektron CMS400.NET 7.5.2 and earli... | E | |
| CVE-2008-5123 | SQL injection vulnerability in admin.php in CCleague Pro 1.2 allows remote attackers to execute arbi... | E | |
| CVE-2008-5124 | JSCAPE Secure FTP Applet 4.8.0 and earlier does not ask the user to verify a new or mismatched SSH h... | | |
| CVE-2008-5125 | admin.php in CCleague Pro 1.2 allows remote attackers to bypass authentication by setting the type c... | E | |
| CVE-2008-5126 | Cross-site scripting (XSS) vulnerability in search.php in BoutikOne CMS allows remote attackers to i... | E | |
| CVE-2008-5127 | Ocean12 Contact Manager Pro 1.02 stores sensitive information under the web root with insufficient a... | E | |
| CVE-2008-5128 | Ocean12 Membership Manager Pro stores sensitive information under the web root with insufficient acc... | E | |
| CVE-2008-5129 | Ocean12 Poll Manager Pro 1.00 stores sensitive information under the web root with insufficient acce... | E | |
| CVE-2008-5130 | Ocean12 Calendar Manager Gold 2.04 stores sensitive information under the web root with insufficient... | E | |
| CVE-2008-5131 | Multiple SQL injection vulnerabilities in Develop It Easy News And Article System 1.4 allow remote a... | E | |
| CVE-2008-5132 | SQL injection vulnerability in inc/ajax/ajax_rating.php in MemHT Portal 4.0.1 allows remote attacker... | E | |
| CVE-2008-5133 | ipnat in IP Filter in Sun Solaris 10 and OpenSolaris before snv_96, when running on a DNS server wit... | S | |
| CVE-2008-5134 | Buffer overflow in the lbs_process_bss function in drivers/net/wireless/libertas/scan.c in the liber... | | |
| CVE-2008-5135 | os-prober in os-prober 1.17 allows local users to overwrite arbitrary files via a symlink attack on ... | | |
| CVE-2008-5136 | tkusr in tkusr 0.82 allows local users to overwrite arbitrary files via a symlink attack on the /tmp... | | |
| CVE-2008-5137 | tkman in tkman 2.2 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tm... | | |
| CVE-2008-5138 | passwdehd in libpam-mount 0.43 allows local users to overwrite arbitrary files via a symlink attack ... | | |
| CVE-2008-5139 | updatejail in jailer 0.4 allows local users to overwrite arbitrary files via a symlink attack on a /... | | |
| CVE-2008-5140 | trend-autoupdate.new in mailscanner 4.55.10 and other versions before 4.74.16-1 allows local users t... | | |
| CVE-2008-5141 | flamethrower in flamethrower 0.1.8 allows local users to overwrite arbitrary files via a symlink att... | | |
| CVE-2008-5142 | sendbug in freebsd-sendpr 3.113+5.3 on Debian GNU/Linux allows local users to overwrite arbitrary fi... | | |
| CVE-2008-5143 | mgt-helper in multi-gnome-terminal 1.6.2 allows local users to overwrite arbitrary files via a symli... | | |
| CVE-2008-5144 | nvidia-cg-toolkit-installer in nvidia-cg-toolkit 2.0.0015 allows local users to overwrite arbitrary ... | | |
| CVE-2008-5145 | ltpmenu in ltp 20060918 allows local users to overwrite arbitrary files via a symlink attack on a /t... | | |
| CVE-2008-5146 | add-accession-numbers in ctn 3.0.6 allows local users to overwrite arbitrary files via a symlink att... | E | |
| CVE-2008-5147 | test-pipe-to-pyodconverter.org.sh in docvert 2.4 allows local users to overwrite arbitrary files via... | E | |
| CVE-2008-5148 | sch2eaglepos.sh in geda-gnetlist 1.4.0 allows local users to overwrite arbitrary files via a symlink... | E | |
| CVE-2008-5149 | fwd_check.sh in libncbi6 6.1.20080302 allows local users to overwrite arbitrary files via a symlink ... | E | |
| CVE-2008-5150 | sample.sh in maildirsync 1.1 allows local users to append data to arbitrary files via a symlink atta... | E | |
| CVE-2008-5151 | test_parser.py in mayavi 1.5 allows local users to overwrite arbitrary files via a symlink attack on... | E | |
| CVE-2008-5152 | inmail-show in mh-book 200605 allows local users to overwrite arbitrary files via a symlink attack o... | E | |
| CVE-2008-5153 | spell-check-logic.cgi in Moodle 1.8.2 allows local users to overwrite arbitrary files via a symlink ... | E | |
| CVE-2008-5154 | bluetooth.rc in p3nfs 5.19 allows local users to overwrite arbitrary files via a symlink attack on t... | E | |
| CVE-2008-5155 | mail2sms.sh in smsclient 2.0.8z allows local users to overwrite arbitrary files via a symlink attack... | E | |
| CVE-2008-5156 | si_mkbootserver in systemimager-server 3.6.3 allows local users to overwrite arbitrary files via a s... | E | |
| CVE-2008-5157 | tau 2.16.4 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/makefi... | E | |
| CVE-2008-5158 | Client Software WinCom LPD Total 3.0.2.623 and earlier allows remote attackers to bypass authenticat... | | |
| CVE-2008-5159 | Integer overflow in the remote administration protocol processing in Client Software WinCom LPD Tota... | | |
| CVE-2008-5160 | Unspecified vulnerability in MyServer 0.8.11 allows remote attackers to cause a denial of service (d... | E | |
| CVE-2008-5161 | Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4... | | |
| CVE-2008-5162 | The arc4random function in the kernel in FreeBSD 6.3 through 7.1 does not have a proper entropy sour... | | |
| CVE-2008-5163 | Multiple SQL injection vulnerabilities in The Rat CMS Pre-Alpha 2 allow remote attackers to execute ... | E | |
| CVE-2008-5164 | Multiple cross-site scripting (XSS) vulnerabilities in The Rat CMS Pre-Alpha 2 allow remote attacker... | E | |
| CVE-2008-5165 | Multiple SQL injection vulnerabilities in eTicket 1.5.7 allow remote attackers to execute arbitrary ... | E | |
| CVE-2008-5166 | SQL injection vulnerability in riddle.php in Riddles Website 1.2.1 allows remote attackers to execut... | E | |
| CVE-2008-5167 | PHP remote file inclusion vulnerability in layout/default/params.php in Boonex Orca 2.0 and 2.0.2, w... | E | |
| CVE-2008-5168 | SQL injection vulnerability in tip.php in Tips Complete Website 1.2.0 allows remote attackers to exe... | E | |
| CVE-2008-5169 | SQL injection vulnerability in drinks/drink.php in Drinks Complete Website 2.1.0 allows remote attac... | E | |
| CVE-2008-5170 | SQL injection vulnerability in item.php in Cheats Complete Website 1.1.1 allows remote attackers to ... | E | |
| CVE-2008-5171 | Multiple directory traversal vulnerabilities in admin/minibb/index.php in phpBLASTER CMS 1.0 RC1, wh... | E | |
| CVE-2008-5172 | Multiple cross-site scripting (XSS) vulnerabilities in Yazd Forum Software 3.x allow remote attacker... | | |
| CVE-2008-5173 | Unspecified vulnerability in testMaker before 3.0p16 allows remote authenticated users to execute ar... | S | |
| CVE-2008-5174 | SQL injection vulnerability in joke.php in Jokes Complete Website 2.1.3 allows remote attackers to e... | E | |
| CVE-2008-5175 | Directory traversal vulnerability in the FTP client in AceFTP Freeware 3.80.3 and AceFTP Pro 3.80.3 ... | E | |
| CVE-2008-5176 | Multiple buffer overflows in Client Software WinCom LPD Total 3.0.2.623 and earlier allow remote att... | E | |
| CVE-2008-5177 | Stack-based buffer overflow in the DtbClsLogin function in Yosemite Backup 8.7 allows remote attacke... | E | |
| CVE-2008-5178 | Heap-based buffer overflow in Opera 9.62 on Windows allows remote attackers to execute arbitrary cod... | E | |
| CVE-2008-5179 | Unspecified vulnerability in Microsoft Office Communications Server (OCS), Office Communicator, and ... | | |
| CVE-2008-5180 | Microsoft Communicator, and Communicator in Microsoft Office 2010 beta, allows remote attackers to c... | E | |
| CVE-2008-5181 | Microsoft Communicator allows remote attackers to cause a denial of service (application or device o... | | |
| CVE-2008-5182 | The inotify functionality in Linux kernel 2.6 before 2.6.28-rc5 might allow local users to gain priv... | | |
| CVE-2008-5183 | cupsd in CUPS 1.3.9 and earlier allows local users, and possibly remote attackers, to cause a denial... | E | |
| CVE-2008-5184 | The web interface (cgi-bin/admin.c) in CUPS before 1.3.8 uses the guest username when a user is not ... | E | |
| CVE-2008-5185 | The highlighting functionality in geshi.php in GeSHi before 1.0.8 allows remote attackers to cause a... | | |
| CVE-2008-5186 | The set_language_path function in geshi.php in Generic Syntax Highlighter (GeSHi) before 1.0.8.1 mig... | S | |
| CVE-2008-5187 | The load function in the XPM loader for imlib2 1.4.2, and possibly other versions, allows attackers ... | | |
| CVE-2008-5188 | The (1) ecryptfs-setup-private, (2) ecryptfs-setup-confidential, and (3) ecryptfs-setup-pam-wrapped.... | | |
| CVE-2008-5189 | CRLF injection vulnerability in Ruby on Rails before 2.0.5 allows remote attackers to inject arbitra... | S | |
| CVE-2008-5190 | SQL injection vulnerability in index.php in eSHOP100 allows remote attackers to execute arbitrary SQ... | E | |
| CVE-2008-5191 | Multiple SQL injection vulnerabilities in SePortal 2.4 allow remote attackers to execute arbitrary S... | E | |
| CVE-2008-5192 | SQL injection vulnerability in forum.asp in W1L3D4 Philboard 1.14 and 1.2 allows remote attackers to... | E | |
| CVE-2008-5193 | Cross-site scripting (XSS) vulnerability in search.asp in W1L3D4 Philboard 1.14 and 1.2 allows remot... | E | |
| CVE-2008-5194 | SQL injection vulnerability in checkavail.php in SoftVisions Software Online Booking Manager (obm) 2... | E | |
| CVE-2008-5195 | Multiple SQL injection vulnerabilities in SebracCMS (sbcms) 0.4 allow remote attackers to execute ar... | E | |
| CVE-2008-5196 | SQL injection vulnerability in kroax.php in the Kroax (the_kroax) 4.42 and earlier module for PHP-Fu... | E | |
| CVE-2008-5197 | SQL injection vulnerability in classifieds.php in PHP-Fusion allows remote attackers to execute arbi... | E | |
| CVE-2008-5198 | SQL injection vulnerability in memberlist.php in Acmlmboard 1.A2 allows remote attackers to execute ... | E | |
| CVE-2008-5199 | PHP remote file inclusion vulnerability in include.php in PHPOutsourcing IdeaBox (aka IdeBox) 1.1 al... | E | |
| CVE-2008-5200 | SQL injection vulnerability in the Xe webtv (com_xewebtv) component for Joomla! allows remote attack... | E | |
| CVE-2008-5201 | Directory traversal vulnerability in index.php in OTManager CMS 24a allows remote attackers to inclu... | E | |
| CVE-2008-5202 | Cross-site scripting (XSS) vulnerability in index.php in OTManager CMS 24a allows remote attackers t... | E | |
| CVE-2008-5203 | Cross-site scripting (XSS) vulnerability in external_vote.php in PowerAward 1.1.0 RC1 allows remote ... | E | |
| CVE-2008-5204 | Multiple directory traversal vulnerabilities in PowerAward 1.1.0 RC1, when register_globals is enabl... | E | |
| CVE-2008-5205 | Cross-site scripting (XSS) vulnerability in edit.php in wellyblog allows remote attackers to inject ... | | |
| CVE-2008-5206 | PHP remote file inclusion vulnerability in modules/mod_mainmenu.php in MosXML 1 Alpha allows remote ... | E | |
| CVE-2008-5207 | Multiple directory traversal vulnerabilities in Jonascms 1.2 allow remote attackers to include and e... | E | |
| CVE-2008-5208 | SQL injection vulnerability in sub_votepic.php in the Datsogallery (com_datsogallery) module 1.6 for... | E | |
| CVE-2008-5209 | Directory traversal vulnerability in modules/download/get_file.php in Admidio 1.4.8 allows remote at... | E S | |
| CVE-2008-5210 | Multiple PHP remote file inclusion vulnerabilities in PhpBlock A8.5 allow remote attackers to execut... | E | |
| CVE-2008-5211 | Cross-site scripting (XSS) vulnerability in search.php in Sphider 1.3.4, when the search suggestion ... | E | |
| CVE-2008-5212 | SQL injection vulnerability in classifide_ad.php in AJ Auction 6.2.1 and earlier allows remote attac... | E | |
| CVE-2008-5213 | SQL injection vulnerability in featured_article.php in AJ Article 1.0 allows remote attackers to exe... | E | |
| CVE-2008-5214 | Cross-site scripting (XSS) vulnerability in service/calendrier.php in ClanLite 2.2006.05.20 allows r... | E | |
| CVE-2008-5215 | SQL injection vulnerability in service/profil.php in ClanLite 2.2006.05.20 allows remote attackers t... | E | |
| CVE-2008-5216 | SQL injection vulnerability in category_list.php in AJ Square ZeusCart 2.0 and earlier allows remote... | E | |
| CVE-2008-5217 | Directory traversal vulnerability in index.php in txtCMS 0.3, when register_globals is enabled and m... | E | |
| CVE-2008-5218 | ScriptsEz FREEze Greetings 1.0 stores pwd.txt under the web root with insufficient access control, w... | E | |
| CVE-2008-5219 | The password change feature (admin/cp.php) in VideoScript 4.0.1.50 and earlier does not check for ad... | E | |
| CVE-2008-5220 | Unrestricted file upload vulnerability in admin/upload_form.php in wPortfolio 0.3 and earlier allows... | E | |
| CVE-2008-5221 | The account_save action in admin/userinfo.php in wPortfolio 0.3 and earlier does not require authent... | E | |
| CVE-2008-5222 | SQL injection vulnerability in login.asp in Dvbbs 8.2.0 allows remote attackers to execute arbitrary... | E | |
| CVE-2008-5223 | SQL injection vulnerability in index.php in Airvae Commerce 3.0 allows remote attackers to execute a... | E | |
| CVE-2008-5224 | Cross-site scripting (XSS) vulnerability in Kent Web Mart 1.61 and earlier allows remote attackers t... | | |
| CVE-2008-5225 | Multiple cross-site scripting (XSS) vulnerabilities in Xerox DocuShare 6 and earlier allow remote at... | | |
