CVE-2008-6xxx

There are 1000 CVE in this subgroup.
Last updated: 
← Back to 2008
ID Summary Flags Max Score
CVE-2008-6000 The GDTdiIcpt.sys driver in G DATA AntiVirus 2008, InternetSecurity 2008, and TotalCare 2008 populat...
E
CVE-2008-6001 index.php in ADN Forum 1.0b and earlier allows remote attackers to bypass authentication and gain sy...
E
CVE-2008-6002 Absolute path traversal vulnerability in sendfile.php in web-cp 0.5.7, when register_globals is enab...
E
CVE-2008-6003 SQL injection vulnerability in sellers_othersitem.php in AJ Auction Pro Platinum 2 allows remote att...
E
CVE-2008-6004 Cross-site scripting (XSS) vulnerability in search.php in AJ Auction Pro Platinum 2 allows remote at...
E
CVE-2008-6005 Multiple buffer overflows in the CheckUniqueName function in W3C Amaya Web Browser 10.0.1, and possi...
E
CVE-2008-6006 Multiple PHP remote file inclusion vulnerabilities in Micronation Banking System (minba) 1.5.0 allow...
E
CVE-2008-6007 SQL injection vulnerability in view_group.php in QuidaScript BookMarks Favourites Script (APB) allow...
E
CVE-2008-6008 hyBook Guestbook Script stores sensitive information under the web root with insufficient access con...
CVE-2008-6009 SG Real Estate Portal 2.0 allows remote attackers to bypass authentication and gain administrative a...
E
CVE-2008-6010 Multiple directory traversal vulnerabilities in SG Real Estate Portal 2.0 allow remote attackers to ...
E
CVE-2008-6011 SQL injection vulnerability in index.php in SG Real Estate Portal 2.0 allows remote attackers to exe...
E
CVE-2008-6012 Directory traversal vulnerability in index.php in Pritlog 0.4 and earlier, when magic_quotes_gpc is ...
E S
CVE-2008-6013 Multiple SQL injection vulnerabilities in Freeway before 1.4.3.210 allow remote attackers to execute...
CVE-2008-6014 SQL injection vulnerability in scripts/links.php in Rianxosencabos CMS 0.9 allows remote attackers t...
E
CVE-2008-6015 Multiple SQL injection vulnerabilities in search.php in EsFaq 2.0 allow remote attackers to execute ...
CVE-2008-6016 SQL injection vulnerability in questions.php in EsFaq 2.0 allows remote attackers to execute arbitra...
CVE-2008-6017 SQL injection vulnerability in messages.php in I-Rater Basic allows remote attackers to execute arbi...
E
CVE-2008-6018 Directory traversal vulnerability in index.php in MyPHPSite, when magic_quotes_gpc is disabled, allo...
E
CVE-2008-6019 SQL injection vulnerability in index.php in EACOMM DO-CMS 3.0 allows remote attackers to execute arb...
E
CVE-2008-6020 SQL injection vulnerability in the Views module 6.x before 6.x-2.2 for Drupal allows remote attacker...
S
CVE-2008-6021 Multiple unspecified vulnerabilities in Attachmate Reflection for Secure IT UNIX Client and Server b...
S
CVE-2008-6022 PHP remote file inclusion vulnerability in includes/todofleetcontrol.php in an older version of Xnov...
E
CVE-2008-6023 PHP remote file inclusion vulnerability in includes/todofleetcontrol.php in a newer version of Xnova...
E
CVE-2008-6024 Unspecified vulnerability in the NFSv4 client module in the kernel on Sun Solaris 10 and OpenSolaris...
S
CVE-2008-6025 Directory traversal vulnerability in scr/form.php in openElec 3.01 and earlier allows remote attacke...
E
CVE-2008-6026 SQL injection vulnerability in tienda.php in BlueCUBE CMS allows remote attackers to execute arbitra...
E
CVE-2008-6027 Multiple cross-site scripting (XSS) vulnerabilities in index.php in BLUEPAGE CMS 2.5 and earlier all...
E
CVE-2008-6028 SQL injection vulnerability in list.php in University of Queensland Library Fez 1.3 and 2.0 RC1 allo...
E
CVE-2008-6029 SQL injection vulnerability in search.php in BuzzyWall 1.3.1 and earlier, when magic_quotes_gpc is d...
E
CVE-2008-6030 Multiple SQL injection vulnerabilities in NetArtMedia Jobs Portal 1.3 allow remote attackers to exec...
E
CVE-2008-6031 SQL injection vulnerability in vote.php in WSN Links 2.22 and 2.23 allows remote attackers to execut...
E
CVE-2008-6032 SQL injection vulnerability in comments.php in WSN Links Free 4.0.34P allows remote attackers to exe...
E
CVE-2008-6033 SQL injection vulnerability in comments.php in WSN Links 2.20 allows remote attackers to execute arb...
E
CVE-2008-6034 Cross-site scripting (XSS) vulnerability in dispatch.php in Achievo 1.3.2 allows remote attackers to...
CVE-2008-6035 Cross-site scripting (XSS) vulnerability in dispatch.php in Achievo 1.3.2-STABLE allows remote attac...
E
CVE-2008-6036 PHP remote file inclusion vulnerability in main.inc.php in BaseBuilder 2.0.1 and earlier allows remo...
E
CVE-2008-6037 SQL injection vulnerability in view.php in AvailScript Article Script allows remote attackers to exe...
E
CVE-2008-6038 SQL injection vulnerability in index.php in MapCal 0.1 allows remote attackers to execute arbitrary ...
E
CVE-2008-6039 Session fixation vulnerability in BLUEPAGE CMS 2.5 and earlier allows remote attackers to hijack web...
E
CVE-2008-6040 SQL injection vulnerability in index.php in Arcadem Pro 2.700 through 2.802 allows remote attackers ...
E S
CVE-2008-6041 Multiple cross-site scripting (XSS) vulnerabilities in Index.asp in Dataspade 1.0 allow remote attac...
CVE-2008-6042 SQL injection vulnerability in the re_search module in NetArtMedia Real Estate Portal 2.0 allows rem...
E
CVE-2008-6043 Multiple SQL injection vulnerabilities in PHP Pro Bid (PPB) 6.04 allow remote attackers to execute a...
E
CVE-2008-6044 Cross-site scripting (XSS) vulnerability in advanced_search_result.php in xt:Commerce 3.0.4 and earl...
E
CVE-2008-6045 Session fixation vulnerability in shopping_cart.php in xt:Commerce 3.0.4 and earlier allows remote a...
E
CVE-2008-6046 SQL injection vulnerability in ADbNewsSender before 1.5.2 allows remote attackers to execute arbitra...
CVE-2008-6047 Cross-site scripting (XSS) vulnerability in ADbNewsSender before 1.5.2 allows remote attackers to in...
CVE-2008-6048 Multiple cross-site request forgery (CSRF) vulnerabilities in TangoCMS before 2.2.0 allow remote att...
CVE-2008-6049 Rejected reason: SQL injection vulnerability in index.php in TinyMCE 2.0.1 allows remote attackers t...
R
CVE-2008-6050 SQL injection vulnerability in the Tech Articles (com_tech_article) 1.0 component for Joomla! allows...
E
CVE-2008-6051 MetaCart Free stores metacart.mdb under the web root with insufficient access control, which allows ...
CVE-2008-6052 PreProjects Pre E-Learning Portal stores db_elearning.mdb under the web root with insufficient acces...
E
CVE-2008-6053 PreProjects Pre Resume Submitter stores onlineresume.mdb under the web root with insufficient access...
E
CVE-2008-6054 PreProjects Pre Courier and Cargo Business stores dbcourior.mdb under the web root with insufficient...
E
CVE-2008-6055 PreProjects Pre Classified Listings stores pclasp.mdb under the web root with insufficient access co...
E
CVE-2008-6056 Multiple cross-site scripting (XSS) vulnerabilities in World Recipe 2.11 allow remote attackers to i...
CVE-2008-6057 Doug Luxem Liberum Help Desk 0.97.3 stores db/helpdesk2000.mdb under the web root with insufficient ...
E
CVE-2008-6058 Syslserve 1.058 and earlier, and probably 1.059, allows remote attackers to cause a denial of servic...
CVE-2008-6059 xml/XMLHttpRequest.cpp in WebCore in WebKit before r38566 does not properly restrict access from web...
CVE-2008-6060 Cross-site scripting (XSS) vulnerability in ActionScript in arbitrary Shockwave Flash (SWF) files cr...
CVE-2008-6061 Cross-site scripting (XSS) vulnerability in ActionScript in arbitrary Shockwave Flash (SWF) controll...
E
CVE-2008-6062 Cross-site scripting (XSS) vulnerability in ActionScript in arbitrary Shockwave Flash (SWF) files cr...
S
CVE-2008-6063 Microsoft Word 2007, when the "Save as PDF" add-on is enabled, places an absolute pathname in the Su...
CVE-2008-6064 Multiple SQL injection vulnerabilities in DomPHP 0.81 allow remote attackers to execute arbitrary SQ...
E
CVE-2008-6065 Oracle Database Server 10.1, 10.2, and 11g grants directory WRITE permissions for arbitrary pathname...
CVE-2008-6066 Multiple PHP remote file inclusion vulnerabilities in Meet#Web 0.8 allow remote attackers to execute...
E
CVE-2008-6067 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-5838. Reason: This candida...
R
CVE-2008-6068 SQL injection vulnerability in the JoomlaDate (com_joomladate) component 1.2 for Joomla! allows remo...
E
CVE-2008-6069 SQL injection vulnerability in e107chat.php in the eChat plugin 4.2 for e107, when magic_quotes_gpc ...
CVE-2008-6070 Multiple heap-based buffer underflows in the ReadPALMImage function in coders/palm.c in GraphicsMagi...
CVE-2008-6071 Heap-based buffer overflow in the DecodeImage function in coders/pict.c in GraphicsMagick before 1.1...
CVE-2008-6072 Multiple unspecified vulnerabilities in GraphicsMagick before 1.1.14, and 1.2.x before 1.2.3, allow ...
S
CVE-2008-6073 StorageCrypt 2.0.1 does not properly encrypt disks, which allows local users to obtain sensitive inf...
CVE-2008-6074 Directory traversal vulnerability in frame.php in phpcrs 2.06 and earlier, when magic_quotes_gpc is ...
E
CVE-2008-6075 SQL injection vulnerability in aspkat.asp in Bahar Download Script 2.0 allows remote attackers to ex...
E
CVE-2008-6076 SQL injection vulnerability in the Daily Message (com_dailymessage) 1.0.3 component for Joomla! allo...
E
CVE-2008-6077 SQL injection vulnerability in loudblog/ajax.php in LoudBlog 0.8.0a and earlier allows remote authen...
E
CVE-2008-6078 SQL injection vulnerability in open.php in the Private Messaging (com_privmsg) component for Limbo C...
E
CVE-2008-6079 imlib2 before 1.4.2 allows context-dependent attackers to have an unspecified impact via a crafted (...
CVE-2008-6080 Directory traversal vulnerability in download.php in the ionFiles (com_ionfiles) 4.4.2 component for...
E
CVE-2008-6081 SQL injection vulnerability in contact.php in Simple Customer 1.2 allows remote attackers to execute...
E
CVE-2008-6082 Titan FTP Server 6.26 build 630 allows remote attackers to cause a denial of service (CPU consumptio...
E
CVE-2008-6083 Directory traversal vulnerability in header.php in TXTshop beta 1.0 allows remote attackers to inclu...
E
CVE-2008-6084 Unrestricted file upload vulnerability in pages/download.php in Iamma Simple Gallery 1.0 and 2.0 all...
E
CVE-2008-6085 Integer overflow in multiple F-Secure anti-virus products, including Internet Security 2006 through ...
S
CVE-2008-6086 SQL injection vulnerability in album.php in Camera Life 2.6.2b4 allows remote attackers to execute a...
E
CVE-2008-6087 Cross-site scripting (XSS) vulnerability in topic.php in Camera Life 2.6.2b4 allows remote attackers...
E
CVE-2008-6088 SQL injection vulnerability in the Joomtracker (com_joomtracker) 1.01 module for Joomla! allows remo...
E
CVE-2008-6089 Directory traversal vulnerability in main.php in ScriptsEz Easy Image Downloader allows remote attac...
E
CVE-2008-6090 Directory traversal vulnerability in members.php in ScriptsEz Mini Hosting Panel allows remote attac...
E
CVE-2008-6091 SQL injection vulnerability in plugins.php in BMForum 5.6, when magic_quotes_gpc is disabled, allows...
E
CVE-2008-6092 phpscripts Ranking Script allows remote attackers to bypass authentication and gain administrative a...
E
CVE-2008-6093 SQL injection vulnerability in index.php in Noname CMS 1.0, when magic_quotes_gpc is disabled, allow...
E
CVE-2008-6094 Cross-site scripting (XSS) vulnerability in user.do in Celoxis Technologies Celoxis allows remote at...
E
CVE-2008-6095 Cross-site scripting (XSS) vulnerability in surveillanceView.htm in OpenNMS 1.5.94 allows remote att...
E
CVE-2008-6096 Cross-site scripting (XSS) vulnerability in Juniper NetScreen ScreenOS before 5.4r10, 6.0r6, and 6.1...
CVE-2008-6097 Multiple cross-site scripting (XSS) vulnerabilities in WikyBlog before 1.7.1 allow remote attackers ...
E
CVE-2008-6098 Bugzilla 3.2 before 3.2 RC2, 3.0 before 3.0.6, 2.22 before 2.22.6, 2.20 before 2.20.7, and other ver...
CVE-2008-6099 PHP remote file inclusion vulnerability in index.php in RPortal 1.1 and earlier allows remote attack...
E
CVE-2008-6100 Multiple SQL injection vulnerabilities in Discussion Forums 2k 3.3, when magic_quotes_gpc is disable...
E
CVE-2008-6101 SQL injection vulnerability in click.php in Adult Banner Exchange Website allows remote attackers to...
E
CVE-2008-6102 SQL injection vulnerability in ratelink.php in Link Trader Script allows remote attackers to execute...
E
CVE-2008-6103 PHP remote file inclusion vulnerability in index.php in A4Desk Event Calendar, when magic_quotes_gpc...
E
CVE-2008-6104 SQL injection vulnerability in A4Desk PHP Event Calendar allows remote attackers to execute arbitrar...
E
CVE-2008-6105 Cross-site scripting (XSS) vulnerability in IBM Workplace for Business Controls and Reporting 2.x an...
CVE-2008-6106 Cross-site request forgery (CSRF) vulnerability in IBM Workplace for Business Controls and Reporting...
CVE-2008-6107 The (1) sys32_mremap function in arch/sparc64/kernel/sys_sparc32.c, the (2) sparc_mmap_check functio...
CVE-2008-6108 Cross-site scripting (XSS) vulnerability in result.php in Galatolo WebManager (GWM) 1.0 allows remot...
E
CVE-2008-6109 Robin Rawson-Tetley Animal Shelter Manager (ASM) before 2.2.2 does not properly enforce the privileg...
CVE-2008-6110 Unspecified vulnerability in SemanticScuttle before 0.90 has unknown impact and attack vectors relat...
CVE-2008-6111 SQL injection vulnerability in blog.php in NetArt Media Vlog System 1.1 allows remote attackers to e...
E
CVE-2008-6112 Multiple directory traversal vulnerabilities in Ez Ringtone Manager allow remote attackers to read a...
E
CVE-2008-6113 Cross-site scripting (XSS) vulnerability in SemanticScuttle before 0.90 allows remote attackers to i...
S
CVE-2008-6114 SQL injection vulnerability in product_details.php in the Mytipper Zogo-shop 1.15.4 plugin for e107 ...
E
CVE-2008-6115 SQL injection vulnerability in directory.php in Prozilla Hosting Index allows remote attackers to ex...
E
CVE-2008-6116 SQL injection vulnerability in the EXtrovert Software Thyme (com_thyme) 1.0 component for Joomla! al...
E
CVE-2008-6117 SQL injection vulnerability in homepage.php in PG Job Site Pro allows remote attackers to execute ar...
E
CVE-2008-6118 win/content/upload.php in Goople CMS 1.7 allows remote attackers to bypass authentication and gain a...
E
CVE-2008-6119 Static code injection vulnerability in gooplecms/admin/account/action/editpass.php in Goople CMS 1.7...
CVE-2008-6120 SQL injection vulnerability in profile_comments.php in SocialEngine (SE) 2.7 and earlier allows remo...
CVE-2008-6121 CRLF injection vulnerability in SocialEngine (SE) 2.7 and earlier allows remote attackers to inject ...
CVE-2008-6122 The web management interface in Netgear WGR614v9 allows remote attackers to cause a denial of servic...
E
CVE-2008-6123 The netsnmp_udp_fmtaddr function (snmplib/snmpUDPDomain.c) in net-snmp 5.0.9 through 5.4.2.1, when u...
