Export limit exceeded: 363680 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363680 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-2479 | 1 Badongo | 1 Phpfix | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in phpFix 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) kind parameter to fix/browse.php and the (2) account parameter to auth/00_pass.php. | ||||
| CVE-2008-2480 | 1 Plusphp | 1 Plusphp Short Url Multi-user Script | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in plus.php in plusPHP Short URL Multi-User Script 1.6 allows remote attackers to execute arbitrary PHP code via a URL in the _pages_dir parameter. | ||||
| CVE-2008-2481 | 1 Phpraider | 1 Phpraider | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in authentication/phpbb3/phpbb3.functions.php in phpRaider 1.0.7 and 1.0.7a, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the pConfig_auth[phpbb_path] parameter. | ||||
| CVE-2008-2482 | 1 Insanevisions | 1 Onecms | 2026-04-23 | N/A |
| Directory traversal vulnerability in install_mod.php in insanevisions OneCMS 2.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the load parameter in a go action. | ||||
| CVE-2008-2483 | 1 Xomol | 1 Xomol Cms | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in Xomol CMS 1.20071213 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the op parameter. | ||||
| CVE-2008-2484 | 1 Xomol | 1 Xomol Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Xomol CMS 1.20071213, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the email parameter. | ||||
| CVE-2008-2485 | 1 Pcpin | 1 Pcpin Chat | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the URL redirection script (inc/url_redirection.inc.php) in PCPIN Chat before 6.11 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2008-2486 | 1 Emule | 1 Emule Plus | 2026-04-23 | N/A |
| Unspecified vulnerability in eMule Plus before 1.2d has unknown impact and attack vectors related to "staticservers.dat processing." | ||||
| CVE-2008-2487 | 1 Maxsite | 1 Maxsite | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in MAXSITE 1.10 and earlier allows remote attackers to execute arbitrary SQL commands via the category parameter in a webboard action. | ||||
| CVE-2008-2488 | 1 Beaussier | 1 Roomphplanning | 2026-04-23 | N/A |
| admin/userform.php in RoomPHPlanning 1.5 does not require administrative credentials, which allows remote authenticated users to create new admin accounts. | ||||
| CVE-2008-2489 | 1 Typo3 | 1 Sg Zfelib | 2026-04-23 | N/A |
| SQL injection vulnerability in the Library for Frontend Plugins (aka sg_zfelib) extension 1.1.512 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified "user input." | ||||
| CVE-2008-2490 | 1 Typo3 | 1 Kj Imagelightbox2 | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the KJ Image Lightbox 2 (aka kj_imagelightbox2) extension 1.4.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified "user input." | ||||
| CVE-2008-2491 | 1 Hotscripts | 1 Ablespace | 2026-04-23 | N/A |
| SQL injection vulnerability in adv_cat.php in AbleSpace 1.0 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | ||||
| CVE-2008-2492 | 1 Badongo | 1 Campus Bulletin Board | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Campus Bulletin Board 3.4 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to post3/view.asp and the (2) review parameter to post3/book.asp. | ||||
| CVE-2008-2493 | 1 Badongo | 1 Campus Bulletin Board | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in post3/Book.asp in Campus Bulletin Board 3.4 allows remote attackers to inject arbitrary web script or HTML via the review parameter. | ||||
| CVE-2008-2494 | 1 Pancake | 1 Zina | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Zina 1.0 RC3 allows remote attackers to inject arbitrary web script or HTML via the l parameter. | ||||
| CVE-2008-2495 | 1 Pancake | 1 Zina | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in Zina 1.0 RC3 allows remote attackers to have an unknown impact via a .. (dot dot) in the p parameter. | ||||
| CVE-2008-2496 | 1 Quate | 1 Quate Cms | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Quate CMS 0.3.4 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) index.php, (2) login.php, and (3) credits.php in admin/, and (4) upgrade/index.php. | ||||
| CVE-2008-2497 | 1 Mambo-foundation | 1 Mambo | 2026-04-23 | N/A |
| CRLF injection vulnerability in Mambo before 4.6.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. | ||||
| CVE-2008-2498 | 1 Mambo-foundation | 1 Mambo | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in index.php in Mambo before 4.6.4, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) articleid and (2) mcname parameters. NOTE: some of these details are obtained from third party information. | ||||