| CVE-2008-5226 | SQL injection vulnerability in the MambAds (com_mambads) component 1.0 RC1 Beta and 1.0 RC1 for Mamb... | E | |
| CVE-2008-5227 | Unspecified vulnerability in PHPCow allows remote attackers to execute arbitrary code via unknown ve... | | |
| CVE-2008-5228 | Cross-site scripting (XSS) vulnerability in IBM Workplace Content Management (WCM) 6.0G and 6.1 befo... | S | |
| CVE-2008-5229 | Stack-based buffer overflow in Microsoft Device IO Control in iphlpapi.dll in Microsoft Windows Vist... | E | |
| CVE-2008-5230 | The Temporal Key Integrity Protocol (TKIP) implementation in unspecified Cisco products and other ve... | E | |
| CVE-2008-5231 | Stack-based buffer overflow in the ExecuteRequest method in the Novell iPrint ActiveX control in ien... | | |
| CVE-2008-5232 | Buffer overflow in the CallHTMLHelp method in the Microsoft Windows Media Services ActiveX control i... | E | |
| CVE-2008-5233 | xine-lib 1.1.12, and other versions before 1.1.15, does not check for failure of malloc in circumsta... | | |
| CVE-2008-5234 | Multiple heap-based buffer overflows in xine-lib 1.1.12, and other versions before 1.1.15, allow rem... | S | |
| CVE-2008-5235 | Heap-based buffer overflow in the demux_real_send_chunk function in src/demuxers/demux_real.c in xin... | | |
| CVE-2008-5236 | Multiple heap-based buffer overflows in xine-lib 1.1.12, and other 1.1.15 and earlier versions, allo... | | |
| CVE-2008-5237 | Multiple integer overflows in xine-lib 1.1.12, and other 1.1.15 and earlier versions, allow remote a... | | |
| CVE-2008-5238 | Integer overflow in the real_parse_mdpr function in demux_real.c in xine-lib 1.1.12, and other versi... | | |
| CVE-2008-5239 | xine-lib 1.1.12, and other 1.1.15 and earlier versions, does not properly handle (a) negative and (b... | S | |
| CVE-2008-5240 | xine-lib 1.1.12, and other 1.1.15 and earlier versions, relies on an untrusted input value to determ... | S | |
| CVE-2008-5241 | Integer underflow in demux_qt.c in xine-lib 1.1.12, and other 1.1.15 and earlier versions, allows re... | S | |
| CVE-2008-5242 | demux_qt.c in xine-lib 1.1.12, and other 1.1.15 and earlier versions, does not validate the count fi... | S | |
| CVE-2008-5243 | The real_parse_headers function in demux_real.c in xine-lib 1.1.12, and other 1.1.15 and earlier ver... | | |
| CVE-2008-5244 | Unspecified vulnerability in xine-lib before 1.1.15 has unknown impact and attack vectors related to... | | |
| CVE-2008-5245 | xine-lib before 1.1.15 performs V4L video frame preallocation before ascertaining the required lengt... | | |
| CVE-2008-5246 | Multiple heap-based buffer overflows in xine-lib before 1.1.15 allow remote attackers to execute arb... | | |
| CVE-2008-5247 | The real_parse_audio_specific_data function in demux_real.c in xine-lib 1.1.12, and other 1.1.15 and... | | |
| CVE-2008-5248 | xine-lib before 1.1.15 allows remote attackers to cause a denial of service (crash) via "MP3 files w... | | |
| CVE-2008-5249 | Cross-site scripting (XSS) vulnerability in MediaWiki 1.13.0 through 1.13.2 allows remote attackers ... | S | |
| CVE-2008-5250 | Cross-site scripting (XSS) vulnerability in MediaWiki before 1.6.11, 1.12.x before 1.12.2, and 1.13.... | S | |
| CVE-2008-5252 | Cross-site request forgery (CSRF) vulnerability in the Special:Import feature in MediaWiki 1.3.0 thr... | S | |
| CVE-2008-5256 | The AcquireDaemonLock function in ipcdUnix.cpp in Sun Innotek VirtualBox before 2.0.6 allows local u... | S | |
| CVE-2008-5257 | webseald in WebSEAL 6.0.0.17 in IBM Tivoli Access Manager for e-business allows remote attackers to ... | S | |
| CVE-2008-5259 | Integer signedness error in DivX Web Player 1.4.2.7, and possibly earlier versions, allows remote at... | | |
| CVE-2008-5260 | Heap-based buffer overflow in the CamImage.CamImage.1 ActiveX control in AxisCamControl.ocx in AXIS ... | | |
| CVE-2008-5262 | Multiple stack-based buffer overflows in the iGetHdrHeader function in src-IL/src/il_hdr.c in DevIL ... | | |
| CVE-2008-5263 | Multiple stack-based buffer overflows in the mt_codec::getHdrHead function in kernel/kls_hdr/fmt_cod... | | |
| CVE-2008-5264 | Cross-site scripting (XSS) vulnerability in searcher.exe in Tornado Knowledge Retrieval System 4.2 a... | | |
| CVE-2008-5265 | Directory traversal vulnerability in index.php in TNT Forum 0.9.4, when magic_quotes_gpc is disabled... | E | |
| CVE-2008-5266 | Cross-site scripting (XSS) vulnerability in configuration/httpListenerEdit.jsf in the GlassFish 2 UR... | | |
| CVE-2008-5267 | SQL injection vulnerability in answer.php in Experts 1.0.0, when magic_quotes_gpc is disabled, allow... | E | |
| CVE-2008-5268 | SQL injection vulnerability in content/forums/reply.asp in ASPPortal allows remote attackers to exec... | E | |
| CVE-2008-5269 | SQL injection vulnerability in index.php in pSys 0.7.0 alpha allows remote attackers to execute arbi... | E | |
| CVE-2008-5270 | SQL injection vulnerability in view.topics.php in Yuhhu Superstar 2008 allows remote attackers to ex... | E | |
| CVE-2008-5271 | Cross-site scripting (XSS) vulnerability in index.php in Fred Stuurman SyndeoCMS 2.6.0 allows remote... | E | |
| CVE-2008-5272 | Multiple directory traversal vulnerabilities in Fred Stuurman SyndeoCMS 2.6.0 allow remote authentic... | E | |
| CVE-2008-5273 | SQL injection vulnerability in viewnews.asp in Todd Woolums ASP News Management 2.2 allows remote at... | E | |
| CVE-2008-5274 | Todd Woolums ASP News Management 2.2 allows remote attackers to obtain news items via a direct reque... | | |
| CVE-2008-5275 | Multiple directory traversal vulnerabilities in the (a) "Unzip archive" and (b) "Upload files and ar... | | |
| CVE-2008-5276 | Integer overflow in the ReadRealIndex function in real.c in the Real demuxer plugin in VideoLAN VLC ... | E | |
| CVE-2008-5277 | PowerDNS before 2.9.21.2 allows remote attackers to cause a denial of service (daemon crash) via a C... | | |
| CVE-2008-5278 | Cross-site scripting (XSS) vulnerability in the self_link function in in the RSS Feed Generator (wp-... | E S | |
| CVE-2008-5279 | The Local ZIM Server (zcs.exe) in Zilab Chat and Instant Messaging (ZIM) Server 2.1 and earlier allo... | E | |
| CVE-2008-5280 | The Local ZIM Server in Zilab Chat and Instant Messaging (ZIM) Server 2.0 and 2.1 allows remote atta... | E | |
| CVE-2008-5281 | Heap-based buffer overflow in Titan FTP Server 6.05 build 550 allows remote attackers to execute arb... | E | |
| CVE-2008-5282 | Multiple stack-based buffer overflows in W3C Amaya Web Browser 10.0.1 allow remote attackers to exec... | E | |
| CVE-2008-5283 | Google Hack Honeypot (GHH) File Upload Manager 1.3 allows remote attackers to delete uploaded files ... | E | |
| CVE-2008-5284 | The web server in IEA Software RadiusNT and RadiusX 5.1.38 and other versions before 5.1.44, Emerald... | E | |
| CVE-2008-5285 | Wireshark 1.0.4 and earlier allows remote attackers to cause a denial of service via a long SMTP req... | S | |
| CVE-2008-5286 | Integer overflow in the _cupsImageReadPNG function in CUPS 1.1.17 through 1.3.9 allows remote attack... | S | |
| CVE-2008-5287 | SQL injection vulnerability in catagorie.php in Werner Hilversum FAQ Manager 1.2 allows remote attac... | E | |
| CVE-2008-5288 | PHP remote file inclusion vulnerability in include/header.php in Werner Hilversum FAQ Manager 1.2, w... | E | |
| CVE-2008-5289 | SQL injection vulnerability in full_txt.php in Werner Hilversum Clean CMS 1.5 allows remote attacker... | E | |
| CVE-2008-5290 | Cross-site scripting (XSS) vulnerability in full_txt.php in Werner Hilversum Clean CMS 1.5 allows re... | E | |
| CVE-2008-5291 | Directory traversal vulnerability in code/track.php in FuzzyLime 3.03 allows remote attackers to inc... | E | |
| CVE-2008-5292 | SQL injection vulnerability in view_snaps.php in VideoGirls BiZ allows remote attackers to execute a... | E | |
| CVE-2008-5293 | SQL injection vulnerability in index.php in WebStudio eHotel allows remote attackers to execute arbi... | E | |
| CVE-2008-5294 | SQL injection vulnerability in index.php in WebStudio eCatalogue allows remote attackers to execute ... | E | |
| CVE-2008-5295 | SQL injection vulnerability in index.php in Jamit Job Board 3.4.10 allows remote attackers to execut... | E | |
| CVE-2008-5296 | Gallery 1.5.x before 1.5.10 and 1.6 before 1.6-RC3, when register_globals is enabled, allows remote ... | S | |
| CVE-2008-5297 | Buffer overflow in No-IP DUC 2.1.7 and earlier allows remote HTTP servers to execute arbitrary code ... | E | |
| CVE-2008-5298 | chm2pdf 0.9 uses temporary files in directories with fixed names, which allows local users to cause ... | | |
| CVE-2008-5299 | chm2pdf 0.9 allows user-assisted local users to delete arbitrary files via a symlink attack on .chm ... | | |
| CVE-2008-5300 | Linux kernel 2.6.28 allows local users to cause a denial of service ("soft lockup" and process loss)... | | |
| CVE-2008-5301 | Directory traversal vulnerability in the ManageSieve implementation in Dovecot 1.0.15, 1.1, and 1.2 ... | S | |
| CVE-2008-5302 | Race condition in the rmtree function in File::Path 1.08 and 2.07 (lib/File/Path.pm) in Perl 5.8.8 a... | E | |
| CVE-2008-5303 | Race condition in the rmtree function in File::Path 1.08 (lib/File/Path.pm) in Perl 5.8.8 allows loc... | E | |
| CVE-2008-5304 | Cross-site scripting (XSS) vulnerability in TWiki before 4.2.4 allows remote attackers to inject arb... | E S | |
| CVE-2008-5305 | Eval injection vulnerability in TWiki before 4.2.4 allows remote attackers to execute arbitrary Perl... | | |
| CVE-2008-5306 | SQL injection vulnerability in admin/index.php in PG Real Estate Solution allows remote attackers to... | E | |
| CVE-2008-5307 | SQL injection vulnerability in admin/index.php in PG Roommate Finder Solution allows remote attacker... | E | |
| CVE-2008-5308 | The Simple Forum 3.1d module for LoveCMS 1.6.2 Final does not properly restrict access to administra... | E | |
| CVE-2008-5309 | SQL injection vulnerability in NetArt Media Real Estate Portal 1.2 allows remote attackers to execut... | E | |
| CVE-2008-5310 | SQL injection vulnerability in image.php in NetArt Media Car Portal 2.0 allows remote attackers to e... | E | |
| CVE-2008-5311 | SQL injection vulnerability in image.php in NetArt Media Blog System 1.5 allows remote attackers to ... | E | |
| CVE-2008-5312 | mailscanner 4.55.10 and other versions before 4.74.16-1 might allow local users to overwrite arbitra... | | |
| CVE-2008-5313 | mailscanner 4.68.8 and other versions before 4.74.16-1 might allow local users to overwrite arbitrar... | | |
| CVE-2008-5314 | Stack consumption vulnerability in libclamav/special.c in ClamAV before 0.94.2 allows remote attacke... | E | |
| CVE-2008-5315 | Directory traversal vulnerability in the web interface in Apple iPhone Configuration Web Utility 1.0... | | |
| CVE-2008-5316 | Buffer overflow in the ReadEmbeddedTextTag function in src/cmsio1.c in Little cms color engine (aka ... | E S | |
| CVE-2008-5317 | Integer signedness error in the cmsAllocGamma function in src/cmsgamma.c in Little cms color engine ... | S | |
| CVE-2008-5318 | Unspecified vulnerability in Tikiwiki before 2.2 has unknown impact and attack vectors related to "s... | S | |
| CVE-2008-5319 | Unspecified vulnerability in Tikiwiki before 2.2 has unknown impact and attack vectors related to ti... | | |
| CVE-2008-5320 | SQL injection vulnerability in usersettings.php in e107 0.7.13 and earlier allows remote authenticat... | E | |
| CVE-2008-5321 | SQL injection vulnerability in index.php in GesGaleri, a module for XOOPS, allows remote attackers t... | E | |
| CVE-2008-5322 | Wysi Wiki Wyg 1.0 allows remote attackers to obtain system information via an invalid categup parame... | E | |
| CVE-2008-5323 | Cross-site scripting (XSS) vulnerability in index.php in Wysi Wiki Wyg 1.0 allows remote attackers t... | E | |
| CVE-2008-5324 | Multiple cross-site scripting (XSS) vulnerabilities in CQ Web in IBM Rational ClearQuest 2007 before... | | |
| CVE-2008-5325 | Multiple cross-site scripting (XSS) vulnerabilities in CQ Web in IBM Rational ClearQuest 7.0.0 befor... | | |
| CVE-2008-5326 | The ClearQuest Maintenance Tool in IBM Rational ClearQuest 7.0.0 before 7.0.0.4 and 7.0.1 before 7.0... | S | |
| CVE-2008-5327 | The ClearQuest Maintenance Tool in IBM Rational ClearQuest 7 before 7.1 stores the database password... | | |
| CVE-2008-5328 | The ClearQuest Maintenance Tool in IBM Rational ClearQuest before 7 stores the database password in ... | | |
| CVE-2008-5329 | ClearQuest Web in IBM Rational ClearQuest MultiSite before 7.1 allows remote servers to direct a cli... | | |
| CVE-2008-5330 | Multiple cross-site scripting (XSS) vulnerabilities in the web interface in ClearCase RWP server in ... | | |
| CVE-2008-5331 | Adobe Acrobat 9 uses more efficient encryption than previous versions, which makes it easier for att... | | |
| CVE-2008-5332 | Multiple PHP remote file inclusion vulnerabilities in Pie 0.5.3 allow remote attackers to execute ar... | E | |
| CVE-2008-5333 | SQL injection vulnerability in members.php in NitroTech 0.0.3a allows remote attackers to execute ar... | E | |
| CVE-2008-5334 | PHP remote file inclusion vulnerability in includes/common.php in NitroTech 0.0.3a allows remote att... | E | |