E S
CVE-2008-6124 SQL injection vulnerability in the hotpot_delete_selected_attempts function in report.php in the Hot...
E S
CVE-2008-6125 Unspecified vulnerability in the user editing interface in Moodle 1.5.x, 1.6 before 1.6.6, and 1.7 b...
S
CVE-2008-6126 Multiple directory traversal vulnerabilities in moziloCMS 1.10.2 and earlier allow remote attackers ...
S
CVE-2008-6127 Multiple cross-site scripting (XSS) vulnerabilities in moziloCMS 1.10.2 and earlier allow remote att...
S
CVE-2008-6128 Session fixation vulnerability in moziloCMS 1.10.2 and earlier allows remote attackers to hijack web...
CVE-2008-6129 Directory traversal vulnerability in print.php in moziloWiki 1.0.1 and earlier allows remote attacke...
S
CVE-2008-6130 Cross-site scripting (XSS) vulnerability in index.php in moziloWiki 1.0.1 and earlier allows remote ...
CVE-2008-6131 Session fixation vulnerability in moziloWiki 1.0.1 and earlier allows remote attackers to hijack web...
CVE-2008-6132 Eval injection vulnerability in reserve.php in phpScheduleIt 1.2.10 and earlier, when magic_quotes_g...
E
CVE-2008-6133 SQL injection vulnerability in arsaprint.php in Full PHP Emlak Script allows remote attackers to exe...
E
CVE-2008-6134 SQL injection vulnerability in EveryBlog 5.x and 6.x, a module for Drupal, allows remote attackers t...
CVE-2008-6135 Cross-site scripting (XSS) vulnerability in EveryBlog 5.x and 6.x, a module for Drupal, allows remot...
CVE-2008-6136 Unspecified vulnerability in EveryBlog 5.x and 6.x, a module for Drupal, allows remote attackers to ...
CVE-2008-6137 EveryBlog 5.x and 6.x, a module for Drupal, allows remote attackers to bypass access restrictions vi...
CVE-2008-6138 PHP remote file inclusion vulnerability in adminhead.php in WebBiscuits Modules Controller 1.1 and e...
E
CVE-2008-6139 Directory traversal vulnerability in faqsupport/wce.download.php in WebBiscuits Modules Controller 1...
E
CVE-2008-6140 Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Avaya one-X Des...
CVE-2008-6141 Unspecified vulnerability in Avaya IP Softphone 6.0 SP4 and 6.01.85 allows remote attackers to cause...
CVE-2008-6142 Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPic 0.0.4 and FlexPHPic Pro 0...
E
CVE-2008-6143 OwenPoll 1.0 allows remote attackers to bypass authentication and obtain administrative access via a...
E
CVE-2008-6144 Multiple cross-site scripting (XSS) vulnerabilities in the WEC Discussion Forum (wec_discussion) ext...
S
CVE-2008-6145 Multiple SQL injection vulnerabilities in the WEC Discussion Forum (wec_discussion) extension 1.7.0 ...
S
CVE-2008-6146 SQL injection vulnerability in pm.php in DeluxeBB 1.2 and earlier, when magic_quotes_gpc is disabled...
E
CVE-2008-6147 ForumApp 3.3 stores sensitive information under the web root with insufficient access control, which...
E
CVE-2008-6148 SQL injection vulnerability in the Live Ticker (com_liveticker) module 1.0 for Joomla! allows remote...
E
CVE-2008-6149 SQL injection vulnerability in the mDigg (com_mdigg) component 2.2.8 for Joomla! allows remote attac...
E
CVE-2008-6150 SQL injection vulnerability in classdis.asp in SepCity Classified Ads allows remote attackers to exe...
E
CVE-2008-6151 SQL injection vulnerability in shpdetails.asp in SepCity Shopping Mall allows remote attackers to ex...
E
CVE-2008-6152 SQL injection vulnerability in deptdisplay.asp in SepCity Faculty Portal allows remote attackers to ...
E
CVE-2008-6153 SQL injection vulnerability in Photo.asp in Jay Patel Pixel8 Web Photo Album 3.0 allows remote attac...
E
CVE-2008-6154 SQL injection vulnerability in index.php in Hispah Text Links Ads 1.1 allows remote attackers to exe...
E
CVE-2008-6155 SQL injection vulnerability in index.php in Hispah Text Links Ads 1.1 allows remote attackers to exe...
CVE-2008-6156 SQL injection vulnerability in editCampaign.php in AdMan 1.1.20070907 allows remote authenticated us...
E
CVE-2008-6157 SepCity Classified Ads stores the admin password in cleartext in data/classifieds.mdb, which allows ...
E
CVE-2008-6158 Multiple unspecified vulnerabilities in the admin backend in w3b>cms (aka w3blabor CMS) before 3.2.0...
CVE-2008-6159 Content Management Made Easy (CMME) 1.19 allows remote attackers to obtain system information via a ...
E
CVE-2008-6160 Semantically-Interconnected Online Communities (SIOC) 5.x before 5.x-1.2 and 6.x before 6.x-1.1, a m...
S
CVE-2008-6161 Cross-site scripting (XSS) vulnerability in WOW Raid Manager (WRM) before 3.5.1 allows remote attack...
S
CVE-2008-6162 Bux.to Clone script allows remote attackers to bypass authentication and gain administrative access ...
E
CVE-2008-6163 SQL injection vulnerability in www/delivery/ac.php in OpenX 2.6.1 allows remote attackers to execute...
E S
CVE-2008-6164 Cross-site scripting (XSS) vulnerability in index.php in DreamCost HostAdmin 3.1.1 allows remote att...
E
CVE-2008-6165 SQL injection vulnerability in gestion.php in CSPartner 0.1, when magic_quotes_gpc is disabled, allo...
E
CVE-2008-6166 SQL injection vulnerability in the KBase (com_kbase) 1.2 component for Joomla! allows remote attacke...
E
CVE-2008-6167 Directory traversal vulnerability in search.php in miniPortail 2.2 and earlier allows remote attacke...
E
CVE-2008-6168 Cross-site scripting (XSS) vulnerability in search.php in miniPortail 2.2 and earlier allows remote ...
E
CVE-2008-6169 Cross-site request forgery (CSRF) vulnerability in the Localization client 5.x before 5.x-1.1 and 6....
S
CVE-2008-6170 Cross-site scripting (XSS) vulnerability in Drupal 5.x before 5.12 and 6.x before 6.6 allows remote ...
S
CVE-2008-6171 includes/bootstrap.inc in Drupal 5.x before 5.12 and 6.x before 6.6, when the server is configured f...
S
CVE-2008-6172 Directory traversal vulnerability in captcha/captcha_image.php in the RWCards (com_rwcards) 3.0.11 c...
E
CVE-2008-6173 Cross-site scripting (XSS) vulnerability in fullscreen.php in ClipShare Pro 4.0 allows remote attack...
E
CVE-2008-6174 Cross-site scripting (XSS) vulnerability in admin/postlister/index.php in Jetbox CMS 2.1 allows remo...
E
CVE-2008-6175 SilverSHielD 1.0.2.34 allows remote attackers to cause a denial of service (application crash) via a...
E
CVE-2008-6176 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-6171. Reason: This candida...
R
CVE-2008-6177 Multiple directory traversal vulnerabilities in LightBlog 9.8, when magic_quotes_gpc is disabled, al...
E
CVE-2008-6178 Unrestricted file upload vulnerability in editor/filemanager/browser/default/connectors/php/connecto...
E
CVE-2008-6179 SQL injection vulnerability in sug_cat.php in IndexScript 3.0 allows remote attackers to execute arb...
E
CVE-2008-6180 SQL injection vulnerability in system/nlb_user.class.php in NewLife Blogger 3.0 and earlier, and pos...
E
CVE-2008-6181 SQL injection vulnerability in the Mad4Joomla Mailforms (com_mad4joomla) component before 1.1.8.2 fo...
E
CVE-2008-6182 SQL injection vulnerability in the Ignite Gallery (com_ignitegallery) component 0.8.0 through 0.8.3 ...
E
CVE-2008-6183 Multiple directory traversal vulnerabilities in index.php in My PHP Indexer 1.0 allow remote attacke...
E
CVE-2008-6184 SQL injection vulnerability in the OwnBiblio (com_ownbiblio) component 1.5.3 for Joomla! allows remo...
E
CVE-2008-6185 NoticeWare Email Server NG 5.1.2.2 allows remote attackers to cause a denial of service (crash) via ...
E
CVE-2008-6186 Stack-based buffer overflow in RaidenFTPD 2.4 build 3620 allows remote authenticated users to cause ...
E
CVE-2008-6187 SQL injection vulnerability in frs/shownotes.php in Gforge 4.5.19 and earlier allows remote attacker...
E
CVE-2008-6188 SQL injection vulnerability in people/editprofile.php in Gforge 4.6 rc1 and earlier allows remote at...
E
CVE-2008-6189 SQL injection vulnerability in GForge 4.5.19 allows remote attackers to execute arbitrary SQL comman...
E
CVE-2008-6190 Cross-site scripting (XSS) vulnerability in index.php in EEBCMS 0.95 allows remote attackers to inje...
E
CVE-2008-6191 Conductor.exe in Intrinsic Swimage Encore before 5.0.1.21 contains a hardcoded password, which might...
CVE-2008-6192 Multiple cross-site scripting (XSS) vulnerabilities in unspecified Portlets in Sun Java System Porta...
S
CVE-2008-6193 Sam Crew MyBlog stores passwords in cleartext in a MySQL database, which allows context-dependent at...
E
CVE-2008-6194 Memory leak in the DNS server in Microsoft Windows allows remote attackers to cause a denial of serv...
CVE-2008-6195 Directory traversal vulnerability in the PXE TFTP Service (PXEMTFTP.exe) in LANDesk Management Suite...
S
CVE-2008-6196 Multiple PHP remote file inclusion vulnerabilities in Philippe CROCHAT EasySite 2.0 allow remote att...
E
CVE-2008-6197 SQL injection vulnerability in index.php in the galerie module for KwsPHP 1.3.456 allows remote atta...
E
CVE-2008-6198 SQL injection vulnerability in pages.php in Custom Pages 1.0 plugin for MyBulletinBoard (MyBB) allow...
E
CVE-2008-6199 2532designs 2532|Gigs 1.2.2 and earlier allows remote attackers to trigger a backup and obtain sensi...
E
CVE-2008-6200 Multiple cross-site scripting (XSS) vulnerabilities in Swiki 1.5 allow remote attackers to inject ar...
E
CVE-2008-6201 Directory traversal vulnerability in help.php in the eskuel module in KwsPHP 1.3.456, as available b...
E
CVE-2008-6202 SQL injection vulnerability in CoBaLT 1.0 allows remote attackers to execute arbitrary SQL commands ...
E
CVE-2008-6203 SQL injection vulnerability in adminler.asp in CoBaLT 2.0 allows remote attackers to execute arbitra...
E
CVE-2008-6204 Multiple SQL injection vulnerabilities in SuperNET Shop 1.0 and earlier allow remote attackers to ex...
E
CVE-2008-6205 Cross-site scripting (XSS) vulnerability in seeurl.php in Xavier Flahaut URLStreet 1.0 allows remote...
E
CVE-2008-6206 Multiple PHP remote file inclusion vulnerabilities in RobotStats 0.1 allow remote attackers to execu...
E
CVE-2008-6207 Unrestricted file upload vulnerability in form_upload.php in PHPG Upload 1.0 allows remote authentic...
CVE-2008-6208 Cross-site scripting (XSS) vulnerability in submitnews.php in e107 CMS 0.7.11 allows remote attacker...
CVE-2008-6209 SQL injection vulnerability in view_product.php in Vastal I-Tech Software Zone allows remote attacke...
E
CVE-2008-6210 SQL injection vulnerability in index.php in dream4 Koobi 4.4 and 5.4 allows remote attackers to exec...
E
CVE-2008-6211 Multiple cross-site scripting (XSS) vulnerabilities in PhpForums.net mcGallery 1.1 allow remote atta...
E
CVE-2008-6212 Cross-site scripting (XSS) vulnerability in admin.php in Php-Stats 0.1.9.1 allows remote attackers t...
E
CVE-2008-6213 SQL injection vulnerability in mypage.php in Harlandscripts Pro Traffic One allows remote attackers ...
E
CVE-2008-6214 SQL injection vulnerability in poll_results.php in Harlandscripts Pro Traffic One allows remote atta...
E
CVE-2008-6215 Cross-site scripting (XSS) vulnerability in cadena_ofertas_ext.php in Venalsur Booking Centre Bookin...
E
CVE-2008-6216 SQL injection vulnerability in cadena_ofertas_ext.php in Venalsur Booking Centre Booking System for ...
E
CVE-2008-6217 Cross-site scripting (XSS) vulnerability in index.php in Extrakt Framework 0.7 allows remote attacke...
E
CVE-2008-6218 Memory leak in the png_handle_tEXt function in pngrutil.c in libpng before 1.2.33 rc02 and 1.4.0 bet...
S
CVE-2008-6219 nsrexecd.exe in multiple EMC Networker products including EMC NetWorker Server, Storage Node, and Cl...
CVE-2008-6220 SQL injection vulnerability in login.php in Simple Document Management System (SDMS) 1.1.5 and 1.1.4...
E
CVE-2008-6221 PHP remote file inclusion vulnerability in config.dadamail.php in the Dada Mail Manager (com_dadamai...
E
CVE-2008-6222 Directory traversal vulnerability in the Pro Desk Support Center (com_pro_desk) component 1.0 and 1....
E
CVE-2008-6223 PHP remote file inclusion vulnerability in visualizza.php in Way Of The Warrior (WOTW) 5.0 and earli...
E
CVE-2008-6224 Directory traversal vulnerability in visualizza.php in Way Of The Warrior (WOTW) 5.0 and earlier all...
E
CVE-2008-6225 SQL injection vulnerability in info.php in Mole Group Airline Ticket Sale Script allows remote attac...
E
CVE-2008-6226 SQL injection vulnerability in moreinfo.php in Pre Projects PHP Auto Listings Script, when magic_quo...
E
CVE-2008-6227 SQL injection vulnerability in buyer_detail.php in Pre Multi-Vendor Shopping Malls allows remote att...
E
CVE-2008-6228 Pre Multi-Vendor Shopping Malls allows remote attackers to bypass authentication and gain administra...
E
CVE-2008-6229 Cross-site scripting (XSS) vulnerability in the administrative interface in Drupal Content Construct...
S
CVE-2008-6230 SQL injection vulnerability in Tour.php in Pre Projects Pre Podcast Portal allows remote attackers t...
E
CVE-2008-6231 Pre Classified Listing PHP allows remote attackers to bypass authentication and gain administrative ...
E
CVE-2008-6232 Pre Shopping Mall allows remote attackers to bypass authentication and gain administrative access by...
E
CVE-2008-6233 SQL injection vulnerability in index.php in Five Dollar Scripts Drinks script allows remote attacker...
E
CVE-2008-6234 SQL injection vulnerability in the com_musica module in Joomla! and Mambo allows remote attackers to...
E
CVE-2008-6235 The Netrw plugin (netrw.vim) in Vim 7.0 and 7.1 allows user-assisted attackers to execute arbitrary ...
E S
CVE-2008-6236 SQL injection vulnerability in login.php in Simple Document Management System (SDMS) 1.1.5 and 1.1.4...
E
CVE-2008-6237 SQL injection vulnerability in software-description.php in Scripts For Sites (SFS) Hotscripts-like S...
E
CVE-2008-6238 Cross-site scripting (XSS) vulnerability in archive/savedqueries/savequeryfinish.html in OpenEdit Di...
CVE-2008-6239 Cross-site request forgery (CSRF) vulnerability in OpenEdit Digital Asset Management (DAM) before 5....
CVE-2008-6240 Cross-site scripting (XSS) vulnerability in data/views/index.html in OpenEdit Digital Asset Manageme...
CVE-2008-6241 Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPSite 0.0.1 and 0.0.7, when m...
E
CVE-2008-6242 SQL injection vulnerability in SearchResults.php in Scripts For Sites (SFS) EZ e-store allows remote...
E
CVE-2008-6243 SQL injection vulnerability in showcategory.php in Scripts For Sites (SFS) Hotscripts-like Site allo...
E
CVE-2008-6244 SQL injection vulnerability in view_reviews.php in Scripts for Sites (SFS) EZ Gaming Cheats allows r...
E
CVE-2008-6245 SQL injection vulnerability in track.php in Scripts For Sites (SFS) EZ BIZ PRO allows remote attacke...
E
CVE-2008-6246 SQL injection vulnerability in category.php in Scripts For Sites (SFS) EZ Webring allows remote atta...
E
CVE-2008-6247 SQL injection vulnerability in topsite.php in Scripts For Sites (SFS) EZ Top Sites allows remote att...