| CVE-2008-5335 | SQL injection vulnerability in messages.php in PHP-Fusion 6.01.15 and 7.00.1, when magic_quotes_gpc ... | E S | |
| CVE-2008-5336 | SQL injection vulnerability in index.php in WebStudio CMS allows remote attackers to execute arbitra... | E | |
| CVE-2008-5337 | SQL injection vulnerability in lyrics.php in Bandwebsite (aka Bandsite portal system) 1.5 allows rem... | E | |
| CVE-2008-5338 | Cross-site scripting (XSS) vulnerability in info.php in Bandwebsite (aka Bandsite portal system) 1.5... | E | |
| CVE-2008-5339 | Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 ... | S | |
| CVE-2008-5340 | Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 ... | S | |
| CVE-2008-5341 | Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 ... | S | |
| CVE-2008-5342 | Unspecified vulnerability in the BasicService for Java Web Start (JWS) and Java Plug-in with Sun JDK... | S | |
| CVE-2008-5343 | Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 ... | S | |
| CVE-2008-5344 | Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 ... | S | |
| CVE-2008-5345 | Unspecified vulnerability in Java Runtime Environment (JRE) with Sun JDK and JRE 6 Update 10 and ear... | | |
| CVE-2008-5346 | Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 5.0 Update 16 and ea... | S | |
| CVE-2008-5347 | Multiple unspecified vulnerabilities in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update ... | S | |
| CVE-2008-5348 | Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earl... | S | |
| CVE-2008-5349 | Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earl... | S | |
| CVE-2008-5350 | Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earl... | S | |
| CVE-2008-5351 | Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 1... | S | |
| CVE-2008-5352 | Integer overflow in the JAR unpacking utility (unpack200) in the unpack library (unpack.dll) in Java... | S | |
| CVE-2008-5353 | The Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Upda... | S | |
| CVE-2008-5354 | Stack-based buffer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and ea... | S | |
| CVE-2008-5355 | The "Java Update" feature for Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and ear... | S | |
| CVE-2008-5356 | Heap-based buffer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and ear... | S | |
| CVE-2008-5357 | Integer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK ... | S | |
| CVE-2008-5358 | Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier might allow remote attack... | S | |
| CVE-2008-5359 | Buffer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK a... | S | |
| CVE-2008-5360 | Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 1... | S | |
| CVE-2008-5361 | The ActionScript 2 virtual machine in Adobe Flash Player 10.x before 10.0.12.36 and 9.x before 9.0.1... | S | |
| CVE-2008-5362 | The DefineConstantPool action in the ActionScript 2 virtual machine in Adobe Flash Player 10.x befor... | S | |
| CVE-2008-5363 | The ActionScript 2 virtual machine in Adobe Flash Player 10.x before 10.0.12.36 and 9.x before 9.0.1... | S | |
| CVE-2008-5364 | Stack-based buffer overflow in the getPlus ActiveX control in gp.ocx 1.2.2.50 in NOS Microsystems ge... | | |
| CVE-2008-5365 | SQL injection vulnerability in VoteHistory.asp in ActiveWebSoftwares ActiveVotes 2.2 allows remote a... | E | |
| CVE-2008-5366 | The postinst script in ppp 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary fi... | | |
| CVE-2008-5367 | ip-up in ppp-udeb 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a... | | |
| CVE-2008-5368 | muttprint in muttprint 0.72d allows local users to overwrite arbitrary files via a symlink attack on... | | |
| CVE-2008-5369 | noip2 in noip2 2.1.7 allows local users to overwrite arbitrary files via a symlink attack on the /tm... | | |
| CVE-2008-5370 | pvpgn-support-installer in pvpgn 1.8.1 allows local users to overwrite arbitrary files via a symlink... | | |
| CVE-2008-5371 | screenie in screenie 1.30.0 allows local users to overwrite arbitrary files via a symlink attack on ... | | |
| CVE-2008-5372 | sdm-login in sdm-terminal 0.4.0b allows local users to overwrite arbitrary files via a symlink attac... | | |
| CVE-2008-5373 | mtx-changer.Adic-Scalar-24 in bacula-common 2.4.2 allows local users to overwrite arbitrary files vi... | | |
| CVE-2008-5374 | bash-doc 3.2 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/cb#####.... | | |
| CVE-2008-5375 | cmus-status-display in cmus 2.2.0 allows local users to overwrite arbitrary files via a symlink atta... | | |
| CVE-2008-5376 | editcomment in crip 3.7 allows local users to overwrite arbitrary files via a symlink attack on a /t... | | |
| CVE-2008-5377 | pstopdf in CUPS 1.3.8 allows local users to overwrite arbitrary files via a symlink attack on the /t... | E | |
| CVE-2008-5378 | arb-kill in arb 0.0.20071207.1 allows local users to overwrite arbitrary files via a symlink attack ... | | |
| CVE-2008-5379 | netdisco-mibs-installer 1.0 allows local users to overwrite arbitrary files via a symlink attack on ... | | |
| CVE-2008-5380 | gpsdrive (aka gpsdrive-scripts) 2.09 allows local users to overwrite arbitrary files via a symlink a... | | |
| CVE-2008-5381 | Buffer overflow in the URL processing in ffdshow (aka ffdshow-tryout) before SVN revision 2347 allow... | | |
| CVE-2008-5382 | Cross-site request forgery (CSRF) vulnerability in I-O DATA DEVICE HDL-F160, HDL-F250, HDL-F300, and... | | |
| CVE-2008-5383 | Stack-based buffer overflow in National Instruments Electronics Workbench allows user-assisted attac... | E | |
| CVE-2008-5384 | crontab in bos.rte.cron in IBM AIX 6.1.0 through 6.1.2 allows local users with aix.system.config.cro... | S | |
| CVE-2008-5385 | enq in bos.rte.printers in IBM AIX 6.1.0 through 6.1.2, when a print queue is defined in /etc/qconfi... | S | |
| CVE-2008-5386 | Buffer overflow in ndp in IBM AIX 6.1.0 through 6.1.2, when the netcd daemon is running, allows loca... | S | |
| CVE-2008-5387 | Buffer overflow in autoconf6 in IBM AIX 6.1.0 through 6.1.2, when Role-Based Access Control is enabl... | S | |
| CVE-2008-5388 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2008-5389 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2008-5390 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2008-5391 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2008-5392 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2008-5393 | UPR-Kernel in Ubuntu Privacy Remix (UPR) before 8.04_r1 includes kernel support for mounting RAID ar... | S | |
| CVE-2008-5394 | /bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows lo... | E | |
| CVE-2008-5395 | The parisc_show_stack function in arch/parisc/kernel/traps.c in the Linux kernel before 2.6.28-rc7 o... | | |
| CVE-2008-5396 | Array index error in the (1) torisa.c and (2) dahdi/tor2.c drivers in Zaptel (aka DAHDI) 1.4.11 and ... | | |
| CVE-2008-5397 | Tor before 0.2.0.32 does not properly process the (1) User and (2) Group configuration options, whic... | S | |
| CVE-2008-5398 | Tor before 0.2.0.32 does not properly process the ClientDNSRejectInternalAddresses configuration opt... | S | |
| CVE-2008-5399 | Cross-site scripting (XSS) vulnerability in the listonlineusers (aka "Who's online") component in mv... | | |
| CVE-2008-5400 | Multiple cross-site request forgery (CSRF) vulnerabilities in mvnForum before 1.2.1 GA allow remote ... | | |
| CVE-2008-5401 | Stack-based buffer overflow in the image tooltip implementation in Trillian before 3.1.12.0 allows r... | | |
| CVE-2008-5402 | Double free vulnerability in the XML parser in Trillian before 3.1.12.0 allows remote attackers to e... | | |
| CVE-2008-5403 | Heap-based buffer overflow in the XML parser in the AIM plugin in Trillian before 3.1.12.0 allows re... | | |
| CVE-2008-5404 | Insecure method vulnerability in the FlexCell.Grid ActiveX control in FlexCell.ocx 5.7.0.1 in FlexCe... | | |
| CVE-2008-5405 | Stack-based buffer overflow in the RDP protocol password decoder in Cain & Abel 4.9.23 and 4.9.24, a... | E | |
| CVE-2008-5406 | Stack-based buffer overflow in Apple QuickTime Player 7.5.5 and iTunes 8.0.2.20 allows remote attack... | E | |
| CVE-2008-5407 | Multiple unspecified vulnerabilities in the Backup Exec remote-agent logon process in Symantec Backu... | S | |
| CVE-2008-5408 | Buffer overflow in the data management protocol in Symantec Backup Exec for Windows Servers 11.0 (ak... | S | |
| CVE-2008-5409 | Unspecified vulnerability in the pdf.xmd module in (1) BitDefender Free Edition 10 and Antivirus Sta... | E | |
| CVE-2008-5410 | The PK11_SESSION cache in the OpenSSL PKCS#11 engine in Sun Solaris 10 does not maintain reference c... | S | |
| CVE-2008-5411 | IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 sends SSL traffic over "unsecured TCP," whic... | S | |
| CVE-2008-5412 | Unspecified vulnerability in IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 on Windows has ... | S | |
| CVE-2008-5413 | PerfServlet in the PMI/Performance Tools component in IBM WebSphere Application Server (WAS) 7 befor... | S | |
| CVE-2008-5414 | Unspecified vulnerability in the Feature Pack for Web Services in the Web Services Security componen... | S | |
| CVE-2008-5415 | The LDBserver service in the server in CA ARCserve Backup 11.1 through 12.0 on Windows allows remote... | S | |
| CVE-2008-5416 | Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and earlier; SQL ... | E | |
| CVE-2008-5417 | HP DECnet-Plus 8.3 before ECO03 for OpenVMS on the Alpha platform uses world-writable permissions fo... | | |
| CVE-2008-5418 | Directory traversal vulnerability in login.php in the PunPortal module before 2.0 for PunBB allows r... | E | |
| CVE-2008-5419 | Stack-based buffer overflow in SAN Manager Master Agent service (aka msragent.exe) in EMC Control Ce... | | |
| CVE-2008-5420 | The SAN Manager Master Agent service (aka msragent.exe) in EMC Control Center before 6.1 does not pr... | | |
| CVE-2008-5421 | The SSL web administration service in NetWin SmsGate 1.1n and earlier allows remote attackers to cau... | E | |
| CVE-2008-5422 | Sun Sun Ray Server Software 3.1 through 4.0 does not properly restrict access, which allows remote a... | S | |
| CVE-2008-5423 | Sun Sun Ray Server Software 3.x and 4.0 and Sun Ray Windows Connector 1.1 and 2.0 expose the LDAP pa... | S | |
| CVE-2008-5424 | The MimeOleClearDirtyTree function in InetComm.dll in Microsoft Outlook Express 6.00.2900.5512 does ... | E | |
| CVE-2008-5425 | ESet NOD32 2.70.0039.0000 does not properly handle (1) multipart/mixed e-mail messages with many MIM... | E | |
| CVE-2008-5426 | Kaspersky Internet Security Suite 2009 does not properly handle (1) multipart/mixed e-mail messages ... | E | |
| CVE-2008-5427 | Norton Antivirus in Norton Internet Security 15.5.0.23 does not properly handle (1) multipart/mixed ... | E | |
| CVE-2008-5428 | Opera 9.51 on Windows XP does not properly handle (1) multipart/mixed e-mail messages with many MIME... | E | |
| CVE-2008-5429 | Incredimail build 5853710 does not properly handle (1) multipart/mixed e-mail messages with many MIM... | E | |
| CVE-2008-5430 | Mozilla Thunderbird 2.0.14 does not properly handle (1) multipart/mixed e-mail messages with many MI... | | |
| CVE-2008-5431 | Teamtek Universal FTP Server 1.0.44 allows remote attackers to cause a denial of service via (1) a c... | | |
| CVE-2008-5432 | Cross-site scripting (XSS) vulnerability in Moodle before 1.6.8, 1.7 before 1.7.6, 1.8 before 1.8.7,... | | |
| CVE-2008-5433 | Cross-site scripting (XSS) vulnerability in login.php in PunBB 1.3 and 1.3.1 allows remote attackers... | | |
| CVE-2008-5434 | Multiple SQL injection vulnerabilities in PunBB 1.3 and 1.3.1 allow remote authenticated administrat... | | |
| CVE-2008-5435 | Cross-site scripting (XSS) vulnerability in moderate.php in PunBB before 1.3.1 allows remote attacke... | | |
| CVE-2008-5436 | Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0... | | |
| CVE-2008-5437 | Unspecified vulnerability in the Job Queue component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5... | | |
| CVE-2008-5438 | Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 10.1.2.3 and 1... | | |
| CVE-2008-5439 | Unspecified vulnerability in the SQL*Plus Windows GUI component in Oracle Database 10.2.0.4 allows r... | | |
| CVE-2008-5440 | Unspecified vulnerability in the TimesTen Data Server component in Oracle Database 7.0.5.0.0 allows ... | | |
| CVE-2008-5441 | Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 all... | | |
| CVE-2008-5442 | Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 all... | | |
| CVE-2008-5443 | Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 all... | | |
| CVE-2008-5444 | Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 all... | | |
| CVE-2008-5445 | Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 all... | | |
| CVE-2008-5446 | Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite ... | E | |
| CVE-2008-5447 | Unspecified vulnerability in the Oracle Enterprise Manager component in Oracle Enterprise Manager 10... | | |
| CVE-2008-5448 | Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 all... | | |
| CVE-2008-5449 | Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 all... | | |
| CVE-2008-5450 | Unspecified vulnerability in the Oracle Applications Platform Engineering component in Oracle E-Busi... | | |
| CVE-2008-5451 | Unspecified vulnerability in the JD Edwards Tools component in Oracle PeopleSoft Enterprise and JD E... | | |
| CVE-2008-5452 | Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Enterpris... | | |
| CVE-2008-5453 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2008-5454 | Unspecified vulnerability in the iProcurement component in Oracle E-Business Suite 11.5.10 CU2 and 1... | | |
| CVE-2008-5455 | Unspecified vulnerability in the PeopleSoft Enterprise HRMS - ePerformance component in Oracle Peopl... | | |
| CVE-2008-5456 | Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Enterpris... | | |
| CVE-2008-5457 | Unspecified vulnerability in the Oracle BEA WebLogic Server Plugins for Apache, Sun and IIS web serv... | | |
| CVE-2008-5458 | Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su... | | |
| CVE-2008-5459 | Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3 allows remote a... | | |
| CVE-2008-5460 | Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 ... | | |
| CVE-2008-5461 | Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 ... | | |
| CVE-2008-5462 | Unspecified vulnerability in the WebLogic Portal component in BEA Product Suite 10.3, 10.2, 10.0 MP1... | | |
| CVE-2008-5463 | Unspecified vulnerability in the PeopleSoft Enterprise Campus Solutions component in Oracle PeopleSo... | | |
| CVE-2008-5464 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2008-5465 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2008-5466 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2008-5467 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2008-5468 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2008-5469 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2008-5470 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2008-5471 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2008-5472 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2008-5473 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2008-5474 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2008-5475 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2008-5476 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2008-5477 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2008-5478 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2008-5479 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2008-5480 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2008-5481 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2008-5482 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2008-5483 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2008-5484 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2008-5485 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2008-5486 | SQL injection vulnerability in admin.php in TurnkeyForms Text Link Sales allows remote attackers to ... | E | |
| CVE-2008-5487 | Cross-site scripting (XSS) vulnerability in admin.php in TurnkeyForms Text Link Sales allows remote ... | E | |
| CVE-2008-5488 | SQL injection vulnerability in admin.php in E-topbiz Domain Shop 2 allows remote attackers to execut... | E | |
| CVE-2008-5489 | SQL injection vulnerability in channel_detail.php in ClipShare Pro 4, and 2006 through 2007, allows ... | E | |
| CVE-2008-5490 | SQL injection vulnerability in index.php in PHPStore Yahoo Answers allows remote attackers to execut... | E | |
| CVE-2008-5491 | SQL injection vulnerability in edit.php in SlimCMS 1.0.0 and earlier allows remote attackers to exec... | E | |
| CVE-2008-5492 | Heap-based buffer overflow in the PDFVIEW.PdfviewCtrl.1 ActiveX control in pdfview.ocx 2.0.0.1 in Ve... | E | |
| CVE-2008-5493 | SQL injection vulnerability in track.php in PHPStore Wholesales (aka Wholesale) allows remote attack... | E | |
| CVE-2008-5494 | SQL injection vulnerability in the Contact Information Module (com_contactinfo) component 1.0 for Jo... | E | |
| CVE-2008-5495 | Unspecified vulnerability in the GungHo LoadPrgAx ActiveX control 1.0.0.6 and earlier allows remote ... | | |
| CVE-2008-5496 | SQL injection vulnerability in showcategory.php in PozScripts Business Directory Script allows remot... | E | |
| CVE-2008-5497 | BandSite CMS 1.1.4 allows remote attackers to bypass authentication and gain administrative access b... | E | |
| CVE-2008-5498 | Array index error in the imageRotate function in PHP 5.2.8 and earlier allows context-dependent atta... | E | |
| CVE-2008-5499 | Unspecified vulnerability in Adobe Flash Player for Linux 10.0.12.36, and 9.0.151.0 and earlier, all... | S | |
| CVE-2008-5500 | The layout engine in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x befor... | | |
| CVE-2008-5501 | The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x before 2.0.0.19, and SeaMonke... | | |
| CVE-2008-5502 | The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x before 2.0.0.19, and SeaMonke... | | |
| CVE-2008-5503 | The loadBindingDocument function in Mozilla Firefox 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.... | | |
| CVE-2008-5504 | Mozilla Firefox 2.x before 2.0.0.19 allows remote attackers to run arbitrary JavaScript with chrome ... | | |
| CVE-2008-5505 | Mozilla Firefox 3.x before 3.0.5 allows remote attackers to bypass intended privacy restrictions by ... | | |
| CVE-2008-5506 | Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMo... | | |
| CVE-2008-5507 | Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMo... | | |
| CVE-2008-5508 | Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMo... | | |
| CVE-2008-5509 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs:CVE-2008-5508. Reason: This candidate ... | R | |
| CVE-2008-5510 | The CSS parser in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2... | | |
| CVE-2008-5511 | Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMo... | | |
| CVE-2008-5512 | Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Th... | | |
| CVE-2008-5513 | Unspecified vulnerability in the session-restore feature in Mozilla Firefox 3.x before 3.0.5 and 2.x... | | |
| CVE-2008-5514 | Off-by-one error in the rfc822_output_char function in the RFC822BUFFER routines in the University o... | | |
| CVE-2008-5515 | Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier... | S | |
| CVE-2008-5516 | The web interface in git (gitweb) 1.5.x before 1.5.5 allows remote attackers to execute arbitrary co... | | |
| CVE-2008-5517 | The web interface in git (gitweb) 1.5.x before 1.5.6 allows remote attackers to execute arbitrary co... | S | |
| CVE-2008-5518 | Multiple directory traversal vulnerabilities in the web administration console in Apache Geronimo Ap... | E S | |
| CVE-2008-5519 | The JK Connector (aka mod_jk) 1.2.0 through 1.2.26 in Apache Tomcat allows remote attackers to obtai... | E | |
| CVE-2008-5520 | AhnLab V3 2008.12.4.1 and possibly 2008.9.13.0, when Internet Explorer 6 or 7 is used, allows remote... | | |
| CVE-2008-5521 | Avira AntiVir 7.9.0.36 and possibly 7.8.1.28, when Internet Explorer 6 or 7 is used, allows remote a... | | |
| CVE-2008-5522 | AVG Anti-Virus 8.0.0.161, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass d... | | |
| CVE-2008-5523 | avast! antivirus 4.8.1281.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypas... | | |
| CVE-2008-5524 | CAT-QuickHeal 10.00 and possibly 9.50, when Internet Explorer 6 or 7 is used, allows remote attacker... | | |
| CVE-2008-5525 | ClamAV 0.94.1 and possibly 0.93.1, when Internet Explorer 6 or 7 is used, allows remote attackers to... | | |
| CVE-2008-5526 | DrWeb Anti-virus 4.44.0.09170, when Internet Explorer 6 or 7 is used, allows remote attackers to byp... | | |
| CVE-2008-5527 | ESET Smart Security, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detect... | | |
| CVE-2008-5528 | Aladdin eSafe 7.0.17.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass det... | | |
| CVE-2008-5529 | CA eTrust Antivirus 31.6.6086, when Internet Explorer 6 or 7 is used, allows remote attackers to byp... | | |
| CVE-2008-5530 | Ewido Security Suite 4.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass d... | | |
| CVE-2008-5531 | Fortinet Antivirus 3.113.0.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypa... | | |
| CVE-2008-5532 | Ikarus Virus Utilities T3.1.1.45.0 and possibly T3.1.1.34.0, when Internet Explorer 6 or 7 is used, ... | | |
| CVE-2008-5533 | K7AntiVirus 7.10.541 and possibly 7.10.454, when Internet Explorer 6 or 7 is used, allows remote att... | | |
| CVE-2008-5534 | ESET NOD32 Antivirus 3662 and possibly 3440, when Internet Explorer 6 or 7 is used, allows remote at... | | |
| CVE-2008-5535 | Norman Antivirus 5.80.02, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass d... | | |
| CVE-2008-5536 | Panda Antivirus 9.0.0.4, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass de... | | |
| CVE-2008-5537 | PC Tools AntiVirus 4.4.2.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass... | | |
| CVE-2008-5538 | Prevx Prevx1 2, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection o... | | |
| CVE-2008-5539 | RISING Antivirus 21.06.31.00 and possibly 20.61.42.00, when Internet Explorer 6 or 7 is used, allows... | | |
| CVE-2008-5540 | Secure Computing Secure Web Gateway (aka Webwasher), when Internet Explorer 6 or 7 is used, allows r... | | |
| CVE-2008-5541 | Sophos Anti-Virus 4.33.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass d... | | |
| CVE-2008-5542 | Sunbelt VIPRE 3.1.1832.2 and possibly 3.1.1633.1, when Internet Explorer 6 or 7 is used, allows remo... | | |
| CVE-2008-5543 | Symantec AntiVirus (SAV) 10, when Internet Explorer 6 or 7 is used, allows remote attackers to bypas... | | |
| CVE-2008-5544 | Hacksoft The Hacker 6.3.1.2.174 and possibly 6.3.0.9.081, when Internet Explorer 6 or 7 is used, all... | | |
| CVE-2008-5545 | Trend Micro VSAPI 8.700.0.1004 in Trend Micro AntiVirus, when Internet Explorer 6 or 7 is used, allo... | | |
| CVE-2008-5546 | VirusBlokAda VBA32 3.12.8.5, when Internet Explorer 6 or 7 is used, allows remote attackers to bypas... | | |
| CVE-2008-5547 | HAURI ViRobot 2008.12.4.1499 and possibly 2008.9.12.1375, when Internet Explorer 6 or 7 is used, all... | | |
| CVE-2008-5548 | VirusBuster 4.5.11.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detec... | | |
| CVE-2008-5549 | Unspecified vulnerability in the Sun Java Web Console components in Sun Java System Portal Server 7.... | S | |
| CVE-2008-5550 | Open redirect vulnerability in console/faces/jsp/login/BeginLogin.jsp in Sun Java Web Console 3.0.2 ... | S | |
| CVE-2008-5551 | The XSS Filter in Microsoft Internet Explorer 8.0 Beta 2 allows remote attackers to bypass the XSS p... | E | |
| CVE-2008-5552 | The XSS Filter in Microsoft Internet Explorer 8.0 Beta 2 allows remote attackers to bypass the XSS p... | | |
| CVE-2008-5553 | The XSS Filter in Microsoft Internet Explorer 8.0 Beta 2 disables itself upon encountering a certain... | | |
| CVE-2008-5554 | The XSS Filter in Microsoft Internet Explorer 8.0 Beta 2 does not properly handle some HTTP headers ... | | |
| CVE-2008-5555 | Microsoft Internet Explorer 8.0 Beta 2 relies on the XDomainRequestAllowed HTTP header to authorize ... | | |
| CVE-2008-5556 | The XSS Filter in Microsoft Internet Explorer 8.0 Beta 2 does not recognize attack patterns designed... | | |
| CVE-2008-5557 | Heap-based buffer overflow in ext/mbstring/libmbfl/filters/mbfilter_htmlent.c in the mbstring extens... | E | |
| CVE-2008-5558 | Asterisk Open Source 1.2.26 through 1.2.30.3 and Business Edition B.2.3.5 through B.2.5.5, when real... | | |
| CVE-2008-5559 | SQL injection vulnerability in sendcard.cfm in PostEcards allows remote attackers to execute arbitra... | E | |
| CVE-2008-5560 | PostEcards stores sensitive information under the web root with insufficient access control, which a... | E | |
| CVE-2008-5561 | SQL injection vulnerability in Netref 4.0 allows remote attackers to execute arbitrary SQL commands ... | E | |
| CVE-2008-5562 | ASPPortal stores sensitive information under the web root with insufficient access control, which al... | E | |
| CVE-2008-5563 | Aruba Mobility Controller 2.4.8.x-FIPS, 2.5.x, 3.1.x, 3.2.x, 3.3.1.x, and 3.3.2.x allows remote atta... | | |
| CVE-2008-5564 | Unspecified vulnerability in the media server in Orb Networks Orb before 2.01.0025 allows remote att... | | |
| CVE-2008-5565 | Cross-site request forgery (CSRF) vulnerability in admin/settings.php in DL PayCart 1.34 and earlier... | E | |
| CVE-2008-5566 | Cross-site scripting (XSS) vulnerability in index.php in Triangle Solutions PHP Multiple Newsletters... | E | |
| CVE-2008-5567 | Cross-site request forgery (CSRF) vulnerability in admin/ad_settings.php in Bonza Cart 1.10 and earl... | E | |
| CVE-2008-5568 | Cross-site request forgery (CSRF) vulnerability in admin/settings.php in IPN Pro 3 1.44 and earlier ... | E | |
| CVE-2008-5569 | Multiple cross-site scripting (XSS) vulnerabilities in PHPepperShop 1.4 allow remote attackers to in... | E | |
| CVE-2008-5570 | Directory traversal vulnerability in index.php in PHP Multiple Newsletters 2.7, when magic_quotes_gp... | E | |