E
CVE-2008-6248 Cross-site scripting (XSS) vulnerability in all.php in Galatolo WebManager 1.3a and earlier allows r...
E
CVE-2008-6249 SQL injection vulnerability in plugins/users/index.php in Galatolo WebManager 1.3a and earlier allow...
E
CVE-2008-6250 SQL injection vulnerability in Comdev Web Blogger 4.1.3 and earlier allows remote attackers to execu...
E
CVE-2008-6251 PHP remote file inclusion vulnerability in includes/init.php in phpFan 3.3.4 allows remote attackers...
E S
CVE-2008-6252 Stack-based buffer overflow in the smc program in smcFanControl 2.1.2 allows local users to execute ...
E S
CVE-2008-6253 Directory traversal vulnerability in data/inc/lib/pcltar.lib.php in Pluck 4.5.3, when register_globa...
E
CVE-2008-6254 SQL injection vulnerability in scripts/documents.php in Jadu Galaxies allows remote attackers to exe...
E
CVE-2008-6255 Multiple SQL injection vulnerabilities in vBulletin 3.7.4 allow remote authenticated administrators ...
CVE-2008-6256 SQL injection vulnerability in admincp/admincalendar.php in vBulletin 3.7.3.pl1 allows remote authen...
E
CVE-2008-6257 SQL injection vulnerability in default.asp in Openasp 3.0 and earlier allows remote attackers to exe...
E
CVE-2008-6258 SQL injection vulnerability in users.asp in QuadComm Q-Shop 3.0, and possibly earlier, allows remote...
E
CVE-2008-6259 Cross-site scripting (XSS) vulnerability in search.asp in QuadComm Q-Shop 3.0, and possibly earlier,...
E
CVE-2008-6260 SQL injection vulnerability in index.php in Ultrastats 0.2.144 and 0.3.11 allows remote attackers to...
E
CVE-2008-6261 SQL injection vulnerability in view.php in E-topbiz AdManager 4 allows remote attackers to execute a...
E
CVE-2008-6262 SQL injection vulnerability in lib/url/meta_url.php in SaturnCMS allows remote attackers to execute ...
CVE-2008-6263 SQL injection vulnerability in lib/user/t_user.php in SaturnCMS allows remote attackers to execute a...
E
CVE-2008-6264 SQL injection vulnerability in admin/admin.php in E-topbiz Slide Popups 1.0 allows remote attackers ...
E
CVE-2008-6265 Directory traversal vulnerability in portfolio/css.php in Cyberfolio 7.12.2 and earlier allows remot...
E
CVE-2008-6266 SQL injection vulnerability in links.php in Appalachian State University phpWebSite allows remote at...
E
CVE-2008-6267 Cross-site scripting (XSS) vulnerability in detail.php in Multi Languages WebShop Online 1.02 allows...
E
CVE-2008-6268 SQL injection vulnerability in detail.php in WEBBDOMAIN Multi Languages WebShop Online 1.02 allows r...
E
CVE-2008-6269 Joovili 3.1.4 allows remote attackers to bypass authentication and gain privileges as other users, i...
E
CVE-2008-6270 SQL injection vulnerability in admin/index.php in Dragan Mitic Apoll 0.7 beta and 0.7.5 allows remot...
E
CVE-2008-6271 Directory traversal vulnerability in index.php in TBmnetCMS 1.0, when magic_quotes_gpc is disabled, ...
E
CVE-2008-6272 SQL injection vulnerability in admin/index.php in Dragan Mitic Apoll 0.7 beta and 0.7.5 allows remot...
E
CVE-2008-6273 Directory traversal vulnerability in configuration_script.php in MyKtools 3.0 allows remote authenti...
CVE-2008-6274 Multiple SQL injection vulnerabilities in index.php in FamilyProject 2.0 allow remote attackers to e...
E
CVE-2008-6275 Cross-site scripting (XSS) vulnerability in the User Karma module 5.x before 5.x-1.13 and 6.x before...
S
CVE-2008-6276 Multiple SQL injection vulnerabilities in the User Karma module 5.x before 5.x-1.13 and 6.x before 6...
S
CVE-2008-6277 SQL injection vulnerability in product.php in RakhiSoftware Price Comparison Script (aka Shopping Ca...
E
CVE-2008-6278 Multiple cross-site scripting (XSS) vulnerabilities in product.php in RakhiSoftware Price Comparison...
E
CVE-2008-6279 RakhiSoftware Price Comparison Script (aka Shopping Cart) allows remote attackers to obtain sensitiv...
E
CVE-2008-6280 Cross-site scripting (XSS) vulnerability in apply.cgi on the Linksys WRT160N allows remote attackers...
E
CVE-2008-6281 SQL injection vulnerability in index.php in Bluo CMS 1.2 allows remote attackers to execute arbitrar...
E
CVE-2008-6282 SQL injection vulnerability in engine/users/users_edit_pub.inc in CMS Ortus 1.13 and earlier allows ...
E S
CVE-2008-6283 Cross-site scripting (XSS) vulnerability in Subtext 2.0 allows remote attackers to inject arbitrary ...
S
CVE-2008-6284 SQL injection vulnerability in edit.php in Z1Exchange 1.0 allows remote attackers to execute arbitra...
E
CVE-2008-6285 SQL injection vulnerability in index.php in PHP TV Portal 2.0 and earlier allows remote attackers to...
E
CVE-2008-6286 Multiple SQL injection vulnerabilities in SubscriberStart.asp in Active Newsletter 4.3 allow remote ...
E
CVE-2008-6287 Multiple PHP remote file inclusion vulnerabilities in Broadcast Machine 0.1 allow remote attackers t...
E
CVE-2008-6288 Directory traversal vulnerability in download.php in Interface Medien ibase 2.03 and earlier allows ...
E
CVE-2008-6289 SQL injection vulnerability in cityview.php in Tours Manager 1.0 allows remote attackers to execute ...
E
CVE-2008-6290 Directory traversal vulnerability in includefile.php in nicLOR Sito, when register_globals is enable...
E
CVE-2008-6291 Acc PHP eMail 1.1 allows remote attackers to bypass authentication and gain administrative access by...
E
CVE-2008-6292 Acc Autos 4.0 allows remote attackers to bypass authentication and gain administrative access by set...
E
CVE-2008-6293 admin/Index.php in Acc Real Estate 4.0 allows remote attackers to bypass authentication and gain adm...
E
CVE-2008-6294 admin/Index.php in Acc Statistics 1.1 allows remote attackers to bypass authentication and gain admi...
E
CVE-2008-6295 Multiple cross-site scripting (XSS) vulnerabilities in Camera Life 2.6.2b8 allow remote attackers to...
CVE-2008-6296 admin.php in Maran PHP Shop allows remote attackers to bypass authentication and gain administrative...
E
CVE-2008-6297 Cross-site scripting (XSS) vulnerability in order.php in DHCart allows remote attackers to inject ar...
E
CVE-2008-6298 Unspecified vulnerability in sISAPILocation before 1.0.2.2 allows remote attackers to bypass intende...
S
CVE-2008-6299 Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.5.7 and earlier allow remote authen...
S
CVE-2008-6300 Galatolo WebManager 1.3a allows remote attackers to bypass authentication and gain administrative ac...
E
CVE-2008-6301 SQL injection vulnerability in shoutbox_view.php in the Small ShoutBox module 1.4 for phpBB allows r...
E
CVE-2008-6302 TurnkeyForms Local Classifieds allows remote attackers to bypass authentication and gain administrat...
E
CVE-2008-6303 SQL injection vulnerability in tourview.php in ToursManager allows remote attackers to execute arbit...
E
CVE-2008-6304 SQL injection vulnerability in xt:Commerce before 3.0.4 Sp2.1, when magic_quotes_gpc is enabled and ...
S
CVE-2008-6305 PHP remote file inclusion vulnerability in init.php in Free Directory Script 1.1.1, when register_gl...
E
CVE-2008-6306 Cross-site scripting (XSS) vulnerability in signinform.php in Softbiz Classifieds Script allows remo...
E
CVE-2008-6307 E-topbiz Link Back Checker 1 allows remote attackers to bypass authentication and gain administrativ...
E
CVE-2008-6308 Multiple directory traversal vulnerabilities in Private Messaging System (PMS) 1.2.3 and earlier for...
E
CVE-2008-6309 SQL injection vulnerability in index.php in W3matter AskPert allows remote attackers to execute arbi...
E
CVE-2008-6310 SQL injection vulnerability in index.php in W3matter RevSense 1.0 allows remote attackers to execute...
E
CVE-2008-6311 SQL injection vulnerability in view.php in Butterfly Organizer 2.0.1 allows remote attackers to exec...
E
CVE-2008-6312 SQL injection vulnerability in index.php in ProQuiz 1.0 allows remote attackers to execute arbitrary...
E
CVE-2008-6313 Directory traversal vulnerability in addedit-render.php in phpAddEdit 1.3, when magic_quotes_gpc is ...
E
CVE-2008-6314 SQL injection vulnerability in tag_board.php in the Tag Board module 4.0 and earlier for phpBB allow...
E
CVE-2008-6315 PHP remote file inclusion vulnerability in _conf/core/common-tpl-vars.php in PHPmyGallery 1.0 beta2 ...
E
CVE-2008-6316 Directory traversal vulnerability in _conf/core/common-tpl-vars.php in PHPmyGallery 1.0 beta2 allows...
E
CVE-2008-6317 Directory traversal vulnerability in _conf/_php-core/common-tpl-vars.php in PHPmyGallery 1.5 beta al...
E
CVE-2008-6318 PHP remote file inclusion vulnerability in _conf/_php-core/common-tpl-vars.php in PHPmyGallery 1.5 b...
E
CVE-2008-6319 SQL injection vulnerability in calendarevent.cfm in CF_Calendar allows remote attackers to execute a...
E
CVE-2008-6320 SQL injection vulnerability in index.cfm in CF Shopkart 5.2.2 allows remote attackers to execute arb...
E
CVE-2008-6321 CF Shopkart 5.2.2 stores cfshopkart52.mdb under the web root with insufficient access control, which...
E
CVE-2008-6322 SQL injection vulnerability in index.cfm in CFMSource CFMBlog allows remote attackers to execute arb...
E
CVE-2008-6323 SQL injection vulnerability in forummessages.cfm in CFMSource CF_Auction allows remote attackers to ...
E
CVE-2008-6324 SQL injection vulnerability in forummessages.cfm in CF_Forum allows remote attackers to execute arbi...
E
CVE-2008-6325 Multiple cross-site scripting (XSS) vulnerabilities in Softbiz Classifieds Script allow remote attac...
E
CVE-2008-6326 SQL injection vulnerability in login.php in Simple Customer as downloaded on 20081118 allows remote ...
CVE-2008-6327 SQL injection vulnerability in index.php in ProQuiz 1.0 allows remote attackers to execute arbitrary...
E
CVE-2008-6328 SQL injection vulnerability in view.php in Butterfly Organizer 2.0.0 and 2.0.1 allows remote attacke...
E
CVE-2008-6329 SQL injection vulnerability in Employee/login.asp in Pre ASP Job Board allows remote attackers to ex...
E
CVE-2008-6330 SQL injection vulnerability in index.php in MyTopix 1.3.0 and earlier allows remote authenticated us...
E
CVE-2008-6331 Multiple cross-site request forgery (CSRF) vulnerabilities in Streber before 0.08093 allow remote at...
S
CVE-2008-6332 SQL injection vulnerability in login.php in Simple Customer 1.2 allows remote attackers to execute a...
E
CVE-2008-6333 SQL injection vulnerability in news.php in RSS Simple News (RSSSN), when magic_quotes_gpc is disable...
E
CVE-2008-6334 Directory traversal vulnerability in download.php in eMetrix Extract Website allows remote attackers...
E
CVE-2008-6335 Directory traversal vulnerability in download.php in eMetrix Online Keyword Research Tool allows rem...
E
CVE-2008-6336 Directory traversal vulnerability in download.php in Text Lines Rearrange Script 1.0, when register_...
E
CVE-2008-6337 SQL injection vulnerability in the Volunteer Management System (com_volunteer) module 2.0 for Joomla...
E
CVE-2008-6338 SQL injection vulnerability in the WEBERkommunal Facilities (wes_facilities) extension 2.0 for TYPO3...
S
CVE-2008-6339 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6339. Reason: This candida...
R
CVE-2008-6340 Cross-site scripting (XSS) vulnerability in the Vox populi (mv_vox_populi) extension 0.3.0 and earli...
S
CVE-2008-6341 Cross-site scripting (XSS) vulnerability in the SB Universal Plugin (SBuniplug) extension 2.0.1 and ...
CVE-2008-6342 Unspecified vulnerability in the TYPO3 Simple File Browser (simplefilebrowser) extension 1.0.2 and e...
S
CVE-2008-6343 Cross-site scripting (XSS) vulnerability in the TU-Clausthal ODIN (tuc_odin) extension 0.0.1, 0.1.0,...
S
CVE-2008-6344 SQL injection vulnerability in the TU-Clausthal Staff (tuc_staff) 0.3.0 and earlier extension for TY...
S
CVE-2008-6345 SQL injection vulnerability in Forum.php in SolarCMS 0.53.8 and 1.0 allows remote attackers to execu...
E
CVE-2008-6346 Cross-site scripting (XSS) vulnerability in the DR Wiki (dr_wiki) extension 1.7.1 and earlier for TY...
S
CVE-2008-6347 PHP remote file inclusion vulnerability in lib/onguma.class.php in the Onguma Time Sheet (com_onguma...
E
CVE-2008-6348 Multiple SQL injection vulnerabilities in DevelopItEasy Photo Gallery 1.2 allow remote attackers to ...
E
CVE-2008-6349 SQL injection vulnerability in survey_results_text.php in TurnkeyForms Business Survey Pro 1.0 allow...
E
CVE-2008-6350 SQL injection vulnerability in listtest.php in TurnkeyForms Local Classifieds allows remote attacker...
E
CVE-2008-6351 Cross-site scripting (XSS) vulnerability in listtest.php in TurnkeyForms Local Classifieds allows re...
E
CVE-2008-6352 SQL injection vulnerability in home.html in Xpoze Pro 4.10 allows remote attackers to execute arbitr...
E
CVE-2008-6353 SQL injection vulnerability in index.asp in ASP-CMS 1.0 allows remote attackers to execute arbitrary...
E
CVE-2008-6354 The Net Guys ASPired2poll stores sensitive information under the web root with insufficient access c...
E
CVE-2008-6355 The Net Guys ASPired2Protect stores sensitive information under the web root with insufficient acces...
E
CVE-2008-6356 evCal Events Calendar stores sensitive information under the web root with insufficient access contr...
E
CVE-2008-6357 MyCal Personal Events Calendar stores sensitive information under the web root with insufficient acc...
E
CVE-2008-6358 SQL injection vulnerability in group_index.php in Social Groupie allows remote attackers to execute ...
E
CVE-2008-6359 Cross-site scripting (XSS) vulnerability in index.php in Max's Guestbook allows remote attackers to ...
E
CVE-2008-6360 Cross-site scripting (XSS) vulnerability in the userranks feature in modules/system/admin.php in Imp...
CVE-2008-6361 Directory traversal vulnerability in index.php in InSun Feed CMS 1.7.3 19Beta allows remote attacker...
E
CVE-2008-6362 SQL injection vulnerability in sitepage.php in Multiple Membership Script 2.5 allows remote attacker...
E
CVE-2008-6363 Stack-based buffer overflow in DesignWorks Professional 4.3.1 and 5.0.7 allows remote attackers to e...
E
CVE-2008-6364 SQL injection vulnerability in logon_process.jsp in Ad Server Solutions Banner Exchange Solution Jav...
E
CVE-2008-6365 SQL injection vulnerability in logon.jsp in Ad Server Solutions Ad Management Software Java allows r...
E
CVE-2008-6366 SQL injection vulnerability in logon.jsp in Ad Server Solutions Affiliate Software Java 4.0 allows r...
E
CVE-2008-6367 Unrestricted file upload vulnerability in Photos/create_album.php in Social Groupie allows remote au...
E
CVE-2008-6368 SQL injection vulnerability in index.php in Chipmunk Guestbook 1.4m allows remote attackers to execu...
E
CVE-2008-6369 SQL injection vulnerability in default.asp in Ocean12 Contact Manager Pro 1.02 allows remote attacke...
E
CVE-2008-6370 Cross-site scripting (XSS) vulnerability in default.asp in Ocean12 Contact Manager Pro 1.02 allows r...
E
CVE-2008-6371 SQL injection vulnerability in login.asp in Ocean12 Membership Manager Pro allows remote attackers t...
E
CVE-2008-6372 SQL injection vulnerability in default.asp in Ocean12 FAQ Manager Pro 1.0 allows remote attackers to...
E
CVE-2008-6373 Unspecified vulnerability in Nagios before 3.0.6 has unspecified impact and remote attack vectors re...