| CVE-2008-5571 | SQL injection vulnerability in admin/login.asp in Professional Download Assistant 0.1 allows remote ... | E | |
| CVE-2008-5572 | Professional Download Assistant 0.1 stores sensitive information under the web root with insufficien... | E | |
| CVE-2008-5573 | SQL injection vulnerability in the login feature in Poll Pro 2.0 allows remote attackers to execute ... | E | |
| CVE-2008-5574 | SQL injection vulnerability in member.php in Webmaster Marketplace allows remote attackers to execut... | E | |
| CVE-2008-5575 | Session fixation vulnerability in Pro Clan Manager 0.4.2 and earlier allows remote attackers to hija... | | |
| CVE-2008-5576 | admin/forums.php in sCssBoard 1.0, 1.1, 1.11, and 1.12 allows remote attackers to bypass authenticat... | E | |
| CVE-2008-5577 | PHP remote file inclusion vulnerability in index.php in sCssBoard 1.0, 1.1, 1.11, and 1.12 allows re... | E | |
| CVE-2008-5578 | Multiple SQL injection vulnerabilities in index.php in sCssBoard 1.0, 1.1, 1.11, and 1.12 allow remo... | E | |
| CVE-2008-5579 | Absolute path traversal vulnerability in mini-pub.php/front-end/cat.php in mini-pub 0.3 allows remot... | E | |
| CVE-2008-5580 | mini-pub.php/front-end/cat.php in mini-pub 0.3 allows remote attackers to execute arbitrary commands... | E | |
| CVE-2008-5581 | PHP remote file inclusion vulnerability in mini-pub.php/front-end/img.php in mini-pub 0.3 allows rem... | E | |
| CVE-2008-5582 | SQL injection vulnerability in utilities/login.asp in Nukedit 4.9.x, and possibly earlier, allows re... | E | |
| CVE-2008-5583 | Cross-site request forgery (CSRF) vulnerability in index.php in ProjectPier 0.8 and earlier allows r... | E S | |
| CVE-2008-5584 | Multiple cross-site scripting (XSS) vulnerabilities in ProjectPier 0.8 and earlier allow remote atta... | S | |
| CVE-2008-5585 | Multiple PHP remote file inclusion vulnerabilities in lcxBBportal 0.1 Alpha 2 allow remote attackers... | E | |
| CVE-2008-5586 | SQL injection vulnerability in findoffice.php in Check Up New Generation (aka Check New) 4.52, when ... | E | |
| CVE-2008-5587 | Directory traversal vulnerability in libraries/lib.inc.php in phpPgAdmin 4.2.1 and earlier, when reg... | E | |
| CVE-2008-5588 | SQL injection vulnerability in rankup.asp in Katy Whitton RankEm allows remote attackers to execute ... | E | |
| CVE-2008-5589 | SQL injection vulnerability in processlogin.asp in Katy Whitton RankEm allows remote attackers to ex... | E | |
| CVE-2008-5590 | SQL injection vulnerability in customer.forumtopic.php in Kalptaru Infotech Product Sale Framework 0... | E | |
| CVE-2008-5591 | Cross-site scripting (XSS) vulnerability in login.asp in Nightfall Personal Diary 1.0 allows remote ... | E | |
| CVE-2008-5592 | Nightfall Personal Diary 1.0 stores sensitive information under the web root with insufficient acces... | E | |
| CVE-2008-5593 | Multiple directory traversal vulnerabilities in index.php in Mini CMS 1.0.1 allow remote attackers t... | E | |
| CVE-2008-5594 | Multiple directory traversal vulnerabilities in index.php in Mini Blog 1.0.1 allow remote attackers ... | E | |
| CVE-2008-5595 | SQL injection vulnerability in detail.asp in ASP AutoDealer allows remote attackers to execute arbit... | E | |
| CVE-2008-5596 | Ikon AdManager 2.1 and earlier stores sensitive information under the web root with insufficient acc... | E | |
| CVE-2008-5597 | Cold BBS stores sensitive information under the web root with insufficient access control, which all... | E | |
| CVE-2008-5598 | Directory traversal vulnerability in index.php in PHPmyGallery 1.51 gold allows remote attackers to ... | E | |
| CVE-2008-5599 | SQL injection vulnerability in default.asp in Merlix Teamworx Server allows remote attackers to exec... | E | |
| CVE-2008-5600 | Merlix Teamworx Server stores sensitive information under the web root with insufficient access cont... | E | |
| CVE-2008-5601 | User Engine Lite ASP stores sensitive information under the web root with insufficient access contro... | E | |
| CVE-2008-5602 | Natterchat 1.12 stores sensitive information under the web root with insufficient access control, wh... | E | |
| CVE-2008-5603 | ASPTicker 1.0 stores sensitive information under the web root with insufficient access control, whic... | E | |
| CVE-2008-5604 | Directory traversal vulnerability in index.php in My Simple Forum 3.0 and 4.1, when magic_quotes_gpc... | E | |
| CVE-2008-5605 | Multiple SQL injection vulnerabilities in ASP Portal allow remote attackers to execute arbitrary SQL... | E | |
| CVE-2008-5606 | Gazatem QMail Mailing List Manager 1.2 stores sensitive information under the web root with insuffic... | E | |
| CVE-2008-5607 | SQL injection vulnerability in the JMovies (aka JM or com_jmovies) component 1.1 for Joomla! allows ... | E | |
| CVE-2008-5608 | ASP AutoDealer stores sensitive information under the web root with insufficient access control, whi... | E | |
| CVE-2008-5609 | SQL injection vulnerability in the Commerce extension 0.9.6 and earlier for TYPO3 allows remote atta... | | |
| CVE-2008-5616 | Stack-based buffer overflow in the demux_open_vqf function in libmpdemux/demux_vqf.c in MPlayer 1.0 ... | | |
| CVE-2008-5617 | The ACL handling in rsyslog 3.12.1 to 3.20.0, 4.1.0, and 4.1.1 does not follow $AllowedSender direct... | S | |
| CVE-2008-5618 | imudp in rsyslog 4.x before 4.1.2, 3.21 before 3.21.9 beta, and 3.20 before 3.20.2 generates a messa... | | |
| CVE-2008-5619 | html2text.php in Chuggnutt HTML to Text Converter, as used in PHPMailer before 5.2.10, RoundCube Web... | E | |
| CVE-2008-5620 | RoundCube Webmail (roundcubemail) before 0.2-beta allows remote attackers to cause a denial of servi... | S | |
| CVE-2008-5621 | Cross-site request forgery (CSRF) vulnerability in phpMyAdmin 2.11.x before 2.11.9.4 and 3.x before ... | E S | |
| CVE-2008-5622 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-5621. Reason: This candida... | R | |
| CVE-2008-5624 | PHP 5 before 5.2.7 does not properly initialize the page_uid and page_gid global variables for use b... | E | |
| CVE-2008-5625 | PHP 5 before 5.2.7 does not enforce the error_log safe_mode restrictions when safe_mode is enabled t... | E | |
| CVE-2008-5626 | XM Easy Personal FTP Server 5.6.0 allows remote authenticated users to cause a denial of service via... | E | |
| CVE-2008-5627 | SQL injection vulnerability in account.asp in Active Trade 2 allows remote attackers to execute arbi... | E | |
| CVE-2008-5628 | SQL injection vulnerability in index.php in CMS little 0.0.1 allows remote attackers to execute arbi... | E | |
| CVE-2008-5629 | SQL injection vulnerability in index.php in Turnkey Arcade Script allows remote attackers to execute... | E | |
| CVE-2008-5630 | SQL injection vulnerability in merchants/index.php in Post Affiliate Pro 3 and 3.1.4 allows remote a... | E | |
| CVE-2008-5631 | SQL injection vulnerability in start.asp in Active eWebquiz 8.0 allows remote attackers to execute a... | E | |
| CVE-2008-5632 | SQL injection vulnerability in Account.asp in Active Time Billing 3.2 allows remote attackers to exe... | E | |
| CVE-2008-5633 | SQL injection vulnerability in register.asp in ActiveVotes 2.2 allows remote attackers to execute ar... | E | |
| CVE-2008-5634 | SQL injection vulnerability in account.asp in Active Force Matrix 2.0 allows remote attackers to exe... | E | |
| CVE-2008-5635 | SQL injection vulnerability in account.asp in Active Membership 2.0 allows remote attackers to execu... | E | |
| CVE-2008-5636 | SQL injection vulnerability in cate.php in Lito Lite CMS, when magic_quotes_gpc is disabled, allows ... | E | |
| CVE-2008-5637 | SQL injection vulnerability in blog.asp in ParsBlogger (Pb) allows remote attackers to execute arbit... | E | |
| CVE-2008-5638 | Multiple SQL injection vulnerabilities in Active Price Comparison 4 allow remote attackers to execut... | E | |
| CVE-2008-5639 | Directory traversal vulnerability in index.php in TxtBlog 1.0 Alpha allows remote attackers to read ... | E | |
| CVE-2008-5640 | SQL injection vulnerability in bidhistory.asp in Active Bids 3.5 allows remote attackers to execute ... | E | |
| CVE-2008-5641 | SQL injection vulnerability in account.asp in Active Photo Gallery 6.2 allows remote attackers to ex... | E | |
| CVE-2008-5642 | Directory traversal vulnerability in admin/login.php in CMS Made Simple 1.4.1 allows remote attacker... | E | |
| CVE-2008-5643 | SQL injection vulnerability in the Books (com_books) component for Joomla! allows remote attackers t... | E | |
| CVE-2008-5644 | Cross-site scripting (XSS) vulnerability in the file backend module in TYPO3 4.2.2 allows remote att... | | |
| CVE-2008-5645 | Directory traversal vulnerability in the media server in Orb Networks Orb before 2.01.0022 allows re... | E S | |
| CVE-2008-5646 | Unspecified vulnerability in Trac before 0.11.2 allows attackers to cause a denial of service via un... | | |
| CVE-2008-5647 | Unspecified vulnerability in the HTML sanitizer filter in Trac before 0.11.2 allows attackers to con... | | |
| CVE-2008-5648 | SQL injection vulnerability in admin/login.php in DeltaScripts PHP Shop 1.0 allows remote attackers ... | E | |
| CVE-2008-5649 | SQL injection vulnerability in admin/admin.php in AlstraSoft Article Manager Pro 1.6 allows remote a... | E | |
| CVE-2008-5650 | SQL injection vulnerability in the login directory in AlstraSoft Web Host Directory allows remote at... | E | |
| CVE-2008-5651 | SQL injection vulnerability in plugins/bookmarker/bookmarker_backend.php in MyioSoft EasyBookMarker ... | E | |
| CVE-2008-5652 | SQL injection vulnerability in the loginADP function in ajaxp.php in MyioSoft EasyBookMarker 4.0 all... | E | |
| CVE-2008-5653 | SQL injection vulnerability in the loginADP function in ajaxp.php in MyioSoft AjaxPortal 3.0 allows ... | E | |
| CVE-2008-5654 | SQL injection vulnerability in the loginADP function in ajaxp.php in MyioSoft EasyCalendar 4.0 allow... | E | |
| CVE-2008-5655 | Multiple SQL injection vulnerabilities in MyioSoft EasyBookMarker 4.0 allow remote attackers to exec... | | |
| CVE-2008-5656 | Cross-site scripting (XSS) vulnerability in the frontend plugin for the felogin system extension in ... | | |
| CVE-2008-5657 | CRLF injection vulnerability in Quassel Core before 0.3.0.3 allows remote attackers to spoof IRC mes... | S | |
| CVE-2008-5658 | Directory traversal vulnerability in the ZipArchive::extractTo function in PHP 5.2.6 and earlier all... | E | |
| CVE-2008-5659 | The gnu.java.security.util.PRNG class in GNU Classpath 0.97.2 and earlier uses a predictable seed ba... | | |
| CVE-2008-5660 | Format string vulnerability in the vinagre_utils_show_error function (src/vinagre-utils.c) in Vinagr... | E | |
| CVE-2008-5661 | The IPv4 Forwarding feature in Sun Solaris 10 and OpenSolaris snv_47 through snv_82, with certain pa... | S | |
| CVE-2008-5662 | Multiple buffer overflows in Sun Java Wireless Toolkit (WTK) for CLDC 2.5.2 and earlier allow downlo... | S | |
| CVE-2008-5663 | Multiple unrestricted file upload vulnerabilities in Kusaba 1.0.4 and earlier allow remote authentic... | E | |
| CVE-2008-5664 | Stack-based buffer overflow in Realtek Media Player (aka Realtek Sound Manager, RtlRack, or rtlrack.... | E | |
| CVE-2008-5665 | SQL injection vulnerability in index.php in the xhresim module in XOOPS allows remote attackers to e... | E | |
| CVE-2008-5666 | WinFTP FTP Server 2.3.0, when passive (aka PASV) mode is used, allows remote authenticated users to ... | E | |
| CVE-2008-5667 | The scanning engine in VirusBlokAda VBA32 Personal Antivirus 3.12.8.x allows remote attackers to cau... | E | |
| CVE-2008-5668 | Multiple cross-site scripting (XSS) vulnerabilities in Textpattern (aka Txp CMS) 4.0.5 allow remote ... | E S | |
| CVE-2008-5669 | index.php in the comments preview section in Textpattern (aka Txp CMS) 4.0.5 allows remote attackers... | E S | |
| CVE-2008-5670 | Textpattern (aka Txp CMS) 4.0.5 does not ask for the old password during a password reset, which mak... | | |
| CVE-2008-5671 | PHP remote file inclusion vulnerability in index.php in Joomla! 1.0.11 through 1.0.14, when RG_EMULA... | S | |
| CVE-2008-5672 | Multiple cross-site request forgery (CSRF) vulnerabilities in PHParanoid before 0.4 allow remote att... | | |
| CVE-2008-5673 | PHParanoid before 0.4 does not properly restrict access to the members area by unauthenticated users... | S | |
| CVE-2008-5674 | Multiple array index errors in the HTTP server in Darkwet Network webcamXP 3.72.440.0 and earlier an... | E | |
| CVE-2008-5675 | Unspecified vulnerability in IBM WebSphere Portal 6.0 before 6.0.1.5 has unknown impact and attack v... | S | |
| CVE-2008-5676 | Multiple unspecified vulnerabilities in the ModSecurity (aka mod_security) module 2.5.0 through 2.5.... | | |
| CVE-2008-5677 | Unrestricted file upload vulnerability in Kwalbum 2.0.4, 2.0.2, and earlier, when PICS_PATH is locat... | E | |
| CVE-2008-5678 | Fretwell-Downing Informatics (FDI) OLIB7 WebView 2.5.1.1 allows remote authenticated users to obtain... | E | |
| CVE-2008-5679 | The HTML parsing engine in Opera before 9.63 allows remote attackers to execute arbitrary code via c... | | |
| CVE-2008-5680 | Multiple buffer overflows in Opera before 9.63 might allow (1) remote attackers to execute arbitrary... | | |