S
CVE-2008-6374 CodefixerSoftware MailingListPro Free Edition stores sensitive information under the web root with i...
E
CVE-2008-6375 JBook stores sensitive information under the web root with insufficient access control, which allows...
E
CVE-2008-6376 SQL injection vulnerability in main.asp in Jbook allows remote attackers to execute arbitrary SQL co...
E
CVE-2008-6377 PHP remote file inclusion vulnerability in include/global.php in Multi SEO phpBB 1.1.0 allows remote...
E
CVE-2008-6378 SQL injection vulnerability in calendar_Eventupdate.asp in Calendar Mx Professional 2.0.0 allows rem...
E
CVE-2008-6379 SQL injection vulnerability in pics_pre.asp in Gallery MX 2.0.0 allows remote attackers to execute a...
E
CVE-2008-6380 SQL injection vulnerability in default.aspx in Active Web Helpdesk 2.0 allows remote attackers to ex...
E
CVE-2008-6381 SQL injection vulnerability in modules/adresses/viewcat.php in bcoos 1.0.13, and possibly earlier, a...
E
CVE-2008-6382 ASP Portal 3.2.5 stores sensitive information under the web root with insufficient access control, w...
E
CVE-2008-6383 SQL injection vulnerability in SpeedTech Organization and Resource Manager (Storm) 5.x before 5.x-1....
S
CVE-2008-6384 Multiple cross-site request forgery (CSRF) vulnerabilities in Comment Mail 5.x before 5.x-1.1, a mod...
S
CVE-2008-6385 Cross-site scripting (XSS) vulnerability in index.php in W3matter RevSense 1.0 allows remote attacke...
E
CVE-2008-6386 Cross-site scripting (XSS) vulnerability in showads.php in Z1Exchange 1.0 allows remote attackers to...
E
CVE-2008-6387 Quick Tree View .NET 3.1 stores sensitive information under the web root with insufficient access co...
E
CVE-2008-6388 Rapid Classified 3.1 and 3.15 stores sensitive information under the web root with insufficient acce...
E
CVE-2008-6389 SQL injection vulnerability in asadmin/default.asp in Rae Media Contact Management Software SOHO, St...
E
CVE-2008-6390 SQL injection vulnerability in login.asp in Ocean12 Membership Manager Pro allows remote attackers t...
E
CVE-2008-6391 SQL injection vulnerability in main.asp in Jbook allows remote attackers to execute arbitrary SQL co...
CVE-2008-6392 SQL injection vulnerability in showads.php in Z1Exchange allows remote attackers to execute arbitrar...
E
CVE-2008-6393 PSI Jabber client before 0.12.1 allows remote attackers to cause a denial of service (crash) and pos...
E S
CVE-2008-6394 SQL injection vulnerability in core/user.php in CS-Cart 1.3.5 and earlier allows remote attackers to...
E
CVE-2008-6395 The web management interface in 3Com Wireless 8760 Dual Radio 11a/b/g PoE Access Point allows remote...
CVE-2008-6396 Cross-site scripting (XSS) vulnerability in account.php in Celerondude Uploader 6.1 allows remote at...
E
CVE-2008-6397 rlatex in AlcoveBook sgml2x 1.0.0 allows local users to overwrite arbitrary files via a symlink atta...
CVE-2008-6398 sng_regress in SNG 1.0.2 allows local users to overwrite arbitrary files via a symlink attack on the...
E
CVE-2008-6399 Unspecified vulnerability in DotNetNuke 4.5.2 through 4.9 allows remote attackers to "add additional...
CVE-2008-6400 Cross-site scripting (XSS) vulnerability in refbase before 0.9.5 allows remote attackers to inject a...
S
CVE-2008-6401 SQL injection vulnerability in sayfa.php in JETIK-WEB allows remote attackers to execute arbitrary S...
E
CVE-2008-6402 PHP remote file inclusion vulnerability in hu/modules/reg-new/modstart.php in Sofi WebGui 0.6.3 PRE ...
E
CVE-2008-6403 PHP remote file inclusion vulnerability in themes/default/include/html/insert.inc.php in OpenRat 0.8...
E
CVE-2008-6404 Cross-site scripting (XSS) vulnerability in add_calendars.php in eXtrovert Software Thyme 1.3 allows...
E
CVE-2008-6405 SQL injection vulnerability in showcategory.php in Hotscripts Clone allows remote attackers to execu...
E
CVE-2008-6406 Cross-site scripting (XSS) vulnerability in admin.php in DataLife Engine (DLE) 7.2 allows remote att...
E
CVE-2008-6407 Directory traversal vulnerability in frame.php in ol'bookmarks manager 0.7.5 allows remote attackers...
E
CVE-2008-6408 PHP remote file inclusion vulnerability in frame.php in ol'bookmarks manager 0.7.5 allows remote att...
E
CVE-2008-6409 SQL injection vulnerability in index.php in ol'bookmarks manager 0.7.5 allows remote attackers to ex...
E
CVE-2008-6410 Directory traversal vulnerability in show.php in ol'bookmarks manager 0.7.5 and earlier allows remot...
E
CVE-2008-6411 Explay CMS 2.1 and earlier allows remote attackers to bypass authentication and gain administrative ...
E
CVE-2008-6412 Unspecified vulnerability in Vignette Content Management 7.3.0.5, 7.3.1, 7.3.1.1, 7.4, and 7.5 allow...
S
CVE-2008-6413 Cross-site scripting (XSS) vulnerability in the Answers module 5.x-1.x-dev and possibly other 5.x ve...
CVE-2008-6414 SQL injection vulnerability in detail.php in AJ Auction Pro Platinum Skin 2 allows remote attackers ...
E
CVE-2008-6415 Buffer overflow in YoungZSoft CCProxy 6.5 might allow remote attackers to execute arbitrary code via...
CVE-2008-6416 Multiple cross-site scripting (XSS) vulnerabilities in GreenSQL-Console before 0.3.5 allow remote at...
S
CVE-2008-6417 Unspecified vulnerability in GreenSQL-Console before 0.3.5 allows attackers to obtain the "installat...
CVE-2008-6418 SQL injection vulnerability in scrape.php in TorrentTrader before 2008-05-13 allows remote attackers...
E S
CVE-2008-6419 Multiple SQL injection vulnerabilities in Social Site Generator (SSG) 2.0 allow remote attackers to ...
E
CVE-2008-6420 Social Site Generator (SSG) 2.0 allows remote attackers to read arbitrary files via the file paramet...
E
CVE-2008-6421 PHP remote file inclusion vulnerability in social_game_play.php in Social Site Generator (SSG) 2.0 a...
E
CVE-2008-6422 Multiple SQL injection vulnerabilities in PsychoStats 2.3, 2.3.1, and 2.3.3 allow remote attackers t...
E
CVE-2008-6423 Directory traversal vulnerability in passwiki.php in PassWiki 0.9.16 RC3 and earlier allows remote a...
E
CVE-2008-6424 Directory traversal vulnerability in FFFTP 1.96b allows remote FTP servers to create or overwrite ar...
E
CVE-2008-6425 SQL injection vulnerability in news.php in ComicShout 2.8 allows remote attackers to execute arbitra...
E
CVE-2008-6426 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6426. Reason: This candida...
R
CVE-2008-6427 SQL injection vulnerability in index.php in Hivemaker Professional 1.0.2 and earlier, when magic_quo...
E
CVE-2008-6428 The CGI framework in Kaya 0.4.0 allows remote attackers to inject arbitrary HTTP headers and conduct...
CVE-2008-6429 SQL injection vulnerability in the PrayerCenter (com_prayercenter) component 1.4.9 and earlier for J...
E
CVE-2008-6430 SQL injection vulnerability in the MyContent (com_mycontent) component 1.1.13 for Joomla! allows rem...
E
CVE-2008-6431 Multiple cross-site scripting (XSS) vulnerabilities in BMForum 5.6 allow remote attackers to inject ...
E
CVE-2008-6432 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6432. Reason: This candida...
R
CVE-2008-6433 Cross-site scripting (XSS) vulnerability in index.cfm in Blue River Interactive Group Sava CMS befor...
CVE-2008-6434 SQL injection vulnerability in index.cfm in Blue River Interactive Group Sava CMS before 5.0.122 all...
CVE-2008-6435 Multiple cross-site scripting (XSS) vulnerabilities in phpSQLiteCMS 1 RC2 allow remote attackers to ...
E
CVE-2008-6436 Cross-site scripting (XSS) vulnerability in the Web Server in Xerox WorkCentre 7132, 7228, 7235, and...
S
CVE-2008-6437 Multiple cross-site scripting (XSS) vulnerabilities in PHPFreeForum 1.0 RC2 and earlier allow remote...
E
CVE-2008-6438 SQL injection vulnerability in macgurublog_menu/macgurublog.php in the MacGuru BLOG Engine plugin 2....
E
CVE-2008-6439 Cross-site scripting (XSS) vulnerability in search_results.php in ABK-Soft AbleDating 2.4 allows rem...
E
CVE-2008-6440 Cerberus Helpdesk before 4.0 (Build 600) allows remote attackers to obtain sensitive information via...
CVE-2008-6441 Format string vulnerability in the Epic Games Unreal engine client, as used in multiple games, allow...
E
CVE-2008-6442 Insecure method vulnerability in Sina Inc. DLoader Class ActiveX Control allows remote attackers to ...
E
CVE-2008-6443 SQL injection vulnerability in forum_duzen.php in phpKF allows remote attackers to execute arbitrary...
E
CVE-2008-6444 Stack-based buffer overflow in CSTransfer.dll in Baidu Hi IM might allow remote attackers to execute...
CVE-2008-6445 Unspecified vulnerability in YourPlace before 1.0.1 has unknown impact and attack vectors, possibly ...
S
CVE-2008-6446 Static code injection vulnerability in the Guestbook component in CMS MAXSITE allows remote attacker...
E
CVE-2008-6447 Buffer overflow in emmailstore.dll 6.5.0.3 in the QuikSoft EasyMail MailStore ActiveX control allows...
E
CVE-2008-6448 Cross-site scripting (XSS) vulnerability in install.cgi in SKYARC System MTCMS WYSIWYG Editor allows...
CVE-2008-6449 Cross-site request forgery (CSRF) vulnerability in multiple Century Systems routers including XR-410...
CVE-2008-6450 Cross-site scripting (XSS) vulnerability in Under Construction, Baby (UCB) PC2M 0.9.22.4 and earlier...
CVE-2008-6451 SQL injection vulnerability in humor.php in jPORTAL 2 allows remote attackers to execute arbitrary S...
E
CVE-2008-6452 SQL injection vulnerability in show_vote.php in Oceandir 2.9 and earlier allows remote attackers to ...
E
CVE-2008-6453 Directory traversal vulnerability in section.php in 6rbScript 3.3, when magic_quotes_gpc is disabled...
E
CVE-2008-6454 SQL injection vulnerability in section.php in 6rbScript 3.3 allows remote attackers to execute arbit...
E
CVE-2008-6455 Session fixation vulnerability in Edikon phpShop 0.8.1 allows remote attackers to hijack web session...
CVE-2008-6456 SQL injection vulnerability in the HBook (h_book) extension 2.3.0 and earlier for TYPO3 allows remot...
CVE-2008-6457 SQL injection vulnerability in the Swigmore institute (cgswigmore) extension before 0.1.2 for TYPO3 ...
S
CVE-2008-6458 SQL injection vulnerability in the FE address edit for tt_address & direct mail (dmaddredit) extensi...
CVE-2008-6459 SQL injection vulnerability in the auto BE User Registration (autobeuser) extension 0.0.2 and earlie...
CVE-2008-6460 SQL injection vulnerability in the Simple Random Objects (mw_random_objects) extension 1.0.3 and ear...
CVE-2008-6461 SQL injection vulnerability in the Random Prayer 2 (ste_prayer2) extension before 0.0.3 for TYPO3 al...
S
CVE-2008-6462 SQL injection vulnerability in the My quiz and poll (myquizpoll) extension before 0.1.4 for TYPO3 al...
S
CVE-2008-6463 SQL injection vulnerability in the Diocese of Portsmouth Church Search (pd_churchsearch) extension b...
S
CVE-2008-6464 SQL injection vulnerability in event.php in Mevin Productions Basic PHP Events Lister 1.0 allows rem...
E S
CVE-2008-6465 Multiple cross-site scripting (XSS) vulnerabilities in login.php in webshell4 in Parallels H-Sphere ...
E
CVE-2008-6466 SQL injection vulnerability in image_gallery.php in the Akira Powered Image Gallery (image_gallery) ...
E
CVE-2008-6467 SQL injection vulnerability in jobs/jobseekers/job-info.php in Diesel Job Site allows remote attacke...
E
CVE-2008-6468 SQL injection vulnerability in index.php in Diesel Pay allows remote attackers to execute arbitrary ...
E
CVE-2008-6469 SQL injection vulnerability in index.php in PlainCart 1.1.2 allows remote attackers to execute arbit...
E
CVE-2008-6470 Multiple unspecified vulnerabilities in ClanSphere before 2008.2.1 allow remote attackers to obtain ...
S
CVE-2008-6471 SQL injection vulnerability in detail.php in MountainGrafix easyLink 1.1.0 allows remote attackers t...
E
CVE-2008-6472 The WLCCP dissector in Wireshark 0.99.7 through 1.0.4 allows remote attackers to cause a denial of s...
S
CVE-2008-6473 _blogadata/include/init_pass2.php in Blogator-script 0.95 allows remote attackers to change the pass...
E
CVE-2008-6474 The management interface in F5 BIG-IP 9.4.3 allows remote authenticated users with Resource Manager ...
CVE-2008-6475 SQL injection vulnerability in the guestbook component (components/guestbook/guestbook.php) in Drake...
E
CVE-2008-6476 Cross-site scripting (XSS) vulnerability in blog/search.aspx in BlogEngine.NET allows remote attacke...
E
CVE-2008-6477 SQL injection vulnerability in Mumbo Jumbo Media OP4 allows remote attackers to execute arbitrary SQ...
E
CVE-2008-6478 Cross-site request forgery (CSRF) vulnerability in the file manager in the VZPP web interface for Pa...
E
CVE-2008-6479 Cross-site request forgery (CSRF) vulnerability in the "change password" feature in the VZPP web int...
E
CVE-2008-6480 Cross-site request forgery (CSRF) vulnerability in engine/modules/imagepreview.php in Datalife Engin...
CVE-2008-6481 SQL injection vulnerability in the Versioning component (com_versioning) 1.0.2 in Joomla! and Mambo ...
E
CVE-2008-6482 PHP remote file inclusion vulnerability in admin.treeg.php in the Flash Tree Gallery (com_treeg) com...
E
CVE-2008-6483 PHP remote file inclusion vulnerability in admin.googlebase.php in the Ecom Solutions VirtueMart Goo...
E
CVE-2008-6484 SQL injection vulnerability in login.php in Mole Group Taxi Map Script (aka Taxi Calc Dist Script) a...
E
CVE-2008-6485 SQL injection vulnerability in index.php in SoftComplex PHP Image Gallery allows remote attackers to...
E
CVE-2008-6486 PHP remote file inclusion vulnerability in slideshow_uploadvideo.content.php in SharedLog, when regi...
CVE-2008-6487 Multiple SQL injection vulnerabilities in login.asp in Digiappz DigiAffiliate 1.4 and earlier allow ...
E
CVE-2008-6488 SQL injection vulnerability in index.php in SoftComplex PHP Image Gallery 1.0 allows remote attacker...
E
CVE-2008-6489 SQL injection vulnerability in MyAlbum component (com_myalbum) 1.0 for Joomla! allows remote attacke...
E
CVE-2008-6490 function/update_xml.php in FLABER 1.1 and earlier allows remote attackers to overwrite arbitrary fil...
E
CVE-2008-6491 PHP remote file inclusion vulnerability in connexion.php in PHPGKit 0.9 allows remote attackers to e...
E
CVE-2008-6492 Unrestricted file upload vulnerability in process.php in Tizag Countdown Creator 3 allows remote att...
E
CVE-2008-6493 Easy Content Management Publishing stores sensitive information under the web root with insufficient...
E
CVE-2008-6494 ASP User Engine.NET stores sensitive information under the web root with insufficient access control...
E
CVE-2008-6495 Cross-site scripting (XSS) vulnerability in index.php in Fritz Berger yet another php photo album - ...
E
CVE-2008-6496 Insecure method vulnerability in the VSPDFEditorX.VSPDFEdit ActiveX control in VSPDFEditorX.ocx 1.0....
E
CVE-2008-6497 The Neostrada Livebox ADSL Router allows remote attackers to cause a denial of service (network outa...
E
CVE-2008-6498 Cross-site request forgery (CSRF) vulnerability in security/xamppsecurity.php in XAMPP 1.6.8 allows ...
E
CVE-2008-6499 security/xamppsecurity.php in XAMPP 1.6.8 performs an extract operation on the SERVER superglobal ar...
E
CVE-2008-6500 Cross-site scripting (XSS) vulnerability in CodeToad ASP Shopping Cart Script allows remote attacker...
E
CVE-2008-6501 Cross-site scripting (XSS) vulnerability in profiles/index.php in Pro Chat Rooms 3.0.2 allows remote...
E
CVE-2008-6502 Directory traversal vulnerability in Pro Chat Rooms 3.0.2 allows remote authenticated users to selec...
E
CVE-2008-6503 Multiple cross-site scripting (XSS) vulnerabilities in PrestaShop 1.1.0.3 allow remote attackers to ...
E
CVE-2008-6504 ParametersInterceptor in OpenSymphony XWork 2.0.x before 2.0.6 and 2.1.x before 2.1.2, as used in Ap...
E S
CVE-2008-6505 Multiple directory traversal vulnerabilities in Apache Struts 2.0.x before 2.0.12 and 2.1.x before 2...
CVE-2008-6506 Unspecified vulnerability in phpBB before 3.0.4 allows attackers to bypass intended access restricti...
CVE-2008-6507 Unspecified vulnerability in phpBB before 3.0.4 allows attackers to obtain sensitive information via...
CVE-2008-6508 Directory traversal vulnerability in the AuthCheck filter in the Admin Console in Openfire 3.6.0a an...
E S
CVE-2008-6509 SQL injection vulnerability in CallLogDAO in SIP Plugin in Openfire 3.6.0a and earlier allows remote...
E
CVE-2008-6510 Cross-site scripting (XSS) vulnerability in login.jsp in the Admin Console in Openfire 3.6.0a and ea...
E
CVE-2008-6511 Open redirect vulnerability in login.jsp in Openfire 3.6.0a and earlier allows remote attackers to r...
E
CVE-2008-6512 Cross-domain vulnerability in the WorkerPool API in Google Gears before 0.5.4.2 allows remote attack...
E
CVE-2008-6513 Unrestricted file upload vulnerability in saa.php in Andy's PHP Knowledgebase (aphpkb) 0.92.9 allows...
E S
CVE-2008-6514 The Expo plugin in Compiz Fusion 0.7.8 allows local users with physical access to drag the screen sa...
E S
CVE-2008-6515 Cross-site scripting (XSS) vulnerability in Fritz Berger yet another php photo album - next generati...
E
CVE-2008-6516 Multiple directory traversal vulnerabilities in phpKF-Portal 1.10 allow remote attackers to include ...
E
CVE-2008-6517 SQL injection vulnerability in NewsHOWLER 1.03 Beta allows remote attackers to execute arbitrary SQL...
E
CVE-2008-6518 Unrestricted file upload vulnerability in the profile feature in VidiScript allows registered remote...
E
CVE-2008-6519 Format string vulnerability in Xitami Web Server 2.2a through 2.5c2, and possibly other versions, al...
E
CVE-2008-6520 Multiple format string vulnerabilities in the SSI filter in Xitami Web Server 2.5c2, and possibly ot...
E
CVE-2008-6521 index.php in Terracotta (aka OpenTerracotta) 0.6.1 allows remote attackers to obtain sensitive infor...
CVE-2008-6522 Multiple directory traversal vulnerabilities in the RenderFile function in ContentRender.class.php i...
E
CVE-2008-6523 auth.php in openInvoice 0.90 beta and earlier allows remote attackers to bypass authentication and g...
E
CVE-2008-6524 resetpass.php in openInvoice 0.90 beta and earlier allows remote authenticated users to change the p...
E
CVE-2008-6525 SQL injection vulnerability in the Admin Panel in Nice PHP FAQ Script (Knowledge base Script) allows...
E
CVE-2008-6526 SQL injection vulnerability in index.php in BosDev BosClassifieds allows remote attackers to execute...
E
CVE-2008-6527 SQL injection vulnerability in forum.asp in GO4I.NET ASP Forum 1.0 allows remote attackers to execut...
E
CVE-2008-6528 NTFS TmaxSoft JEUS 5 before Fix 26 allows remote attackers to read the source code for scripts by ap...
E
CVE-2008-6529 Cross-site scripting (XSS) vulnerability in listtest.php in eZoneScripts Living Local 1.1 allows rem...
E
CVE-2008-6530 Unrestricted file upload vulnerability in editimage.php in eZoneScripts Living Local 1.1 allows remo...
E
CVE-2008-6531 The WebWork 1 web application framework in Atlassian JIRA before 3.13.2 allows remote attackers to i...
S
CVE-2008-6532 Multiple cross-site request forgery (CSRF) vulnerabilities in the update feature in Drupal 5.x befor...
S
CVE-2008-6533 Drupal 5.x before 5.13 and 6.x before 6.7 does not delete all related content when an input format i...
S
CVE-2008-6534 Incomplete blacklist vulnerability in NULL FTP Server Free and Pro 1.1.0.7 allows remote authenticat...
E
CVE-2008-6535 admin/settings.php in PayPal eStores allows remote attackers to bypass intended access restrictions ...
E
CVE-2008-6536 Unspecified vulnerability in 7-zip before 4.5.7 has unknown impact and remote attack vectors, as dem...
S
CVE-2008-6537 LightNEasy/lightneasy.php in LightNEasy No database version 1.2 allows remote attackers to obtain th...
E
CVE-2008-6538 DeStar 0.2.2-5 allows remote attackers to add arbitrary users via a direct request to config/add/Cfg...
E
CVE-2008-6539 Static code injection vulnerability in user/settings/ in DeStar 0.2.2-5 allows remote authenticated ...
E
CVE-2008-6540 DotNetNuke before 4.8.2, during installation or upgrade, does not warn the administrator when the de...
E
CVE-2008-6541 Unrestricted file upload vulnerability in the file manager module in DotNetNuke before 4.8.2 allows ...
CVE-2008-6542 Unspecified vulnerability in the Skin Manager in DotNetNuke before 4.8.2 allows remote authenticated...
CVE-2008-6543 Multiple PHP remote file inclusion vulnerabilities in ComScripts TEAM Quick Classifieds 1.0 via the ...
E
CVE-2008-6544 Multiple PHP remote file inclusion vulnerabilities in Simple Machines Forum (SMF) 1.1.4 allow remote...
E
CVE-2008-6545 PHP remote file inclusion vulnerability in news/include/createdb.php in Web Server Creator Web Porta...
E
CVE-2008-6546 Unspecified vulnerability in phpns before 2.1.3 has unknown impact and attack vectors related to "ac...
S
CVE-2008-6547 schema.py in FormEncode for Python (python-formencode) 1.0 does not apply the chained_validators fea...
S
CVE-2008-6548 The rst parser (parser/text_rst.py) in MoinMoin 1.6.1 does not check the ACL of an included page, wh...
CVE-2008-6549 The password_checker function in config/multiconfig.py in MoinMoin 1.6.1 uses the cracklib and pytho...
E
CVE-2008-6550 Cross-site scripting (XSS) vulnerability in glossaire.php in Glossaire 2.0 allows remote attackers t...
E
CVE-2008-6551 Multiple directory traversal vulnerabilities in e-Vision CMS 2.0.2 and earlier, when magic_quotes_gp...
E
CVE-2008-6552 Red Hat Cluster Project 2.x allows local users to modify or overwrite arbitrary files via symlink at...
CVE-2008-6553 microcms-admin-home.php in Implied by Design Micro CMS (Micro-CMS) 3.5 (aka 0.3.5) does not require ...
E
CVE-2008-6554 cgi-bin/script in Aztech ADSL2/2+ 4-port router 3.7.0 build 070426 allows remote attackers to execut...
E
CVE-2008-6555 cgi-bin/webutil.pl in The Puppet Master WebUtil allows remote attackers to execute arbitrary command...
E
CVE-2008-6556 cgi-bin/webutil.pl in The Puppet Master WebUtil 2.3 allows remote attackers to execute arbitrary com...
E
CVE-2008-6557 cgi-bin/webutil.pl in The Puppet Master WebUtil 2.7 allows remote attackers to execute arbitrary com...
E
CVE-2008-6558 Untrusted search path vulnerability in (1) hvdisp and (2) rcvm in ReliantHA 1.1.4 in SCO UnixWare 7....
E S
CVE-2008-6559 Merge mcd in ReliantHA 1.1.4 in SCO UnixWare 7.1.4 allows local users to gain root privileges via a ...
E S
CVE-2008-6560 Buffer overflow in CMAN - The Cluster Manager before 2.03.09-1 on Fedora 9 and Red Hat Enterprise Li...
CVE-2008-6561 Citrix Presentation Server Client for Windows before 10.200 does not clear "credential information" ...
S
CVE-2008-6562 Cross-site scripting (XSS) vulnerability in jax_linklists.php in Jack (tR) Jax LinkLists 1.00 allows...
E
CVE-2008-6563 Buffer overflow in the XML parser in Trillian 3.1.9.0, and possibly earlier, allows remote attackers...
E
CVE-2008-6564 Nortel UNIStim protocol, as used in Communication Server 1000 and other products, uses predictable s...
CVE-2008-6565 Cross-site scripting (XSS) vulnerability in Invision Power Board 2.3.1 and earlier allows remote att...
CVE-2008-6566 Unspecified vulnerability in Octopussy before 0.9.5.8 has unknown impact and attack vectors related ...
CVE-2008-6567 Multiple cross-site scripting (XSS) vulnerabilities in Gallarific Free Edition allow remote attacker...
E
CVE-2008-6568 Unrestricted file upload vulnerability in Yehe 2.0 allows remote attackers to execute arbitrary code...
CVE-2008-6569 Session fixation vulnerability in Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to hijac...
CVE-2008-6570 Cross-site scripting (XSS) vulnerability in the RSS reader in Cybozu Garoon 2.0.0 through 2.1.3 allo...
S
CVE-2008-6571 Multiple cross-site scripting (XSS) vulnerabilities in LinPHA before 1.3.4 might allow remote attack...
CVE-2008-6572 SQL injection vulnerability in search_results.php in ABK-Soft AbleDating 2.4 allows remote attackers...
CVE-2008-6573 Multiple SQL injection vulnerabilities in Avaya SIP Enablement Services (SES) in Avaya Avaya Communi...
CVE-2008-6574 Unspecified vulnerability in SIP Enablement Services (SES) in Avaya Communication Manager 3.1.x and ...
CVE-2008-6575 Unspecified vulnerability in the SIP server in SIP Enablement Services (SES) in Avaya Communication ...
CVE-2008-6576 Unspecified vulnerability in the "session limitation technique" in the FTP service on Nortel Communi...
CVE-2008-6577 Nortel MG1000S, Signaling Server, and Call Server on the Communications Server 1000 (CS1K) 4.50.x co...
CVE-2008-6578 Multiple unspecified vulnerabilities in Nortel Communication Server 1000 4.50.x allow remote attacke...
CVE-2008-6579 Nortel Communication Server 1000 4.50.x allows remote attackers to obtain Web application structure ...
CVE-2008-6580 The Red_Reservations script for ColdFusion stores sensitive information under the web root with insu...
E
CVE-2008-6581 login.php in PhpAddEdit 1.3 allows remote attackers to bypass authentication and gain administrative...
E S
CVE-2008-6582 SQL injection vulnerability in index.php in Miniweb 2.0 allows remote attackers to execute arbitrary...
E
CVE-2008-6583 Buffer overflow in BS.player 2.27 build 959 allows remote attackers to cause a denial of service (cr...
E
CVE-2008-6584 html/index.php in TorrentFlux 2.3 allows remote authenticated users to execute arbitrary code via a ...
E
CVE-2008-6585 Cross-site request forgery (CSRF) vulnerability in html/admin.php in TorrentFlux 2.3 allows remote a...
E
CVE-2008-6586 Cross-site request forgery (CSRF) vulnerability in gui/index.php in µTorrent (uTorrent) WebUI 0.315 ...
E
CVE-2008-6587 Cross-site request forgery (CSRF) vulnerability in index.tmpl in Vuze (formerly Azureus HTML WebUI),...
E
CVE-2008-6588 Aztech ADSL2/2+ 4-port router has a default "isp" account with a default "isp" password, which allow...
E
CVE-2008-6589 Multiple cross-site scripting (XSS) vulnerabilities in LightNEasy "no database" (aka flat) version 1...
E
CVE-2008-6590 Multiple directory traversal vulnerabilities in LightNEasy "no database" (aka flat) version 1.2.2, a...
E
CVE-2008-6591 LightNEasy "no database" (aka flat) version 1.2.2, and possibly SQLite version 1.2.2, allows remote ...
E
CVE-2008-6592 thumbsup.php in Thumbs-Up 1.12, as used in LightNEasy "no database" (aka flat) and SQLite 1.2.2 and ...
E
CVE-2008-6593 SQL injection vulnerability in LightNEasy/lightneasy.php in LightNEasy SQLite 1.2.2 and earlier allo...
E
CVE-2008-6594 SQL injection vulnerability in the cm_rdfexport extension for TYPO3 allows remote attackers to execu...
CVE-2008-6595 SQL injection vulnerability in the pmk_rssnewsexport extension for TYPO3 allows remote attackers to ...
CVE-2008-6596 SQL injection vulnerability in admin/index.php in PHCDownload 1.1 allows remote attackers to execute...
E
CVE-2008-6597 Cross-site scripting (XSS) vulnerability in upload/install/index.php in PHCDownload 1.1 allows remot...
E
CVE-2008-6598 Multiple race conditions in WANPIPE before 3.3.6 have unknown impact and attack vectors related to "...
CVE-2008-6599 cookiecheck.php in CookieCheck 1.0 stores tmp/cc_sessions under the web root with insufficient acces...
E S
CVE-2008-6600 Cross-site scripting (XSS) vulnerability in the search feature in XMLPortal 3.0 allows remote attack...
CVE-2008-6601 Unspecified vulnerability in Epona 1.5rc3 allows remote attackers to obtain the real IP address of u...
CVE-2008-6602 Unspecified vulnerability in Download Center Lite before 2.1 has unknown impact and attack vectors r...
CVE-2008-6603 MoinMoin 1.6.2 and 1.7 does not properly enforce ACL checks when acl_hierarchic is set to True, whic...
E
CVE-2008-6604 Directory traversal vulnerability in index.php in PicoFlat CMS 0.5.9 allows remote attackers to incl...
E
CVE-2008-6605 Cross-site request forgery (CSRF) vulnerability in the xslt script in the web-based management inter...
E
CVE-2008-6606 SQL injection vulnerability in view.php in MatPo Link 1.2 Beta allows remote attackers to execute ar...
E
CVE-2008-6607 Cross-site scripting (XSS) vulnerability in view.php in MatPo Link 1.2 Beta allows remote attackers ...
E
CVE-2008-6608 Multiple SQL injection vulnerabilities in DevelopItEasy Events Calendar 1.2 allow remote attackers t...
E
CVE-2008-6609 Cross-site scripting (XSS) vulnerability in phpcksec.php in Stefan Ott phpcksec 0.2 allows remote at...
E
CVE-2008-6610 Absolute path traversal vulnerability in phpcksec.php in Stefan Ott phpcksec 0.2.0 allows remote att...
E
CVE-2008-6611 SQL injection vulnerability in index.php in Minimal ABlog 0.4 allows remote attackers to execute arb...
E
CVE-2008-6612 Unrestricted file upload vulnerability in admin/uploader.php in Minimal ABlog 0.4 allows remote atta...
E
CVE-2008-6613 uploader.php in minimal-ablog 0.4 does not properly restrict access, which allows remote attackers t...
E
CVE-2008-6614 Multiple SQL injection vulnerabilities in microcms-admin-login.php in Implied By Design (IBD) Micro ...
E
CVE-2008-6615 SQL injection vulnerability in index.php in Zen Software Zen Cart 2008 allows remote attackers to ex...
E
CVE-2008-6616 Cross-site scripting (XSS) vulnerability in index.php in Zen Software Zen Cart 2008 allows remote at...
E
CVE-2008-6617 Unrestricted file upload vulnerability in adm/visual/upload.php in SiteXS CMS 0.1.1 allows remote at...
E
CVE-2008-6618 Multiple SQL injection vulnerabilities in ClassSystem 2.3 allow remote attackers to execute arbitrar...
E
CVE-2008-6619 Unrestricted file upload vulnerability in class/ApplyDB.php in ClassSystem 2.3 allows remote attacke...
E
CVE-2008-6620 Multiple cross-site scripting (XSS) vulnerabilities in javascript/editor/editor/filemanager/browser/...
E
CVE-2008-6621 Unspecified vulnerability in GraphicsMagick before 1.2.3 allows remote attackers to cause a denial o...
CVE-2008-6622 SQL injection vulnerability in choosecard.php in WEBBDOMAIN Post Card (aka Web Postcards) 1.02, 1.01...
E
CVE-2008-6623 SQL injection vulnerability in getin.php in WEBBDOMAIN Post Card (aka Web Postcards) 1.02 and earlie...