| CVE-2008-5681 | Opera before 9.63 does not block unspecified "scripted URLs" during the feed preview, which allows r... | | |
| CVE-2008-5682 | Cross-site scripting (XSS) vulnerability in Opera before 9.63 allows remote attackers to inject arbi... | | |
| CVE-2008-5683 | Unspecified vulnerability in Opera before 9.63 allows remote attackers to "reveal random data" via u... | | |
| CVE-2008-5684 | Unspecified vulnerability in the X Inter Client Exchange library (aka libICE) in Sun Solaris 8 throu... | S | |
| CVE-2008-5685 | Sun ScApp firmware 5.18.x, 5.19.x, and 5.20.0 through 5.20.10 on Sun Fire and Netra platforms allows... | S | |
| CVE-2008-5686 | IBM Tivoli Provisioning Manager (TPM) before 5.1.1.1 IF0006, when its LDAP service is shared with ot... | S | |
| CVE-2008-5687 | MediaWiki 1.11, and other versions before 1.13.3, does not properly protect against the download of ... | | |
| CVE-2008-5688 | MediaWiki 1.8.1, and other versions before 1.13.3, when the wgShowExceptionDetails variable is enabl... | | |
| CVE-2008-5689 | tun in IP Tunnel in Solaris 10 and OpenSolaris snv_01 through snv_76 allows local users to cause a d... | E S | |
| CVE-2008-5690 | The Kerberos credential renewal feature in Sun Solaris 8, 9, and 10, and OpenSolaris build snv_01 th... | S | |
| CVE-2008-5691 | Heap-based buffer overflow in the Phoenician Casino FlashAX ActiveX control 1.0.0.7 allows remote at... | E | |
| CVE-2008-5692 | Ipswitch WS_FTP Server Manager before 6.1.1, and possibly other Ipswitch products, allows remote att... | | |
| CVE-2008-5693 | Ipswitch WS_FTP Server Manager 6.1.0.0 and earlier, and possibly other Ipswitch products, might allo... | | |
| CVE-2008-5694 | PHP remote file inclusion vulnerability in lib/jpgraph/jpgraph_errhandler.inc.php in Sandbox 1.4.1 m... | | |
| CVE-2008-5695 | wp-admin/options.php in WordPress MU before 1.3.2, and WordPress 2.3.2 and earlier, does not properl... | E | |
| CVE-2008-5696 | Novell NetWare 6.5 before Support Pack 8, when an OES2 Linux server is installed into the NDS tree, ... | | |
| CVE-2008-5697 | The skype_tool.copy_num method in the Skype extension BETA 2.2.0.95 for Firefox allows remote attack... | E | |
| CVE-2008-5698 | HTMLTokenizer::scriptHandler in Konqueror in KDE 3.5.9 and 3.5.10 allows remote attackers to cause a... | E | |
| CVE-2008-5699 | The name service cache daemon (nscd) in Sun Solaris 10 and OpenSolaris snv_50 through snv_104 does n... | S | |
| CVE-2008-5700 | libata in the Linux kernel before 2.6.27.9 does not set minimum timeouts for SG_IO requests, which a... | | |
| CVE-2008-5701 | Array index error in arch/mips/kernel/scall64-o32.S in the Linux kernel before 2.6.28-rc8 on 64-bit ... | | |
| CVE-2008-5702 | Buffer underflow in the ibwdt_ioctl function in drivers/watchdog/ib700wdt.c in the Linux kernel befo... | E | |
| CVE-2008-5703 | gpsdrive (aka gpsdrive-scripts) 2.10~pre4 allows local users to overwrite arbitrary files via a syml... | | |
| CVE-2008-5704 | src/unit_test.c in gpsdrive (aka gpsdrive-scripts) 2.10~pre4 might allow local users to overwrite ar... | | |
| CVE-2008-5705 | The cTrigger::DoIt function in src/ctrigger.cpp in the trigger mechanism in the daemon in Verlihub 0... | E | |
| CVE-2008-5706 | The cTrigger::DoIt function in src/ctrigger.cpp in the trigger mechanism in the daemon in Verlihub 0... | E | |
| CVE-2008-5707 | SQL injection vulnerability in urunler.asp in Iltaweb Alisveris Sistemi allows remote attackers to e... | E | |
| CVE-2008-5708 | redirect.php in SlimCMS 1.0.0 does not require authentication, which allows remote attackers to crea... | E | |
| CVE-2008-5709 | Multiple unspecified vulnerabilities in the web management interface in Avaya Communication Manager ... | | |
| CVE-2008-5710 | Multiple unspecified vulnerabilities in the web management interface in Avaya Communication Manager ... | | |
| CVE-2008-5711 | Heap-based buffer overflow in the Facebook PhotoUploader ActiveX control 5.0.14.0 and earlier allows... | E | |
| CVE-2008-5712 | The HTML parser in KDE Konqueror 3.5.9 allows remote attackers to cause a denial of service (applica... | E | |
| CVE-2008-5713 | The __qdisc_run function in net/sched/sch_generic.c in the Linux kernel before 2.6.25 on SMP machine... | | |
| CVE-2008-5714 | Off-by-one error in monitor.c in Qemu 0.9.1 might make it easier for remote attackers to guess the V... | | |
| CVE-2008-5715 | Mozilla Firefox 3.0.5 on Windows Vista allows remote attackers to cause a denial of service (applica... | E | |
| CVE-2008-5716 | xend in Xen 3.3.0 does not properly restrict a guest VM's write access within the /local/domain xens... | | |
| CVE-2008-5717 | Cross-site scripting (XSS) vulnerability in Hitachi JP1/Integrated Management - Service Support 08-1... | | |
| CVE-2008-5718 | The papd daemon in Netatalk before 2.0.4-beta2, when using certain variables in a pipe command for t... | S | |
| CVE-2008-5719 | Cross-site scripting (XSS) vulnerability in Hitachi Groupmax Web Workflow SDK Set for Active Server ... | | |
| CVE-2008-5720 | Cross-site scripting (XSS) vulnerability in Mayaa before 1.1.23 allows remote attackers to inject ar... | | |
| CVE-2008-5721 | SapporoWorks BlackJumboDog (BJD) before 4.2.3 allows remote attackers to bypass authentication and o... | | |
| CVE-2008-5722 | Buffer overflow in SAWStudio 3.9i allows user-assisted remote attackers to cause a denial of service... | E | |
| CVE-2008-5723 | Directory traversal vulnerability in CGI RESCUE KanniBBS2000 (aka KanniBBS2000i, MiniBBS2000, and Mi... | | |
| CVE-2008-5724 | The Personal Firewall driver (aka epfw.sys) 3.0.672.0 and earlier in ESET Smart Security 3.0.672 and... | | |
| CVE-2008-5725 | The NT kernel-mode driver (aka pstrip.sys) 5.0.1.1 and earlier in EnTech Taiwan PowerStrip 3.84 and ... | E | |
| CVE-2008-5726 | SQL injection vulnerability in thread.php in stormBoards 1.0.1 allows remote attackers to execute ar... | E | |
| CVE-2008-5727 | SQL injection vulnerability in modules/auth/password_recovery.php in AIST NetCat 3.12 and earlier, w... | E | |
| CVE-2008-5728 | Multiple directory traversal vulnerabilities in AIST NetCat 3.12 and earlier, when magic_quotes_gpc ... | E | |
| CVE-2008-5729 | Multiple cross-site scripting (XSS) vulnerabilities in AIST NetCat 3.12 and earlier allow remote att... | E | |
| CVE-2008-5730 | Multiple CRLF injection vulnerabilities in AIST NetCat 3.12 and earlier allow remote attackers to ha... | E | |
| CVE-2008-5731 | The PGPwded device driver (aka PGPwded.sys) in PGP Corporation PGP Desktop 9.0.6 build 6060 and 9.9.... | E | |
| CVE-2008-5732 | Unrestricted file upload vulnerability in lib/image_upload.php in KafooeyBlog 1.55b allows remote at... | E | |
| CVE-2008-5733 | SQL injection vulnerability in blog.php in the Team Impact TI Blog System mod for PHP-Fusion allows ... | E | |
| CVE-2008-5734 | Cross-site scripting (XSS) vulnerability in WebMail Pro in IceWarp Software Merak Mail Server 9.3.2 ... | | |
| CVE-2008-5735 | Stack-based buffer overflow in skin.c in CoolPlayer 2.17 through 2.19 allows remote attackers to exe... | E | |
| CVE-2008-5736 | Multiple unspecified vulnerabilities in FreeBSD 6 before 6.4-STABLE, 6.3 before 6.3-RELEASE-p7, 6.4 ... | E | |
| CVE-2008-5737 | SQL injection vulnerability in index.php in Nodstrum MySQL Calendar 1.1 and 1.2 allows remote attack... | E | |
| CVE-2008-5738 | Nodstrum MySQL Calendar 1.1 and 1.2 allows remote attackers to bypass authentication and gain admini... | E | |
| CVE-2008-5739 | SQL injection vulnerability in evb/check_url.php in Pligg CMS 9.9.5 Beta allows remote attackers to ... | E | |
| CVE-2008-5742 | Multiple open redirect vulnerabilities in AIST NetCat 3.12 and earlier allow remote attackers to red... | E | |
| CVE-2008-5743 | pdfjam creates the (1) pdf90, (2) pdfjoin, and (3) pdfnup files with a predictable name, which allow... | E | |
| CVE-2008-5744 | Array index error in the dahdi/tor2.c driver in Zaptel (aka DAHDI) 1.4.11 and earlier allows local u... | E | |
| CVE-2008-5745 | Integer overflow in quartz.dll in the DirectShow framework in Microsoft Windows Media Player (WMP) 9... | E | |
| CVE-2008-5746 | Sun SNMP Management Agent (SUNWmasf) 1.4u2 through 1.5.4 allows local users to overwrite arbitrary f... | | |
| CVE-2008-5747 | F-Prot 4.6.8 for GNU/Linux allows remote attackers to bypass anti-virus protection via a crafted ELF... | | |
| CVE-2008-5748 | Directory traversal vulnerability in plugins/spaw2/dialogs/dialog.php in BloofoxCMS 0.3.4 allows rem... | E | |
| CVE-2008-5749 | Argument injection vulnerability in Google Chrome 1.0.154.36 on Windows XP SP3 allows remote attacke... | E | |
| CVE-2008-5750 | Argument injection vulnerability in Microsoft Internet Explorer 8 beta 2 on Windows XP SP3 allows re... | E | |
| CVE-2008-5751 | SQL injection vulnerability in index.php in AlstraSoft Web Email Script Enterprise (ESE) allows remo... | E | |
| CVE-2008-5752 | Directory traversal vulnerability in getConfig.php in the Page Flip Image Gallery plugin 0.2.2 and e... | E | |
| CVE-2008-5753 | Stack-based buffer overflow in BulletProof FTP Client 2.63 and 2010 allows user-assisted attackers t... | E | |
| CVE-2008-5754 | Stack-based buffer overflow in BulletProof FTP Client allows user-assisted attackers to execute arbi... | E | |
| CVE-2008-5755 | Stack-based buffer overflow in IntelliTamper 2.07 and 2.08 allows remote attackers to execute arbitr... | E | |
| CVE-2008-5756 | Buffer overflow in BreakPoint Software Hex Workshop 5.1.4 allows user-assisted attackers to cause a ... | E | |
| CVE-2008-5757 | Cross-site scripting (XSS) vulnerability in textarea/index.php in Textpattern (aka Txp CMS) 4.0.6 an... | E | |
| CVE-2008-5758 | Cross-site request forgery (CSRF) vulnerability in PHParanoid before 0.5 allows remote attackers to ... | | |
| CVE-2008-5759 | Cross-site scripting (XSS) vulnerability in FlatnuX CMS (aka Flatnuke3) 2008-12-11 allows remote att... | | |
| CVE-2008-5760 | Cross-site scripting (XSS) vulnerability in error413.php in Kerio MailServer before 6.6.2 allows rem... | S | |
| CVE-2008-5761 | Multiple cross-site scripting (XSS) vulnerabilities in FlatnuX CMS (aka Flatnuke3) 2008-12-11 allow ... | E | |
| CVE-2008-5762 | Simple Text-File Login Script (SiTeFiLo) 1.0.6 stores sensitive information under the web root with ... | E | |
| CVE-2008-5763 | PHP remote file inclusion vulnerability in slogin_lib.inc.php in Simple Text-File Login Script (SiTe... | E | |
| CVE-2008-5764 | PHP remote file inclusion vulnerability in calendar.php in WorkSimple 1.2.1, when register_globals i... | E | |
| CVE-2008-5765 | WorkSimple 1.2.1 stores sensitive information under the web root with insufficient access control, w... | E | |
| CVE-2008-5766 | SQL injection vulnerability in download.php in Farsi Script Faupload allows remote attackers to exec... | E | |
| CVE-2008-5767 | SQL injection vulnerability in authors.asp in gNews Publisher allows remote attackers to execute arb... | E | |
| CVE-2008-5768 | SQL injection vulnerability in print.php in the AM Events (aka Amevents) module 0.22 for XOOPS allow... | E | |
| CVE-2008-5769 | Multiple cross-site scripting (XSS) vulnerabilities in Kerio MailServer before 6.6.2 allow remote at... | S | |
| CVE-2008-5770 | Cross-site scripting (XSS) vulnerability in config/make_config.php in PHP Weather 2.2.2 allows remot... | E | |
| CVE-2008-5771 | Directory traversal vulnerability in test.php in PHP Weather 2.2.2 allows remote attackers to includ... | E | |
| CVE-2008-5772 | Multiple SQL injection vulnerabilities in ASPSiteWare RealtyListings 1.0 and 2.0 allow remote attack... | E | |
| CVE-2008-5773 | Nukedit 4.9.8 stores sensitive information under the web root with insufficient access control, whic... | E | |
| CVE-2008-5774 | Multiple SQL injection vulnerabilities in ASPSiteWare HomeBuilder 1.0 and 2.0 allow remote attackers... | E | |
| CVE-2008-5775 | SQL injection vulnerability in categories.php in Aperto Blog 0.1.1 allows remote attackers to execut... | E | |
| CVE-2008-5776 | Multiple directory traversal vulnerabilities in Aperto Blog 0.1.1 allow remote attackers to include ... | E | |
| CVE-2008-5777 | SQL injection vulnerability in index.php in CadeNix allows remote attackers to execute arbitrary SQL... | E | |
| CVE-2008-5778 | SQL injection vulnerability in report.php in Free Links Directory Script (FLDS) 1.2a allows remote a... | E | |
| CVE-2008-5779 | SQL injection vulnerability in lpro.php in Free Links Directory Script (FLDS) 1.2a allows remote att... | E | |
| CVE-2008-5780 | Forest Blog 1.3.2 stores sensitive information under the web root with insufficient access control, ... | E | |
| CVE-2008-5781 | SQL injection vulnerability in right.php in Cant Find A Gaming CMS (CFAGCMS) 1.0 Beta 1 allows remot... | E | |
| CVE-2008-5782 | SQL injection vulnerability in bannerclick.php in ZeeMatri 3.0 allows remote attackers to execute ar... | E | |
| CVE-2008-5783 | admin/index.php in V3 Chat Live Support 3.0.4 allows remote attackers to bypass authentication and g... | E | |
| CVE-2008-5784 | V3 Chat - Profiles/Dating Script 3.0.2 allows remote attackers to bypass authentication and gain adm... | E | |
| CVE-2008-5785 | SQL injection vulnerability in V3 Chat - Profiles/Dating Script 3.0.2 allows remote attackers to exe... | E | |
| CVE-2008-5786 | Cross-site scripting (XSS) vulnerability in the Silva Find extension 1.1.5 and earlier in Silva 1.x ... | S | |
| CVE-2008-5787 | Directory traversal vulnerability in mod.php in Arab Portal 2.1 on Windows allows remote attackers t... | E | |
| CVE-2008-5788 | SQL injection vulnerability in index.php in Domain Seller Pro 1.5 allows remote attackers to execute... | E | |
| CVE-2008-5789 | Multiple PHP remote file inclusion vulnerabilities in the Recly Interactive Feederator (com_feederat... | E | |
| CVE-2008-5790 | Multiple PHP remote file inclusion vulnerabilities in the Recly!Competitions (com_competitions) comp... | E | |
| CVE-2008-5791 | Multiple unspecified vulnerabilities in PrestaShop e-Commerce Solution before 1.1 Beta 2 (aka 1.1.0.... | S | |
| CVE-2008-5792 | PHP remote file inclusion vulnerability in show_joined.php in Indiscripts Enthusiast 3.1.4, and poss... | E | |
| CVE-2008-5793 | Multiple PHP remote file inclusion vulnerabilities in the Clickheat - Heatmap stats (com_clickheat) ... | E | |
| CVE-2008-5794 | Directory traversal vulnerability in system/admin/images.php in LoveCMS 1.6.2 Final allows remote at... | E | |
| CVE-2008-5795 | Cross-site scripting (XSS) vulnerability in the eluna Page Comments (eluna_pagecomments) extension 1... | | |
| CVE-2008-5796 | SQL injection vulnerability in the eluna Page Comments (eluna_pagecomments) extension 1.1.2 and earl... | | |
| CVE-2008-5797 | SQL injection vulnerability in the advCalendar extension 0.3.1 and earlier for TYPO3 allows remote a... | | |
| CVE-2008-5798 | SQL injection vulnerability in the CMS Poll system (cms_poll) extension before 0.1.1 for TYPO3 allow... | S | |
| CVE-2008-5799 | Cross-site scripting (XSS) vulnerability in the Wir ber uns (fsmi_people) extension 0.0.24 and earli... | S | |
| CVE-2008-5800 | SQL injection vulnerability in the Wir ber uns [sic] (fsmi_people) extension 0.0.24 and earlier for ... | | |
| CVE-2008-5801 | Unspecified vulnerability in the Dictionary (rtgdictionary) extension 0.1.9 and earlier for TYPO3 al... | S | |
| CVE-2008-5802 | SQL injection vulnerability in index.php in E-topbiz Online Store 1.0 allows remote attackers to exe... | E | |
| CVE-2008-5803 | SQL injection vulnerability in admin/login.php in E-topbiz Online Store 1.0 allows remote attackers ... | E | |
| CVE-2008-5804 | SQL injection vulnerability in admin/admin_catalog.php in e-topbiz Number Links 1 Php Script allows ... | E | |
| CVE-2008-5805 | SQL injection vulnerability in detail.php in DeltaScripts PHP Classifieds 7.5 and earlier allows rem... | E | |
| CVE-2008-5806 | SQL injection vulnerability in login.php in DeltaScripts PHP Classifieds 7.5 and earlier allows remo... | E | |
| CVE-2008-5807 | Multiple cross-site scripting (XSS) vulnerabilities in TestLink before 1.8 RC1 allow remote attacker... | | |
| CVE-2008-5808 | Cross-site scripting (XSS) vulnerability in Six Apart Movable Type Enterprise (MTE) 1.x before 1.56;... | | |
| CVE-2008-5809 | futomi CGI Cafe Access Analyzer CGI Standard 4.0.1 and earlier and Access Analyzer CGI Professional ... | | |
| CVE-2008-5810 | WBPublish (aka WBPublish.exe) in Fujitsu-Siemens WebTransactions 7.0, 7.1, and possibly other versio... | S | |
| CVE-2008-5811 | SQL injection vulnerability in the PaxGallery (com_paxgallery) component 0.1 for Joomla! allows remo... | E | |
| CVE-2008-5812 | Multiple unspecified vulnerabilities in SPIP 1.8 before 1.8.3b, 1.9 before 1.9.2g, and 2.0 before 2.... | S | |
| CVE-2008-5813 | SQL injection vulnerability in inc/rubriques.php in SPIP 1.8 before 1.8.3b, 1.9 before 1.9.2g, and 2... | S | |
| CVE-2008-5814 | Cross-site scripting (XSS) vulnerability in PHP, possibly 5.2.7 and earlier, when display_errors is ... | | |
| CVE-2008-5815 | SQL injection vulnerability in Acomment.php in phpAlumni allows remote attackers to execute arbitrar... | E | |
| CVE-2008-5816 | SQL injection vulnerability in repository.php in ILIAS 3.7.4 and earlier allows remote attackers to ... | E | |
| CVE-2008-5817 | Multiple SQL injection vulnerabilities in index.php in Web Scribble Solutions webClassifieds 2005 al... | E | |
| CVE-2008-5818 | Directory traversal vulnerability in index.php in eDreamers eDContainer 2.22, when magic_quotes_gpc ... | E | |
| CVE-2008-5819 | Directory traversal vulnerability in eDNews_archive.php in eDreamers eDNews 2, when magic_quotes_gpc... | E | |
| CVE-2008-5820 | SQL injection vulnerability in eDNews_view.php in eDreamers eDNews 2 allows remote attackers to exec... | E | |
| CVE-2008-5821 | Memory leak in WebKit.dll in WebKit, as used by Apple Safari 3.2 on Windows Vista SP1, allows remote... | E | |
| CVE-2008-5822 | Memory leak in Libxul, as used in Mozilla Firefox 3.0.5 and other products, allows remote attackers ... | E | |
| CVE-2008-5823 | An ActiveX control in prtstb06.dll in Microsoft Money 2006, when used with WScript in Windows Script... | | |
| CVE-2008-5824 | Heap-based buffer overflow in msadpcm.c in libaudiofile in audiofile 0.2.6 allows context-dependent ... | | |
| CVE-2008-5825 | The SmartPoster implementation on the Nokia 6131 Near Field Communication (NFC) phone with 05.12 fir... | E | |
| CVE-2008-5826 | The Nokia 6131 Near Field Communication (NFC) phone with 05.12 firmware allows remote attackers to c... | E | |
| CVE-2008-5827 | The Nokia 6131 Near Field Communication (NFC) phone with 05.12 firmware automatically installs softw... | | |
| CVE-2008-5828 | Microsoft Windows Live Messenger Client 8.5.1 and earlier, when MSN Protocol Version 15 (MSNP15) is ... | | |
| CVE-2008-5838 | SQL injection vulnerability in search_results.php in E-Php Scripts E-Shop (aka E-Php Shopping Cart) ... | E | |
| CVE-2008-5839 | Buffer overflow in Foxmail 6.5 allows remote attackers to execute arbitrary code via a long mailto U... | E | |
| CVE-2008-5840 | PHP iCalendar 2.24 and earlier allows remote attackers to bypass authentication by setting the phpic... | E | |
| CVE-2008-5841 | Multiple SQL injection vulnerabilities in iGaming 1.5 and earlier allow remote attackers to execute ... | E | |
| CVE-2008-5842 | Multiple cross-site scripting (XSS) vulnerabilities in Fujitsu-Siemens WebTransactions 7.0, 7.1, and... | S | |
| CVE-2008-5843 | Multiple untrusted search path vulnerabilities in pdfjam allow local users to gain privileges via a ... | | |
| CVE-2008-5844 | PHP 5.2.7 contains an incorrect change to the FILTER_UNSAFE_RAW functionality, and unintentionally d... | E | |
| CVE-2008-5845 | Multiple cross-site scripting (XSS) vulnerabilities in Six Apart Movable Type (MT) before 4.23 allow... | | |
| CVE-2008-5846 | Six Apart Movable Type (MT) before 4.23 allows remote authenticated users with create permission for... | | |
| CVE-2008-5847 | Constructr CMS 3.02.5 and earlier stores passwords in cleartext in a MySQL database, which allows co... | E | |
| CVE-2008-5848 | The Advantech ADAM-6000 module has 00000000 as its default password, which makes it easier for remot... | | |
| CVE-2008-5849 | Check Point VPN-1 R55, R65, and other versions, when Port Address Translation (PAT) is used, allows ... | E | |
| CVE-2008-5850 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate was or... | R | |
| CVE-2008-5851 | SQL injection vulnerability in index.php in My PHP Baseball Stats (MyPBS) allows remote attackers to... | E | |
| CVE-2008-5852 | Emefa Guestbook 3.0 stores sensitive information under the web root with insufficient access control... | E | |
| CVE-2008-5853 | Chilek Content Management System (aka ChiCoMaS) 2.0.4 and earlier stores sensitive information under... | E | |
| CVE-2008-5854 | Multiple cross-site scripting (XSS) vulnerabilities in login.php in myPHPscripts Login Session 2.0 a... | E | |
| CVE-2008-5855 | myPHPscripts Login Session 2.0 stores sensitive information under the web root with insufficient acc... | E | |
| CVE-2008-5856 | Directory traversal vulnerability in scripts/export.php in ClaSS before 0.8.61 allows remote attacke... | E | |
| CVE-2008-5857 | The DropDocuments plugin in KnowledgeTree before 3.5.4a allows remote authenticated users to gain ad... | S | |
| CVE-2008-5858 | Multiple cross-site scripting (XSS) vulnerabilities in KnowledgeTree before 3.5.4a allow remote atta... | | |
| CVE-2008-5859 | SQL injection vulnerability in index.php in Constructr CMS 3.02.5 and earlier, when register_globals... | E | |
| CVE-2008-5860 | Directory traversal vulnerability in backend/template.php in Constructr CMS 3.02.5 and earlier, when... | E | |
| CVE-2008-5861 | Directory traversal vulnerability in source.php in FreeLyrics 1.0 allows remote attackers to read ar... | E | |
| CVE-2008-5862 | Directory traversal vulnerability in webcamXP 5.3.2.375 and 5.3.2.410 build 2132 allows remote attac... | E | |
| CVE-2008-5863 | SQL injection vulnerability in locator.php in the Userlocator module 3.0 for Woltlab Burning Board (... | E | |
| CVE-2008-5864 | SQL injection vulnerability in the Top Hotel (com_tophotelmodule) component 1.0 in the Hotel Booking... | E | |
| CVE-2008-5865 | SQL injection vulnerability in the com_hbssearch component 1.0 in the Hotel Booking Reservation Syst... | E | |
| CVE-2008-5866 | The Proxim Wireless Tsunami MP.11 2411 with firmware 3.0.3 has public as its default SNMP read/write... | | |
| CVE-2008-5867 | Directory traversal vulnerability in Yerba SACphp 6.3 allows remote attackers to read arbitrary file... | | |
| CVE-2008-5868 | Stack-based buffer overflow in IntelliTamper 2.07 and 2.08 allows user-assisted attackers to execute... | E | |
| CVE-2008-5869 | Cross-site scripting (XSS) vulnerability in the Proxim Wireless Tsunami MP.11 2411 with firmware 3.0... | E | |
| CVE-2008-5870 | FastStone Image Viewer 3.6 allows user-assisted attackers to cause a denial of service (application ... | E | |
| CVE-2008-5871 | Nortel Multimedia Communication Server (MSC) 5100 3.0.13 does not verify credentials during call pla... | | |
| CVE-2008-5872 | Multiple unspecified vulnerabilities in the UNIStim File Transfer Protocol (UFTP) processing in IP C... | | |
| CVE-2008-5873 | Yerba SACphp 6.3 and earlier allows remote attackers to bypass authentication and gain administrativ... | E | |
| CVE-2008-5874 | Multiple SQL injection vulnerabilities in the Hotel Booking Reservation System (aka HBS) for Joomla!... | E | |
| CVE-2008-5875 | SQL injection vulnerability in the com_lowcosthotels component in the Hotel Booking Reservation Syst... | E | |
| CVE-2008-5876 | Buffer overflow in Irrlicht before 1.5 allows remote attackers to cause a denial of service (crash) ... | S | |
| CVE-2008-5877 | Multiple SQL injection vulnerabilities in Phpclanwebsite (aka PCW) 1.23.3 Fix Pack 5 and earlier, wh... | E | |
| CVE-2008-5878 | Multiple directory traversal vulnerabilities in Phpclanwebsite (aka PCW) 1.23.3 Fix Pack 5 and earli... | E | |
| CVE-2008-5879 | Cross-site scripting (XSS) vulnerability in index.php in Phpclanwebsite (aka PCW) 1.23.3 Fix Pack 5 ... | E | |
| CVE-2008-5880 | admin/auth.php in Gobbl CMS 1.0 allows remote attackers to bypass authentication and gain administra... | E | |
| CVE-2008-5881 | Multiple directory traversal vulnerabilities in playSMS 0.9.3 allow remote attackers to include and ... | E | |
| CVE-2008-5882 | SQL injection vulnerability in login.asp in Citrix Application Gateway - Broadcast Server (BCS) befo... | S | |
| CVE-2008-5883 | Absolute path traversal vulnerability in front-end/dir.php in mini-pub 0.3 and earlier allows remote... | E | |
| CVE-2008-5884 | AyeView 2.20 allows user-assisted attackers to cause a denial of service (application crash) via a G... | E | |
| CVE-2008-5885 | The Net Guys ASPired2Quote stores sensitive information under the web root with insufficient access ... | E | |
| CVE-2008-5886 | TAKempis Discussion Web 4.0 stores sensitive information under the web root with insufficient access... | E | |
| CVE-2008-5887 | phplist before 2.10.8 allows remote attackers to include files via unknown vectors, related to a "lo... | | |
| CVE-2008-5888 | Multiple SQL injection vulnerabilities in Click&Rank allow remote attackers to execute arbitrary SQL... | E | |
| CVE-2008-5889 | Cross-site scripting (XSS) vulnerability in user.asp in Click&Rank allows remote attackers to inject... | E | |
| CVE-2008-5890 | SQL injection vulnerability in feeds.php in Injader before 2.1.2 allows remote attackers to execute ... | E S | |
| CVE-2008-5891 | Cross-site scripting (XSS) vulnerability in the profile editing functionality in Injader before 2.1.... | E S | |
| CVE-2008-5892 | Multiple SQL injection vulnerabilities in ClickAndEmail allow remote attackers to execute arbitrary ... | E | |
| CVE-2008-5893 | Cross-site scripting (XSS) vulnerability in admin_dblayers.asp in ClickAndEmail allows remote attack... | E | |
| CVE-2008-5894 | Directory traversal vulnerability in index.php in Mediatheka 4.2 allows remote attackers to include ... | E | |
| CVE-2008-5895 | SQL injection vulnerability in connection.php in Mediatheka 4.2 and earlier allows remote attackers ... | E | |
| CVE-2008-5896 | CodeAvalanche RateMySite stores sensitive information under the web root with insufficient access co... | E | |