E
CVE-2008-6624 SQL injection vulnerability in getin.php in WEBBDOMAIN Petition 1.02, 2.0, and 3.0 allows remote att...
E
CVE-2008-6625 SQL injection vulnerability in getin.php in WEBBDOMAIN Polls (aka Poll) 1.0 and 1.01 allows remote a...
E
CVE-2008-6626 SQL injection vulnerability in getin.php in WEBBDOMAIN Quiz 1.02 and earlier allows remote attackers...
E
CVE-2008-6627 SQL injection vulnerability in getin.php in WEBBDOMAIN WebShop 1.2, 1.1, 1.02, and earlier allows re...
E
CVE-2008-6628 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-6268. Reason: This candida...
R
CVE-2008-6629 Cross-site scripting (XSS) vulnerability in detail.php in WEBBDOMAIN Multi Languages WebShop Online ...
E
CVE-2008-6630 Directory traversal vulnerability in the wt_gallery extension 2.5.0 and earlier for TYPO3 allows rem...
S
CVE-2008-6631 Multiple cross-site scripting (XSS) vulnerabilities in index.php in BlogPHP 2.0 allow remote attacke...
E
CVE-2008-6632 SQL injection vulnerability in func/login.php in MercuryBoard 1.1.5 and earlier allows remote attack...
E
CVE-2008-6633 SQL injection vulnerability in RoomPHPlanning 1.5 allows remote attackers to execute arbitrary SQL c...
E
CVE-2008-6634 SQL injection vulnerability in RoomPHPlanning 1.5 allows remote attackers to execute arbitrary SQL c...
E
CVE-2008-6635 PHP remote file inclusion vulnerability in skins/default.php in Geody Labs Dagger - The Cutting Edge...
E S
CVE-2008-6636 PHP remote file inclusion vulnerability in skins/default.php in Geody Labs Dagger - The Cutting Edge...
E
CVE-2008-6637 Multiple cross-site scripting (XSS) vulnerabilities in forgotPW.php in Library Video Company SAFARI ...
E
CVE-2008-6638 Insecure method vulnerability in the Versalsoft HTTP Image Uploader ActiveX control (UUploaderSvrD.d...
E
CVE-2008-6639 Cross-site request forgery (CSRF) vulnerability in admin.php in AjaXplorer 2.3.3 and 2.3.4 allows re...
E
CVE-2008-6640 Multiple SQL injection vulnerabilities in BatmanPorTaL allow remote attackers to execute arbitrary S...
E
CVE-2008-6641 Multiple SQL injection vulnerabilities in Shader TV (Beta) allow remote authenticated administrators...
E
CVE-2008-6642 SQL injection vulnerability in view.php in DotContent FluentCMS 4.x allows remote attackers to execu...
E
CVE-2008-6643 LokiCMS 0.3.4 and possibly earlier versions does not properly restrict access to administrative func...
E
CVE-2008-6644 Cross-site scripting (XSS) vulnerability in Default.aspx in DotNetNuke 4.8.3 and earlier allows remo...
E
CVE-2008-6645 Cross-site scripting (XSS) vulnerability in Opencosmo VisualSentinel 0.7 allows remote attackers to ...
CVE-2008-6646 Cross-site scripting (XSS) vulnerability in index.php in CoronaMatrix phpAddressBook 2.0 allows remo...
E
CVE-2008-6647 SQL injection vulnerability in gallery.php in Ktools PhotoStore 3.4.3 allows remote attackers to exe...
E
CVE-2008-6648 SQL injection vulnerability in crumbs.php in Ktools PhotoStore 3.4.3 and 3.5.2 allows remote attacke...
E
CVE-2008-6649 SQL injection vulnerability in manager/image_details_editor.php in Ktools PhotoStore 2.5, 2.9.8, 3.1...
E
CVE-2008-6650 del.php in miniBloggie 1.0 allows remote attackers to delete arbitrary posts via a direct request wi...
E
CVE-2008-6651 Static code injection vulnerability in edithistory.php in OxYProject OxYBox 0.85 allows remote attac...
E
CVE-2008-6652 SQL injection vulnerability in asd.php in OneCMS 2.5 allows remote attackers to execute arbitrary SQ...
E
CVE-2008-6653 SQL injection vulnerability in webhosting.php in the Webhosting Component (com_webhosting) module be...
E
CVE-2008-6654 Cross-site scripting (XSS) vulnerability in search_results.php in InfoBiz Server allows remote attac...
CVE-2008-6655 Multiple cross-site scripting (XSS) vulnerabilities in GEDCOM_TO_MYSQL 2 allow remote attackers to i...
E
CVE-2008-6656 Multiple SQL injection vulnerabilities in Open Auto Classifieds 1.4.3b allow remote attackers to exe...
E
CVE-2008-6657 Cross-site request forgery (CSRF) vulnerability in index.php in Simple Machines Forum (SMF) 1.0 befo...
E
CVE-2008-6658 Directory traversal vulnerability in index.php in Simple Machines Forum (SMF) 1.0 before 1.0.15 and ...
E
CVE-2008-6659 Directory traversal vulnerability in index.php in Simple Machines Forum (SMF) 1.0 before 1.0.15 and ...
E
CVE-2008-6660 Unrestricted file upload vulnerability in bigdump.php in Alexey Ozerov BigDump 0.29b allows remote a...
CVE-2008-6661 Multiple integer overflows in the scanning engine in Bitdefender for Linux 7.60825 and earlier allow...
CVE-2008-6662 AVG Anti-Virus for Linux 7.5.51, and possibly earlier, allows remote attackers to cause a denial of ...
CVE-2008-6663 SQL injection vulnerability in profile.php in PHPAuctions.info PHPAuctions (aka PHPAuctionSystem) al...
E
CVE-2008-6664 action.php in SH-News 3.0 allows remote attackers to bypass authentication and gain administrator pr...
E
CVE-2008-6665 change.php in Ananta CMS 1.0b5, with magic_quotes_gpc disabled, allows remote attackers to gain admi...
E
CVE-2008-6666 Multiple cross-site scripting (XSS) vulnerabilities in Kronos webTA allow remote attackers to inject...
CVE-2008-6667 A+ PHP Scripts News Management System (NMS) allows remote attackers to bypass authentication and gai...
E
CVE-2008-6668 Multiple directory traversal vulnerabilities in nweb2fax 0.2.7 and earlier allow remote attackers to...
E
CVE-2008-6669 viewrq.php in nweb2fax 0.2.7 and earlier allows remote attackers to execute arbitrary code via shell...
E
CVE-2008-6670 Integer overflow in Vertex4 SunAge 1.08.1 and earlier allows remote attackers to cause a denial of s...
E
CVE-2008-6671 Vertex4 SunAge 1.08.1 and earlier allows remote attackers to cause a denial of service (infinite loo...
E
CVE-2008-6672 Vertex4 SunAge 1.08.1 and earlier allows remote attackers to cause a denial of service ("runtime err...
E
CVE-2008-6673 asp/bs_login.asp in QuickerSite 1.8.5 does not properly restrict access to administrative functional...
E
CVE-2008-6674 mailPage.asp in QuickerSite 1.8.5 allows remote attackers to flood e-mail accounts with messages via...
CVE-2008-6675 Multiple cross-site scripting (XSS) vulnerabilities in QuickerSite 1.8.5 allow remote attackers to i...
E
CVE-2008-6676 QuickerSite 1.8.5 allows remote attackers to obtain sensitive information via a request to showThumb...
E
CVE-2008-6677 Unrestricted file upload vulnerability in fckeditor251/editor/filemanager/connectors/asp/upload.asp ...
E
CVE-2008-6678 SQL injection vulnerability in asp/includes/contact.asp in QuickerSite 1.8.5 allows remote attackers...
CVE-2008-6679 Buffer overflow in the BaseFont writer module in Ghostscript 8.62, and possibly other versions, allo...
CVE-2008-6680 libclamav/pe.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (crash) vi...
CVE-2008-6681 Cross-site scripting (XSS) vulnerability in dijit.Editor in Dojo before 1.1 allows remote attackers ...
E
CVE-2008-6682 Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.0.x before 2.0.11.1 and 2.1.x...
S
CVE-2008-6683 Cross-site scripting (XSS) vulnerability in listtest.php in Apartment Search Script allows remote at...
E
CVE-2008-6684 Unrestricted file upload vulnerability in editimage.php in Apartment Search Script allows remote att...
E
CVE-2008-6685 Unspecified vulnerability in Frontend Filemanager (air_filemanager) 0.6.1 and earlier extension for ...
S
CVE-2008-6686 SQL injection vulnerability in CoolURI (cooluri) 1.0.11 and earlier extension for TYPO3 allows remot...
S
CVE-2008-6687 Cross-site scripting (XSS) vulnerability in DCD GoogleMap (dcdgooglemap) 1.1.0 and earlier extension...
S
CVE-2008-6688 Cross-site scripting (XSS) vulnerability in JobControl (dmmjobcontrol) 1.15.0 and earlier extension ...
S
CVE-2008-6689 SQL injection vulnerability in JobControl (dmmjobcontrol) 1.15.0 and earlier extension for TYPO3 all...
S
CVE-2008-6690 Unspecified vulnerability in nepa-design.de Spam Protection (nd_antispam) extension 1.0.3 for TYPO3 ...
CVE-2008-6691 SQL injection vulnerability in Diocese of Portsmouth Calendar Today (pd_calendar_today) extension 0....
CVE-2008-6692 SQL injection vulnerability in Diocese of Portsmouth Training Courses (pd_trainingcourses) extension...
CVE-2008-6693 SQL injection vulnerability in Download system (sb_downloader) extension 0.1.4 and earlier for TYPO3...
S
CVE-2008-6694 SQL injection vulnerability in Random Prayer (ste_prayer) 0.0.1 for TYPO3 allows remote attackers to...
CVE-2008-6695 SQL injection vulnerability in TIMTAB social bookmark icons (timtab_sociable) 2.0.4 and earlier exte...
S
CVE-2008-6696 SQL injection vulnerability in Fussballtippspiel (toto) 0.1.1 and earlier extension for TYPO3 allows...
S
CVE-2008-6697 SQL injection vulnerability in TARGET-E WorldCup Bets (worldcup) 2.0.0 and earlier extension for TYP...
S
CVE-2008-6698 Cross-site scripting (XSS) vulnerability in TARGET-E WorldCup Bets (worldcup) 2.0.0 and earlier exte...
CVE-2008-6699 Cross-site scripting (XSS) vulnerability in Resource Library (tjs_reslib) 0.1.0 and earlier extensio...
CVE-2008-6700 Multiple cross-site scripting (XSS) vulnerabilities in Butterfly Organizer 2.0.0 allow remote attack...
E
CVE-2008-6701 NetScout (formerly Network General) Visualizer V2100 and InfiniStream i1730 do not restrict access t...
CVE-2008-6702 S.T.A.L.K.E.R.: Shadow of Chernobyl 1.0006 and earlier allows remote attackers to cause a denial of ...
E
CVE-2008-6703 Stack-based buffer overflow in the IPureServer::_Recieve function in S.T.A.L.K.E.R.: Shadow of Chern...
E
CVE-2008-6704 Integer overflow in the NET_Compressor::Decompress function in S.T.A.L.K.E.R.: Shadow of Chernobyl 1...
CVE-2008-6705 The MultipacketReciever::RecievePacket function in S.T.A.L.K.E.R.: Shadow of Chernobyl 1.0006 and ea...
E
CVE-2008-6706 Multiple unspecified vulnerabilities in the Web management interface in Avaya SIP Enablement Service...
CVE-2008-6707 The Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya ...
CVE-2008-6708 Unspecified vulnerability in the Web management interface in Avaya SIP Enablement Services (SES) 3.x...
CVE-2008-6709 Unspecified vulnerability in the Web management interface in Avaya SIP Enablement Services (SES) 3.x...
CVE-2008-6710 Unspecified vulnerability in the Web administration interface in Avaya Communication Manager 3.1.x b...
CVE-2008-6711 Unspecified vulnerability in the Web administration interface in Avaya Communication Manager 3.1.x b...
CVE-2008-6712 The HTTP/XML-RPC service in Crysis 1.21 (game version 1.1.1.6156) and earlier allows remote attacker...
E
CVE-2008-6713 World in Conflict (WIC) 1.008 and earlier allows remote attackers to cause a denial of service (acce...
E
CVE-2008-6714 admin.php in xeCMS 1.0.0 RC2 and earlier allows remote attackers to bypass authentication and access...
E
CVE-2008-6715 Multiple cross-site scripting (XSS) vulnerabilities in Pre ADS Portal 2.0 and earlier allow remote a...
E
CVE-2008-6716 homeadmin/adminhome.php in Pre ADS Portal 2.0 and earlier does not require administrative authentica...
E
CVE-2008-6717 U&M Software Signup 1.0 and 1.1 does not require administrative authentication for all scripts in th...
E
CVE-2008-6718 U&M Software JustBookIt 1.0 does not require administrative authentication for all scripts in the ad...
E
CVE-2008-6719 U&M Software Event Lister (aka JustListIt) 1.0 does not require administrative authentication for al...
E
CVE-2008-6720 SQL injection vulnerability in admin/adm_login.php in DeltaScripts PHP Links 1.3 and earlier allows ...
E
CVE-2008-6721 SQL injection vulnerability in index.php in AJ Square AJ Article allows remote attackers to execute ...
E
CVE-2008-6722 Novell Access Manager 3 SP4 does not properly expire X.509 certificate sessions, which allows physic...
CVE-2008-6723 TurnkeyForms Entertainment Portal 2.0 allows remote attackers to bypass authentication and gain admi...
E
CVE-2008-6724 Cross-site scripting (XSS) vulnerability in index.pl in Perl Nopaste 1.0 allows remote attackers to ...
S
CVE-2008-6725 Multiple SQL injection vulnerabilities in CMScout 2.06 allow remote authenticated users to execute a...
E
CVE-2008-6726 Multiple directory traversal vulnerabilities in CMScout 2.06, when register_globals is enabled, allo...
E S
CVE-2008-6727 Cross-site scripting (XSS) vulnerability in Ultimate PHP Board (UPB) 2.2.2, 2.2.1, and earlier 2.x v...
E
CVE-2008-6728 SQL injection vulnerability in the Sections module in PHP-Nuke, probably before 8.0, allows remote a...
E
CVE-2008-6729 Multiple cross-site request forgery (CSRF) vulnerabilities in password.php in PHPmotion 2.1 and earl...
E
CVE-2008-6730 Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPLink Pro 0.0.6 and 0.0.7, wh...
E
CVE-2008-6731 Unrestricted file upload vulnerability in submitlink.php in FlexPHPLink Pro 0.0.7 allows remote atta...
E
CVE-2008-6732 Cross-site scripting (XSS) vulnerability in the Language skin object in DotNetNuke before 4.8.4 allo...
CVE-2008-6733 Cross-site scripting (XSS) vulnerability in the error handling page in DotNetNuke 4.6.2 through 4.8....
CVE-2008-6734 Directory traversal vulnerability in Public/index.php in Keller Web Admin CMS 0.94 Pro allows remote...
E
CVE-2008-6735 Directory traversal vulnerability in qc/index.php in ThaiQuickCart 3 allows remote attackers to read...
E
CVE-2008-6736 Flat Calendar 1.1 does not properly restrict access to administrative functions, which allows remote...
E
CVE-2008-6737 Crysis 1.21 and earlier allows remote attackers to obtain sensitive player information such as real ...
E
CVE-2008-6738 MyShoutPro 1.2 allows remote attackers to bypass authentication and gain administrative access by se...
E
CVE-2008-6739 Todd Woolums ASP Download management script 1.03 does not require authentication for setupdownload.a...
E
CVE-2008-6740 PHP remote file inclusion vulnerability in html/admin/modules/plugin_admin.php in HoMaP-CMS 0.1 allo...
E
CVE-2008-6741 SQL injection vulnerability in Load.php in Simple Machines Forum (SMF) 1.1.4 and earlier allows remo...
E
CVE-2008-6742 Foxy P2P software allows remote attackers to cause a denial of service (memory consumption) via a fo...
E
CVE-2008-6743 RSMScript 1.21 allows remote attackers to bypass authentication and gain administrative privileges b...
E
CVE-2008-6744 Cross-site request forgery (CSRF) vulnerability in Cybozu Office 6, Cybozu Dezie before 6.0(1.0), an...
CVE-2008-6745 index.php in BlogPHP 2.0 allows remote attackers to gain administrator privileges via a crafted emai...
E
CVE-2008-6746 Cross-site scripting (XSS) vulnerability in the contact display view in Turba Contact Manager H3 bef...
CVE-2008-6747 dotProject before 2.1.2 does not properly restrict access to administrative pages, which allows remo...
CVE-2008-6748 Eval injection vulnerability in Megacubo 5.0.7 allows remote attackers to inject and execute arbitra...
E
CVE-2008-6749 Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPDirectory 0.0.1, when magic_...
E
CVE-2008-6750 Unrestricted file upload vulnerability in add.php in FlexPHPDirectory 0.0.1 allows remote attackers ...
E
CVE-2008-6751 Unrestricted file upload vulnerability in index.php in the Twitter Clone (TClone) plugin for ReVou M...
E
CVE-2008-6752 adminlogin/password.php in the Twitter Clone (TClone) plugin for ReVou Micro Blogging does not verif...
E
CVE-2008-6753 SQL injection vulnerability in SilverStripe before 2.2.2 allows remote attackers to execute arbitrar...
S
CVE-2008-6754 The Personal Sticky Threads addon 1.0.3c for vBulletin allows remote authenticated users to read the...
CVE-2008-6755 ZoneMinder 1.23.3 on Fedora 10 sets the ownership of /etc/zm.conf to the apache user account, and se...
S
CVE-2008-6756 ZoneMinder 1.23.3 on Gentoo Linux uses 0644 permissions for /etc/zm.conf, which allows local users t...
CVE-2008-6757 Cross-site scripting (XSS) vulnerability in manuals_search.php in ViArt Shop (aka Shopping Cart) 3.5...
CVE-2008-6758 Cross-site request forgery (CSRF) vulnerability in cart_save.php in ViArt Shop (aka Shopping Cart) 3...
E
CVE-2008-6759 ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to obtain sensitive information via a URL...
E
CVE-2008-6760 ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to obtain sensitive information via an un...
E
CVE-2008-6761 Static code injection vulnerability in admin/install.php in Flexcustomer 0.0.6 might allow remote at...
E
CVE-2008-6762 Open redirect vulnerability in wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote atta...
E
CVE-2008-6763 login2.php in Silentum LoginSys 1.0.0 allows remote attackers to bypass authentication and obtain ac...
E
CVE-2008-6764 Cross-site scripting (XSS) vulnerability in login.php in Silentum LoginSys 1.0.0 allows remote attac...
E
CVE-2008-6765 ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to access the contents of an arbitrary sh...
E
CVE-2008-6766 cart_save.php in ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to cause a denial of ser...
CVE-2008-6767 wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote attackers to upgrade the applicatio...
E
CVE-2008-6768 Unrestricted file upload vulnerability in admin/editor/images.php in K&S Shopsoftware allows remote ...
E
CVE-2008-6769 Unrestricted file upload vulnerability in upload.php in YourPlace 1.0.2 and earlier allows remote au...
E
CVE-2008-6770 YourPlace 1.0.2 and earlier stores sensitive information under the web root with insufficient access...
E
CVE-2008-6771 YourPlace 1.0.2 and earlier allows remote attackers to obtain sensitive system information via a dir...
E
CVE-2008-6772 login/register_form.php in YourPlace 1.0.2 and earlier does not check that a username already exists...
E
CVE-2008-6773 Static code injection vulnerability in user/internettoolbar/edit.php in YourPlace 1.0.2 and earlier ...
E
CVE-2008-6774 internettoolbar/edit.php in YourPlace 1.0.2 and earlier does not end execution when an invalid usern...
CVE-2008-6775 HTC Touch Pro and HTC Touch Cruise vCard allows remote attackers to cause denial of service (CPU con...
CVE-2008-6776 SQL injection vulnerability in viewcomments.php in Scripts For Sites (SFS) EZ Hot or Not allows remo...
E
CVE-2008-6777 Multiple SQL injection vulnerabilities in MyPHP Forum 3.0 and earlier allow remote attackers to exec...
E
CVE-2008-6778 SQL injection vulnerability in viewfaqs.php in Scripts for Sites (SFS) EZ Auction allows remote atta...
E
CVE-2008-6779 SQL injection vulnerability in the Sarkilar module for PHP-Nuke allows remote attackers to execute a...
E
CVE-2008-6780 SQL injection vulnerability in directory.php in Scripts for Sites (SFS) SFS EZ Affiliate allows remo...
E
CVE-2008-6781 SQL injection vulnerability in directory.php in Sites for Scripts (SFS) Gaming Directory allows remo...
E
CVE-2008-6782 SQL injection vulnerability in directory.php in Sites for Scripts (SFS) EZ Hosting Directory allows ...
E
CVE-2008-6783 SQL injection vulnerability in directory.php in Sites for Scripts (SFS) EZ Home Business Directory a...
E
CVE-2008-6784 SQL injection vulnerability in directory.php in Scripts For Sites (SFS) EZ Adult Directory allows re...
E
CVE-2008-6785 Unrestricted file upload vulnerability in Mini File Host 1.5 allows remote attackers to execute arbi...
E
CVE-2008-6786 Multiple directory traversal vulnerabilities in geekigeeki.py in GeekiGeeki before 3.0 allow remote ...
E S
CVE-2008-6787 SQL injection vulnerability in administrator/index.php in Lizardware CMS 0.6.0 and earlier allows re...
E
CVE-2008-6788 SQL injection vulnerability in MindDezign Photo Gallery 2.2, when magic_quotes_gpc is disabled, allo...
E
CVE-2008-6789 SQL injection vulnerability in MindDezign Photo Gallery 2.2 allows remote attackers to execute arbit...
E
CVE-2008-6790 The admin module in MindDezign Photo Gallery 2.2 allows remote attackers to add administrative users...
E
CVE-2008-6791 PumpKIN TFTP Server 2.7.2.0 allows remote attackers to cause a denial of service via a write request...
E
CVE-2008-6792 system-tools-backends before 2.6.0-1ubuntu1.1 in Ubuntu 8.10, as used by "Users and Groups" in GNOME...
CVE-2008-6793 The get_file_type function in lib/file_content.php in DFLabs PTK 0.1, 0.2, and 1.0 allows remote att...
E S
CVE-2008-6794 SQL injection vulnerability in directory.php in Scripts For Sites (SFS) EZ Pub Site allows remote at...
E
CVE-2008-6795 SQL injection vulnerability in view_news.php in nicLOR Vibro-School-CMS allows remote attackers to e...
E
CVE-2008-6796 SQL injection vulnerability in manager/login.php in Pre Projects Pre Real Estate Listings allows rem...
E
CVE-2008-6797 The server in Mitel NuPoint Messenger R11 and R3 sends usernames and passwords in cleartext to Excha...
CVE-2008-6798 Multiple SQL injection vulnerabilities in login.php in Pre Projects Pre Real Estate Listings allow r...
E
CVE-2008-6799 connection.php in FlashChat 5.0.8 allows remote attackers to bypass the role filter mechanism and ga...
E
CVE-2008-6800 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is not...
R
CVE-2008-6801 Cross-site request forgery (CSRF) vulnerability in Vivvo CMS before 4.0.4 allows remote attackers to...
CVE-2008-6802 Multiple SQL injection vulnerabilities in index.php in phPhotoGallery 0.92 allow remote attackers to...
E
CVE-2008-6803 SQL injection vulnerability in diziler.asp in Yigit Aybuga Dizi Portali allows remote attackers to e...
E
CVE-2008-6804 Tribiq CMS 5.0.9a beta allows remote attackers to bypass authentication and gain administrative acce...
E
CVE-2008-6805 Multiple SQL injection vulnerabilities in Mic_Blog 0.0.3, when magic_quotes_gpc is disabled, allow r...
E
CVE-2008-6806 Unrestricted file upload vulnerability in includes/imageupload.php in 7Shop 1.1 and earlier allows r...
E
CVE-2008-6807 PHP remote file inclusion vulnerability in ListRecords.php in osprey 1.0a4.1 allows remote attackers...
E
CVE-2008-6808 SQL injection vulnerability in links.php in Scripts for Sites (SFS) EZ Link Directory allows remote ...
E
CVE-2008-6809 SQL injection vulnerability in hotel_habitaciones.php in Venalsur Booking Centre Booking System for ...
E
CVE-2008-6810 Multiple SQL injection vulnerabilities in admin/checklogin.php in Venalsur Booking Centre Booking Sy...
E
CVE-2008-6811 Unrestricted file upload vulnerability in image_processing.php in the e-Commerce Plugin 3.4 and earl...
E
CVE-2008-6812 SQL injection vulnerability in bukutamu.php in phpWebNews 0.2 MySQL Edition allows remote attackers ...
E
CVE-2008-6813 SQL injection vulnerability in index.php in phpWebNews 0.2 MySQL Edition allows remote attackers to ...
E
CVE-2008-6814 Unrestricted file upload vulnerability in image_upload.php in the SimpleBoard (com_simpleboard) comp...
E
CVE-2008-6815 mykdownload.php in MyKtools 2.4 does not require administrative authentication, which allows remote ...
E
CVE-2008-6816 Eaton MGEOPS Network Shutdown Module before 3.10 Build 13 allows remote attackers to execute arbitra...
CVE-2008-6817 Mole Group Lastminute Script 4.0 and earlier stores passwords in cleartext, which allows context-dep...
CVE-2008-6818 Mole Group Real Estate Script 1.1 and earlier stores passwords in cleartext, which allows context-de...
CVE-2008-6819 win32k.sys in Microsoft Windows Server 2003 and Vista allows local users to cause a denial of servic...
E
CVE-2008-6820 The db2fmp process in IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP2 on Windows runs with...
S
CVE-2008-6821 Buffer overflow in the DAS server in IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP2 might...
S
CVE-2008-6822 Unrestricted file upload vulnerability in uploadp.php in New Earth Programming Team (NEPT) imgupload...
E
CVE-2008-6823 Multiple cross-site request forgery (CSRF) vulnerabilities in the management interface on the A-LINK...
E S
CVE-2008-6824 The management interface on the A-LINK WL54AP3 and WL54AP2 access points has a blank default passwor...
E S
CVE-2008-6825 Directory traversal vulnerability in user/index.php in Fonality trixbox CE 2.6.1 and earlier allows ...
E
CVE-2008-6826 dhtml.pl in MHF Media Pro allows remote attackers to execute arbitrary commands via shell metacharac...
E
CVE-2008-6827 The ListView control in the Client GUI (AClient.exe) in Symantec Altiris Deployment Solution 6.x bef...
S
CVE-2008-6828 Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 stores the Application Identity Account ...
S
CVE-2008-6829 VicFTPS 5.0 allows remote attackers to cause a denial of service (crash) via a LIST command that sta...
E
CVE-2008-6830 The disconnection feature in Citrix Web Interface 5.0 and 5.0.1 for Java Application Servers does no...
S
CVE-2008-6831 Multiple cross-site scripting (XSS) vulnerabilities in Atlassian JIRA Enterprise Edition 3.13 allow ...
S
CVE-2008-6832 Cross-site request forgery (CSRF) vulnerability in Atlassian JIRA Enterprise Edition 3.13 allows rem...
CVE-2008-6833 Directory traversal vulnerability in commsrss.php in fuzzylime (cms) before 3.01b allows remote atta...
E
CVE-2008-6834 Multiple directory traversal vulnerabilities in fuzzylime (cms) 3.01 and 3.01a allow remote attacker...
E
CVE-2008-6835 Cross-site scripting (XSS) vulnerability in OpenID 5.x before 5.x-1.2, a module for Drupal, allows r...
S
CVE-2008-6836 Cross-site request forgery (CSRF) vulnerability in OpenID 5.x before 5x.-1.2, a module for Drupal, a...
S
CVE-2008-6837 SQL injection vulnerability in Zoph 0.7.2.1 allows remote attackers to execute arbitrary SQL command...
E
CVE-2008-6838 Cross-site scripting (XSS) vulnerability in search.php in Zoph 0.7.2.1 allows remote attackers to in...
E
CVE-2008-6839 Multiple cross-site scripting (XSS) vulnerabilities in TGS Content Management 0.3.2r2 allow remote a...
E
CVE-2008-6840 Multiple PHP remote file inclusion vulnerabilities in V-webmail 1.6.4 allow remote attackers to exec...
E
CVE-2008-6841 PHP remote file inclusion vulnerability in the Green Mountain Information Technology and Consulting ...
E
CVE-2008-6842 Directory traversal vulnerability in data/modules/blog/module_pages_site.php in Pluck 4.6.1 allows r...
E
CVE-2008-6843 Directory traversal vulnerability in index.php in Fantastico, as used with cPanel 11.x, allows remot...
E
CVE-2008-6844 The registration view (/user/register) in eZ Publish 3.5.6 and earlier, and possibly other versions ...
E
CVE-2008-6845 The unpack feature in ClamAV 0.93.3 and earlier allows remote attackers to cause a denial of service...
CVE-2008-6846 Multiple stack-based buffer overflows in avast! Linux Home Edition 1.0.5, 1.0.5-1, and 1.0.8 allow r...
CVE-2008-6847 Cross-site scripting (XSS) vulnerability in Employee/emp_login.asp in Pre ASP Job Board allows remot...
E
CVE-2008-6848 Cross-site scripting (XSS) vulnerability in index.php in phpGreetCards 3.7 allows remote attackers t...
E
CVE-2008-6849 Unrestricted file upload vulnerability in index.php in phpGreetCards 3.7 allows remote attackers to ...
E
CVE-2008-6850 Cross-site scripting (XSS) vulnerability in messages.php in PHP-Fusion 6.01.17 and 7.00.3 allows rem...
S
CVE-2008-6851 SQL injection vulnerability in page.php in PHP Link Directory (phpLD) 3.3, when register_globals is ...
E
CVE-2008-6852 SQL injection vulnerability in the Ice Gallery (com_ice) component 0.5 beta 2 for Joomla! allows rem...
E
CVE-2008-6853 SQL injection vulnerability in modules/poll/index.php in AIST NetCat 3.0 and 3.12 allows remote atta...
E
CVE-2008-6854 Xigla Software Absolute FAQ Manager.NET 6.0 allows remote attackers to bypass authentication and gai...
E
CVE-2008-6855 Xigla Software Absolute News Feed 1.0 and possibly 1.5 allows remote attackers to bypass authenticat...
E
CVE-2008-6856 Xigla Software Absolute News Manager.NET 5.1 allows remote attackers to bypass authentication and ga...
E
CVE-2008-6857 Absolute Podcast .NET 1.0 allows remote attackers to bypass authentication and gain administrative a...
E
CVE-2008-6858 Absolute Banner Manager .NET 4.0 allows remote attackers to bypass authentication and gain administr...
E
CVE-2008-6859 Xigla Software Absolute Control Panel XE 1.5 allows remote attackers to bypass authentication and ga...
E
CVE-2008-6860 Xigla Software Absolute Poll Manager XE 4.1 allows remote attackers to bypass authentication and gai...
E
CVE-2008-6861 Xigla Software Absolute Newsletter 6.0 and 6.1 allows remote attackers to bypass authentication and ...
E
CVE-2008-6862 Absolute Content Rotator 6.0 allows remote attackers to bypass authentication and gain administrativ...
E
CVE-2008-6863 Xigla Software Absolute Form Processor .NET 4.0 allows remote attackers to bypass authentication and...
E
CVE-2008-6864 Xigla Software Absolute Live Support .NET 5.1 allows remote attackers to bypass authentication and g...
E
CVE-2008-6865 SQL injection vulnerability in modules.php in the Sectionsnew module for PHP-Nuke allows remote atta...
E
CVE-2008-6866 SQL injection vulnerability in modules.php in the Current_Issue module for PHP-Nuke allows remote at...
E
CVE-2008-6867 SQL injection vulnerability in content.php in Scripts For Sites (SFS) EZ Career allows remote attack...
E
CVE-2008-6868 Cross-site scripting (XSS) vulnerability in default/login.php in EditeurScripts EsBaseAdmin 2.1 allo...
E
CVE-2008-6869 Oramon Oracle Database Monitoring Tool 2.0.1 stores sensitive information under the web root with in...
E
CVE-2008-6870 Merlix Educate Server allows remote attackers to bypass intended security restrictions and obtain se...
E
CVE-2008-6871 Merlix Educate Server stores db.mdb under the web root with insufficient access control, which allow...
E
CVE-2008-6872 ASPThai.NET ASPThai Forums 8.5 stores sensitive information under the web root with insufficient acc...
E
CVE-2008-6873 SQL injection vulnerability in Active Web Mail 4.0 allows remote attackers to execute arbitrary SQL ...
E
CVE-2008-6874 Multiple SQL injection vulnerabilities in ASP SiteWare autoDealer 1 and 2 allow remote attackers to ...
E
CVE-2008-6875 SQL injection vulnerability in default.asp in ASP Product Catalog allows remote attackers to execute...
E
CVE-2008-6876 Cross-site scripting (XSS) vulnerability in login.php in EsPartenaires 1.0 allows remote attackers t...
E
CVE-2008-6877 Directory traversal vulnerability in admin/includes/initsystem.php in Zen Cart 1.3.8 and 1.3.8a, whe...
E
CVE-2008-6878 Directory traversal vulnerability in admin/includes/languages/english.php in Zen Cart 1.3.8a, 1.3.8,...