| CVE-2008-5897 | CodeAvalanche FreeWallpaper stores sensitive information under the web root with insufficient access... | E | |
| CVE-2008-5898 | CodeAvalanche Directory stores sensitive information under the web root with insufficient access con... | E | |
| CVE-2008-5899 | CodeAvalanche FreeForAll stores sensitive information under the web root with insufficient access co... | E | |
| CVE-2008-5900 | CodeAvalanche Articles stores sensitive information under the web root with insufficient access cont... | E | |
| CVE-2008-5901 | iyzi Forum 1.0 beta 3 stores sensitive information under the web root with insufficient access contr... | E | |
| CVE-2008-5902 | Buffer overflow in the xrdp_bitmap_invalidate function in xrdp/xrdp_bitmap.c in xrdp 0.4.1 and earli... | E | |
| CVE-2008-5903 | Array index error in the xrdp_bitmap_def_proc function in xrdp/funcs.c in xrdp 0.4.1 and earlier all... | E | |
| CVE-2008-5904 | The rdp_rdp_process_color_pointer_pdu function in rdp/rdp_rdp.c in xrdp 0.4.1 and earlier allows rem... | E | |
| CVE-2008-5905 | The web interface plugin in KTorrent before 3.1.4 allows remote attackers to bypass intended access ... | | |
| CVE-2008-5906 | Eval injection vulnerability in the web interface plugin in KTorrent before 3.1.4 allows remote atta... | | |
| CVE-2008-5907 | The png_check_keyword function in pngwutil.c in libpng before 1.0.42, and 1.2.x before 1.2.34, might... | | |
| CVE-2008-5908 | Unspecified vulnerability in the root/boot archive tool in Sun OpenSolaris has unknown impact and lo... | | |
| CVE-2008-5909 | Unspecified vulnerability in conv_lpd in Sun OpenSolaris has unknown impact and local attack vectors... | | |
| CVE-2008-5910 | Unspecified vulnerability in txzonemgr in Sun OpenSolaris has unknown impact and local attack vector... | | |
| CVE-2008-5911 | Multiple buffer overflows in RealNetworks Helix Server and Helix Mobile Server 11.x before 11.1.8 an... | | |
| CVE-2008-5912 | An unspecified function in the JavaScript implementation in Microsoft Internet Explorer creates and ... | | |
| CVE-2008-5913 | The Math.random function in the JavaScript implementation in Mozilla Firefox 3.5.x before 3.5.10 and... | | |
| CVE-2008-5914 | An unspecified function in the JavaScript implementation in Apple Safari creates and exposes a "temp... | | |
| CVE-2008-5915 | An unspecified function in the JavaScript implementation in Google Chrome creates and exposes a "tem... | | |
| CVE-2008-5916 | gitweb/gitweb.perl in gitweb in Git 1.6.x before 1.6.0.6, 1.5.6.x before 1.5.6.6, 1.5.5.x before 1.5... | | |
| CVE-2008-5917 | Cross-site scripting (XSS) vulnerability in the XSS filter (framework/Text_Filter/Filter/xss.php) in... | E | |
| CVE-2008-5918 | Cross-site scripting (XSS) vulnerability in the getParameterisedSelfUrl function in index.php in Web... | E S | |
| CVE-2008-5919 | Directory traversal vulnerability in rss.php in WebSVN 2.0 and earlier, when magic_quotes_gpc is dis... | E S | |
| CVE-2008-5920 | The create_anchors function in utils.inc in WebSVN 1.x allows remote attackers to execute arbitrary ... | E | |
| CVE-2008-5921 | SQL injection vulnerability in albums.php in Umer Inc Songs Portal allows remote attackers to execut... | E | |
| CVE-2008-5922 | Multiple PHP remote file inclusion vulnerabilities in themes/default/index.php in Cant Find A Gaming... | E | |
| CVE-2008-5923 | SQL injection vulnerability in default.asp in ASP-DEv XM Events Diary allows remote attackers to exe... | E | |
| CVE-2008-5924 | SQL injection vulnerability in diary_viewC.asp in ASP-DEv XM Events Diary allows remote attackers to... | | |
| CVE-2008-5925 | ASP-DEv XM Events Diary stores sensitive information under the web root with insufficient access con... | E | |
| CVE-2008-5926 | Multiple SQL injection vulnerabilities in login.asp in ASP-DEv Internal E-Mail System allow remote a... | E | |
| CVE-2008-5927 | Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPNews 0.0.6 allow remote atta... | E | |
| CVE-2008-5928 | SQL injection vulnerability in redir.php in Free Links Directory Script (FLDS) 1.2a allows remote at... | E | |
| CVE-2008-5929 | VP-ASP Shopping Cart 6.50 stores sensitive information under the web root with insufficient access c... | E | |
| CVE-2008-5930 | SQL injection vulnerability in admin/blog_comments.asp in The Net Guys ASPired2Blog allows remote at... | E | |
| CVE-2008-5931 | The Net Guys ASPired2Blog stores sensitive information under the web root with insufficient access c... | E | |
| CVE-2008-5932 | CodeAvalanche FreeForum stores sensitive information under the web root with insufficient access con... | E | |
| CVE-2008-5933 | Multiple cross-site scripting (XSS) vulnerabilities in index.php in CMS ISWEB 3.0 allow remote attac... | E | |
| CVE-2008-5934 | SQL injection vulnerability in index.php in CMS ISWEB 3.0 allows remote attackers to execute arbitra... | E | |
| CVE-2008-5935 | Facto stores sensitive information under the web root with insufficient access control, which allows... | | |
| CVE-2008-5936 | front-end/edit.php in mini-pub 0.3 and earlier allows remote attackers to read files and obtain PHP ... | E | |
| CVE-2008-5937 | AyeView 2.20 allows user-assisted attackers to cause a denial of service (memory consumption or appl... | E | |
| CVE-2008-5938 | PHP remote file inclusion vulnerability in assets/snippets/reflect/snippet.reflect.php in MODx CMS 0... | E | |
| CVE-2008-5939 | Cross-site scripting (XSS) vulnerability in index.php in MODx CMS 0.9.6.2 and earlier allows remote ... | E | |
| CVE-2008-5940 | SQL injection vulnerability in index.php in MODx 0.9.6.2 and earlier, when magic_quotes_gpc is disab... | S | |
| CVE-2008-5941 | Cross-site request forgery (CSRF) vulnerability in MODx 0.9.6.1p2 and earlier allows remote attacker... | | |
| CVE-2008-5942 | Multiple cross-site scripting (XSS) vulnerabilities in MODx before 0.9.6.3 allow remote attackers to... | | |
| CVE-2008-5943 | Multiple directory traversal vulnerabilities in NavBoard 16 (2.6.0) allow remote attackers to includ... | E | |
| CVE-2008-5944 | Cross-site scripting (XSS) vulnerability in modules.php in NavBoard 16 (2.6.0) allows remote attacke... | E | |
| CVE-2008-5945 | Nukeviet 2.0 Beta allows remote attackers to bypass authentication and gain administrative access by... | E | |
| CVE-2008-5946 | SQL injection vulnerability in readmore.php in PHP-Fusion 4.01 allows remote attackers to execute ar... | E | |
| CVE-2008-5947 | PHP remote file inclusion vulnerability in include/class_yapbbcooker.php in YapBB 1.2.Beta 2 allows ... | E | |
| CVE-2008-5948 | Directory traversal vulnerability in index.php in BNCwi 1.04 and earlier allows remote attackers to ... | E | |
| CVE-2008-5949 | Multiple PHP remote file inclusion vulnerabilities in ccTiddly 1.7.4 and 1.7.6 allow remote attacker... | E | |
| CVE-2008-5950 | SQL injection vulnerability in media/media_level.asp in ASP Template Creature allows remote attacker... | E | |
| CVE-2008-5951 | ASP Template Creature stores sensitive information under the web root with insufficient access contr... | E | |
| CVE-2008-5952 | SQL injection vulnerability in KTP Computer Customer Database (KTPCCD) CMS, when magic_quotes_gpc is... | E | |
| CVE-2008-5953 | Directory traversal vulnerability in KTP Computer Customer Database (KTPCCD) CMS, when magic_quotes_... | E | |
| CVE-2008-5954 | SQL injection vulnerability in KTP Computer Customer Database (KTPCCD) CMS, when magic_quotes_gpc is... | | |
| CVE-2008-5955 | SQL injection vulnerability in show.php in Wbstreet (aka PHPSTREET Webboard) 1.0 allows remote attac... | E | |
| CVE-2008-5956 | Wbstreet (aka PHPSTREET Webboard) 1.0 stores sensitive information under the web root with insuffici... | E | |
| CVE-2008-5957 | SQL injection vulnerability in the Mydyngallery (com_mydyngallery) component 1.4.2 for Joomla! allow... | E | |
| CVE-2008-5958 | Multiple SQL injection vulnerabilities in Active Test 2.1 allow remote attackers to execute arbitrar... | E | |
| CVE-2008-5959 | Multiple SQL injection vulnerabilities in start.asp in Active Test 2.1 allow remote attackers to exe... | E | |
| CVE-2008-5960 | SQL injection vulnerability in index.php in Tribiq CMS Community 5.0.10B and 5.0.11E allows remote a... | | |
| CVE-2008-5961 | Cross-site scripting (XSS) vulnerability in index.php in Tribiq CMS Community 5.0.10B and 5.0.11E al... | | |
| CVE-2008-5962 | Directory traversal vulnerability in library/setup/rpc.php in Gravity Getting Things Done (GTD) 0.4.... | E | |
| CVE-2008-5963 | Eval injection vulnerability in library/setup/rpc.php in Gravity Getting Things Done (GTD) 0.4.5 and... | E | |
| CVE-2008-5964 | Session fixation vulnerability in Social ImpressCMS before 1.1.1 RC1 allows remote attackers to hija... | | |
| CVE-2008-5965 | Directory traversal vulnerability in index.php in LokiCMS 0.3.4 and earlier, when magic_quotes_gpc i... | E | |
| CVE-2008-5966 | globsy_edit.php in Globsy 1.0 and earlier allows remote attackers to create or overwrite arbitrary f... | E | |
| CVE-2008-5967 | admin/index.php in PHP iCalendar 2.3.4, 2.24, and earlier does not require administrative authentica... | E | |
| CVE-2008-5968 | Directory traversal vulnerability in print.php in PHP iCalendar 2.24 and earlier allows remote attac... | E | |
| CVE-2008-5969 | SQL injection vulnerability in popupproduct.php in Sunbyte e-Flower allows remote attackers to execu... | E | |
| CVE-2008-5970 | SQL injection vulnerability in profile_social.php in i-Net Solution Orkut Clone allows remote authen... | E | |
| CVE-2008-5971 | Cross-site scripting (XSS) vulnerability in profile_social.php in i-Net Solution Orkut Clone allows ... | E | |
| CVE-2008-5972 | SQL injection vulnerability in default.asp in Active Business Directory 2 allows remote attackers to... | E | |
| CVE-2008-5973 | SQL injection vulnerability in login.aspx in Active Web Mail 4.0 allows remote attackers to execute ... | E | |
| CVE-2008-5974 | Multiple SQL injection vulnerabilities in login.aspx in Active Price Comparison 4.0 allow remote att... | E | |
| CVE-2008-5975 | SQL injection vulnerability in links.asp in Active Price Comparison 4.0 allows remote attackers to e... | E | |
| CVE-2008-5976 | Multiple cross-site scripting (XSS) vulnerabilities in siteadmin/forgot.php in PHP JOBWEBSITE PRO al... | E | |
| CVE-2008-5977 | SQL injection vulnerability in siteadmin/forgot.php in PHP JOBWEBSITE PRO allows remote attackers to... | E | |
| CVE-2008-5978 | Multiple SQL injection vulnerabilities in Ocean12 Mailing List Manager Gold allow remote attackers t... | E | |
| CVE-2008-5979 | Cross-site scripting (XSS) vulnerability in default.asp in Ocean12 Mailing List Manager Gold allows ... | E | |
| CVE-2008-5980 | Ocean12 Mailing List Manager Gold stores sensitive data under the web root with insufficient access ... | E | |
| CVE-2008-5981 | PacPoll 4.0 stores sensitive information under the web root with insufficient access control, which ... | E | |
| CVE-2008-5982 | Format string vulnerability in BMC PATROL Agent before 3.7.30 allows remote attackers to execute arb... | | |
| CVE-2008-5983 | Untrusted search path vulnerability in the PySys_SetArgv API function in Python 2.6 and earlier, and... | | |
| CVE-2008-5984 | Untrusted search path vulnerability in the Python plugin in Dia 0.96.1, and possibly other versions,... | | |
| CVE-2008-5985 | Untrusted search path vulnerability in the Python interface in Epiphany 2.22.3, and possibly other v... | | |
| CVE-2008-5986 | Untrusted search path vulnerability in the (1) "VST plugin with Python scripting" and (2) "VST plugi... | | |
| CVE-2008-5987 | Untrusted search path vulnerability in the Python interface in Eye of GNOME (eog) 2.22.3, and possib... | | |
| CVE-2008-5988 | SQL injection vulnerability in scripts/recruit_details.php in Jadu CMS for Government allows remote ... | E | |
| CVE-2008-5989 | Directory traversal vulnerability in defs.php in PHPcounter 1.3.2 and earlier, when magic_quotes_gpc... | E | |
| CVE-2008-5990 | Directory traversal vulnerability in connect/init.inc in emergecolab 1.0 allows remote attackers to ... | E | |
| CVE-2008-5991 | Directory traversal vulnerability in docs.php in MailWatch for MailScanner 1.0.4 and earlier allows ... | E | |
| CVE-2008-5992 | Multiple SQL injection vulnerabilities in Jetik Emlak Sistem A (ESA) 2.0 allow remote attackers to e... | E | |
| CVE-2008-5993 | Directory traversal vulnerability in image.php in Barcode Generator 1D (barcodegen) 2.0.0 and earlie... | E | |
| CVE-2008-5994 | Cross-site scripting (XSS) vulnerability in index.php in Check Point Connectra NGX R62 HFA_01 allows... | | |
| CVE-2008-5995 | Cross-site scripting (XSS) vulnerability in the freeCap CAPTCHA (sr_freecap) extension before 1.0.4 ... | S | |
| CVE-2008-5996 | Cross-site scripting (XSS) vulnerability in the Simplenews module 5.x before 5.x-1.5 and 6.x before ... | S | |
| CVE-2008-5997 | Absolute path traversal vulnerability in admin/fileKontrola/browser.asp in Omnicom Content Platform ... | E | |
| CVE-2008-5998 | Multiple SQL injection vulnerabilities in the ajax_checklist_save function in the Ajax Checklist mod... | E S | |
| CVE-2008-5999 | Cross-site scripting (XSS) vulnerability in the Ajax Checklist module 5.x before 5.x-1.1 for Drupal ... | S |