E
CVE-2008-6879 Cross-site scripting (XSS) vulnerability in Apache Roller 2.3, 3.0, 3.1, and 4.0 allows remote attac...
S
CVE-2008-6880 SQL injection vulnerability in joke.php in EasySiteNetwork Free Jokes Website allows remote attacker...
E
CVE-2008-6881 Multiple SQL injection vulnerabilities in the Live Chat (com_livechat) component 1.0 for Joomla! all...
E S
CVE-2008-6882 Live Chat (com_livechat) component 1.0 for Joomla! allows remote attackers to use the xmlhttp.php sc...
E
CVE-2008-6883 SQL injection vulnerability in the Live Chat (com_livechat) component 1.0 for Joomla! allows remote ...
E
CVE-2008-6884 Multiple directory traversal vulnerabilities in XOOPS 2.3.1, when register_globals is enabled, allow...
E S
CVE-2008-6885 Cross-site scripting (XSS) vulnerability in pmlite.php in XOOPS 2.3.1 and 2.3.2a allows remote attac...
E S
CVE-2008-6886 RSA EnVision 3.5.0, 3.5.1, 3.5.2, and 3.7.0 does not properly restrict access to unspecified user pr...
S
CVE-2008-6887 SQL injection vulnerability in detailad.asp in Pre Classified Listings 1.0 allows remote attackers t...
E
CVE-2008-6888 Cross-site scripting (XSS) vulnerability in signup.asp in Pre Classified Listings 1.0 allows remote ...
E
CVE-2008-6889 SQL injection vulnerability in Merchantsadd.asp in ASPReferral 5.3 allows remote attackers to execut...
E
CVE-2008-6890 SQL injection vulnerability in messages.asp in ASP Forum Script allows remote attackers to execute a...
E
CVE-2008-6891 Multiple cross-site scripting (XSS) vulnerabilities in ASP Forum Script allow remote attackers to in...
E
CVE-2008-6892 SQL injection vulnerability in lire/index.php in Peel 3.1 allows remote attackers to execute arbitra...
E
CVE-2008-6893 Cross-site scripting (XSS) vulnerability in Alt-N MDaemon WorldClient 10.0.2, when Internet Explorer...
CVE-2008-6894 Multiple cross-site scripting (XSS) vulnerabilities in login.php in 3CX Phone System Free Edition 6....
CVE-2008-6895 3CX Phone System 6.0.806.0 allows remote attackers to cause a denial of service (unstable service or...
CVE-2008-6896 login.php in 3CX Phone System 6.0.806.0, when 100% disk capacity is reached, allows remote attackers...
CVE-2008-6897 Multiple buffer overflows in Getleft.exe in Andres Garcia Getleft 1.2 allow remote attackers to caus...
E
CVE-2008-6898 Buffer overflow in the XHTTP Module 4.1.0.0 in the ActiveX control for SaschArt SasCam Webcam Server...
E
CVE-2008-6899 Multiple buffer overflows in freeSSHd 1.2.1 allow remote authenticated users to cause a denial of se...
E
CVE-2008-6900 Unrestricted file upload vulnerability in "Add Pen/Author Name" feature in addpen.php in AvailScript...
E
CVE-2008-6901 Multiple directory traversal vulnerabilities in 2532designs 2532|Gigs 1.2.2 Stable, when register_gl...
E
CVE-2008-6902 Unrestricted file upload vulnerability in upload_flyer.php in 2532designs 2532|Gigs 1.2.2 Stable all...
E
CVE-2008-6903 Sophos Anti-Virus for Windows before 7.6.3, Anti-Virus for Windows NT/9x before 4.7.18, Anti-Virus f...
S
CVE-2008-6904 Multiple unspecified vulnerabilities in Sophos SAVScan 4.33.0 for Linux, and possibly other products...
CVE-2008-6905 Cross-site request forgery (CSRF) vulnerability in index.php in BabbleBoard 1.1.6 allows remote auth...
E
CVE-2008-6906 Cross-site scripting (XSS) vulnerability in index.php in BabbleBoard 1.1.6 allows remote attackers t...
E
CVE-2008-6907 Multiple SQL injection vulnerabilities in checkuser.php in 2532designs 2532|Gigs 1.2.2 Stable, when ...
E
CVE-2008-6908 Services 5.x before 5.x-0.92 and 6.x before 6.x-0.13, a module for Drupal, uses an insecure hash whe...
S
CVE-2008-6909 Services 5.x before 5.x-0.92 and 6.x before 6.x-0.13, a module for Drupal, does not sign all require...
S
CVE-2008-6910 Services 5.x before 5.x-0.92 and 6.x before 6.x-0.13, a module for Drupal, does not use timeouts for...
S
CVE-2008-6911 SQL injection vulnerability in the authenticateUser function in includes/authentication.inc.php in B...
E
CVE-2008-6912 Zeeways SHAADICLONE 2.0 allows remote attackers to bypass authentication and gain administrative pri...
E
CVE-2008-6913 Unrestricted file upload vulnerability in editresume_next.php in Zeeways ZEEJOBSITE 2.0 allows remot...
E
CVE-2008-6914 Unrestricted file upload vulnerability in viewprofile.php in Zeeways ZEEPROPERTY 1.0 allows remote a...
E
CVE-2008-6915 Cross-site scripting (XSS) vulnerability in view_prop_details.php in Zeeways ZEEPROPERTY 1.0 allows ...
E
CVE-2008-6916 Siemens SpeedStream 5200 with NetPort Software 1.1 allows remote attackers to bypass authentication ...
E
CVE-2008-6917 SQL injection vulnerability in admin.php in Exocrew ExoPHPDesk 1.2 Final allows remote attackers to ...
E
CVE-2008-6918 Unrestricted file upload vulnerability in admin/galeria.php in ThePortal2 2.2 allows remote attacker...
E
CVE-2008-6919 profileedit.php TaskDriver 1.3 and earlier allows remote attackers to bypass authentication and gain...
E
CVE-2008-6920 Unrestricted file upload vulnerability in auth.php in phpEmployment 1.8 allows remote attackers to e...
E
CVE-2008-6921 Unrestricted file upload vulnerability in index.php in phpAdBoard 1.8 allows remote attackers to exe...
E
CVE-2008-6922 Multiple stack-based buffer overflows in CMailCOM.dll in CMailServer 5.4.6 allow remote attackers to...
E
CVE-2008-6923 SQL injection vulnerability in the content component (com_content) 1.0.0 for Joomla! allows remote a...
E
CVE-2008-6924 Multiple cross-site scripting (XSS) vulnerabilities in register.php in eSyndiCat Directory 2.2 allow...
E
CVE-2008-6925 Cross-site scripting (XSS) vulnerability in function.php in Zenphoto 1.1.7 allows remote attackers t...
CVE-2008-6926 Directory traversal vulnerability in autoinstall4imagesgalleryupgrade.php in the Fantastico De Luxe ...
E
CVE-2008-6927 Multiple cross-site scripting (XSS) vulnerabilities in autoinstall4imagesgalleryupgrade.php in the F...
E
CVE-2008-6928 Unrestricted file upload vulnerability in PHPStore Complete Classifieds allows remote authenticated ...
E
CVE-2008-6929 Unrestricted file upload vulnerability in PHPStore Auto Classifieds allows remote authenticated user...
E
CVE-2008-6930 Unrestricted file upload vulnerability in PHPStore Real Estate allows remote authenticated users to ...
E
CVE-2008-6931 Unrestricted file upload vulnerability in PHPStore Job Search (aka PHPCareers) allows remote authent...
E
CVE-2008-6932 Unrestricted file upload vulnerability in submit_file.php in AlstraSoft SendIt Pro allows remote att...
E
CVE-2008-6933 Directory traversal vulnerability in index.php in MiniGal b13 (aka MG2) allows remote attackers to r...
E
CVE-2008-6934 Static code injection vulnerability in Sanus|artificium (aka Sanusart) Free simple guestbook PHP scr...
E
CVE-2008-6935 Argument injection vulnerability in Exodus 0.10 allows remote attackers to inject arbitrary command ...
E
CVE-2008-6936 Argument injection vulnerability in Exodus 0.10 allows remote attackers to inject arbitrary command ...
E
CVE-2008-6937 Argument injection vulnerability in Exodus 0.10 allows remote attackers to inject arbitrary command ...
CVE-2008-6938 Pi3Web 2.0.3 before PL2, when installed on Windows as a desktop application and without using the Pi...
E S
CVE-2008-6939 TurnkeyForms Web Hosting Directory allows remote attackers to bypass authentication and (1) gain adm...
E
CVE-2008-6940 TurnkeyForms Web Hosting Directory stores sensitive information under the web root with insufficient...
E
CVE-2008-6941 SQL injection vulnerability in the login functionality in TurnkeyForms Web Hosting Directory allows ...
E
CVE-2008-6942 Unrestricted file upload vulnerability in ScriptsFeed Realtor Classifieds System (aka Real Estate Cl...
E
CVE-2008-6943 Unrestricted file upload vulnerability in ScriptsFeed Recipes Listing Portal allows remote authentic...
E
CVE-2008-6944 Unrestricted file upload vulnerability in ScriptsFeed Auto Classifieds allows remote authenticated u...
E
CVE-2008-6945 Multiple cross-site scripting (XSS) vulnerabilities in Interchange 5.7 before 5.7.1, 5.6 before 5.6....
S
CVE-2008-6946 Cross-site scripting (XSS) vulnerability in manageproject.php in Collabtive 0.4.8 allows user-assist...
E
CVE-2008-6947 Collabtive 0.4.8 allows remote attackers to bypass authentication and create new users, including ad...
E
CVE-2008-6948 Unrestricted file upload vulnerability in Collabtive 0.4.8 allows remote authenticated users to exec...
E
CVE-2008-6949 Multiple cross-site request forgery (CSRF) vulnerabilities in Collabtive 0.4.8 allow remote attacker...
E
CVE-2008-6950 Multiple SQL injection vulnerabilities in login.asp in Bankoi WebHosting Control Panel 1.20 allow re...
E
CVE-2008-6951 MauryCMS 0.53.2 and earlier does not require administrative authentication for Editors/fckeditor/edi...
E
CVE-2008-6952 SQL injection vulnerability in Rss.php in MauryCMS 0.53.2 and earlier allows remote attackers to exe...
E
CVE-2008-6953 Buffer overflow in oovoo.exe in ooVoo 1.7.1.35, and possibly other versions before 1.7.1.59, allows ...
E S
CVE-2008-6954 The web interface (CobblerWeb) in Cobbler before 1.2.9 allows remote authenticated users to execute ...
S
CVE-2008-6955 mxCamArchive 2.2 stores sensitive information under the web root with insufficient access control, w...
E
CVE-2008-6956 Static code injection vulnerability in admin/admin.php in mxCamArchive 2.2 allows remote authenticat...
E
CVE-2008-6957 member.php in Crossday Discuz! Board allows remote attackers to reset passwords of arbitrary users v...
E
CVE-2008-6958 wap/index.php in Crossday Discuz! Board 6.x and 7.x allows remote authenticated users to execute arb...
E
CVE-2008-6959 Insecure method vulnerability in the Chilkat Socket ActiveX control (ChilkatSocket.ChilkatSocket.1) ...
E
CVE-2008-6960 download.php in X10media x10 Automatic Mp3 Search Engine Script 1.5.5 through 1.6 allows remote atta...
E
CVE-2008-6961 mailnews in Mozilla Thunderbird before 2.0.0.18 and SeaMonkey before 1.1.13, when JavaScript is enab...
CVE-2008-6962 Avira AntiVir Premium, Premium Security Suite, AntiVir Professional, and AntiVir Personal - FREE all...
CVE-2008-6963 admin.php in TurnkeyForms Text Link Sales allows remote attackers to bypass authentication and gain ...
E
CVE-2008-6964 SQL injection vulnerability in the login page in X7 Chat 2.0.5 allows remote attackers to execute ar...
E
CVE-2008-6965 AJ Square AJ Auction OOPD, Pro Platinum Skin #1, Pro Platinum Skin #2, and Web 2.0 send a redirect b...
E
CVE-2008-6966 AJ Square AJ Auction Pro Platinum Skin #1 sends a redirect but does not exit when it is called direc...
E
CVE-2008-6967 Multiple unspecified vulnerabilities in WorldClient in Alt-N MDaemon before 10.02 have unknown impac...
S
CVE-2008-6968 Multiple SQL injection vulnerabilities in submit.php in Pligg CMS 9.9.5 allow remote attackers to ex...
CVE-2008-6969 Multiple cross-site scripting (XSS) vulnerabilities in checkout.php in Avactis Shopping Cart 1.8.0 a...
CVE-2008-6970 SQL injection vulnerability in dosearch.inc.php in UBB.threads 7.3.1 and earlier allows remote attac...
E
CVE-2008-6971 The password reset functionality in Simple Machines Forum (SMF) 1.0.x before 1.0.14, 1.1.x before 1....
E S
CVE-2008-6972 Multiple cross-site scripting (XSS) vulnerabilities in Drupal Content Construction Kit (CCK) 5.x thr...
S
CVE-2008-6973 Multiple unspecified vulnerabilities in IBM WebSphere Commerce 6.0 before 6.0.0.7 have unknown impac...
S
CVE-2008-6974 Multiple cross-site request forgery (CSRF) vulnerabilities in apply.cgi in DD-WRT 24 sp1 and earlier...
E
CVE-2008-6975 Multiple cross-site request forgery (CSRF) vulnerabilities in apply.cgi in DD-WRT 24 sp2 allow remot...
E
CVE-2008-6976 MikroTik RouterOS 3.x through 3.13 and 2.x through 2.9.51 allows remote attackers to modify Network ...
E
CVE-2008-6977 Cross-site scripting (XSS) vulnerability in album.asp in Full Revolution aspWebAlbum 3.2 allows remo...
E
CVE-2008-6978 Unrestricted file upload vulnerability in Full Revolution aspWebAlbum 3.2 allows remote attackers to...
E
CVE-2008-6979 Cross-site scripting (XSS) vulnerability in as_archives.php in phpAdultSite CMS, possibly 2.3.2, all...
E
CVE-2008-6980 SQL injection vulnerability in as_archives.php in phpAdultSite CMS, possibly 2.3.2, allows remote at...
CVE-2008-6981 index.php in phpAdultSite CMS, possibly 2.3.2, allows remote attackers to obtain the full installati...
CVE-2008-6982 Cross-site scripting (XSS) vulnerability in index.php in devalcms 1.4a allows remote attackers to in...
E S
CVE-2008-6983 modules/tool/hitcounter.php in devalcms 1.4a allows remote attackers to execute arbitrary PHP code v...
E
CVE-2008-6984 Plesk 8.6.0, when short mail login names (SHORTNAMES) are enabled, allows remote attackers to bypass...
E
CVE-2008-6985 Multiple SQL injection vulnerabilities in includes/classes/shopping_cart.php in Zen Cart 1.2.0 throu...
E
CVE-2008-6986 SQL injection vulnerability in the actionMultipleAddProduct function in includes/classes/shopping_ca...
E
CVE-2008-6987 Unrestricted file upload vulnerability in eZoneScripts Dating Website script allows remote attackers...
CVE-2008-6988 Multiple cross-site scripting (XSS) vulnerabilities in Easy Photo Gallery (aka Ezphotogallery) 2.1 a...
E
CVE-2008-6989 SQL injection vulnerability in gallery.php in Easy Photo Gallery (aka Ezphotogallery) 2.1 allows rem...
E
CVE-2008-6990 SQL injection vulnerability in gallery.php in Easy Photo Gallery (aka Ezphotogallery) 2.1 allows rem...
CVE-2008-6991 SQL injection vulnerability in public/page.php in Websens CMSbright allows remote attackers to execu...
E
CVE-2008-6992 GreenSQL Firewall (greensql-fw), possibly before 0.9.2 or 0.9.4, allows remote attackers to bypass t...
E S
CVE-2008-6993 Siemens Gigaset WLAN Camera 1.27 has an insecure default password, which allows remote attackers to ...
CVE-2008-6994 Stack-based buffer overflow in the SaveAs feature (SaveFileAsWithFilter function) in win_util.cc in ...
E
CVE-2008-6995 Integer underflow in net/base/escape.cc in chrome.dll in Google Chrome 0.2.149.27 allows remote atta...
E
CVE-2008-6996 Google Chrome BETA (0.2.149.27) does not prompt the user before saving an executable file, which mak...
E
CVE-2008-6997 Google Chrome 0.2.149.27 allows user-assisted remote attackers to cause a denial of service (browser...
E
CVE-2008-6998 Stack-based buffer overflow in chrome/common/gfx/url_elider.cc in Google Chrome 0.2.149.27 and other...
E S
CVE-2008-6999 phpAuction 3.2, and possibly 3.3.0 GPL Basic edition, allows remote attackers to obtain configuratio...
E
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.