Export limit exceeded: 364863 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364863 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-6115 1 Prozilla 1 Hosting Index 2026-04-23 N/A
SQL injection vulnerability in directory.php in Prozilla Hosting Index allows remote attackers to execute arbitrary SQL commands via the id parameter in a deadlink action, a different vector than CVE-2008-2083.
CVE-2008-6116 2 Extrosoft, Joomla 2 Com Thyme, Joomla 2026-04-23 N/A
SQL injection vulnerability in the EXtrovert Software Thyme (com_thyme) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the event parameter to index.php.
CVE-2008-6117 1 Pilotgroup 1 Pg Job Site Pro 2026-04-23 N/A
SQL injection vulnerability in homepage.php in PG Job Site Pro allows remote attackers to execute arbitrary SQL commands via the poll_view_id parameter in a results action.
CVE-2008-6118 1 Goople Cms 1 Goople Cms 2026-04-23 N/A
win/content/upload.php in Goople CMS 1.7 allows remote attackers to bypass authentication and gain administrative access by setting the loggedin cookie to 1.
CVE-2008-6119 1 Goople Cms 1 Goople Cms 2026-04-23 N/A
Static code injection vulnerability in gooplecms/admin/account/action/editpass.php in Goople CMS 1.7 allows remote attackers to inject arbitrary PHP code into admin/userandpass.php via the (1) username and (2) password parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-6120 1 Socialengine 1 Socialengine 2026-04-23 N/A
SQL injection vulnerability in profile_comments.php in SocialEngine (SE) 2.7 and earlier allows remote attackers to execute arbitrary SQL commands via the comment_secure parameter.
CVE-2008-6121 1 Socialengine 1 Socialengine 2026-04-23 N/A
CRLF injection vulnerability in SocialEngine (SE) 2.7 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the PHPSESSID cookie.
CVE-2008-6122 1 Netgear 1 Wgr614 2026-04-23 N/A
The web management interface in Netgear WGR614v9 allows remote attackers to cause a denial of service (crash) via a request that contains a question mark ("?").
CVE-2008-6123 4 Net-snmp, Opensuse, Redhat and 1 more 4 Net-snmp, Opensuse, Enterprise Linux and 1 more 2026-04-23 N/A
The netsnmp_udp_fmtaddr function (snmplib/snmpUDPDomain.c) in net-snmp 5.0.9 through 5.4.2.1, when using TCP wrappers for client authorization, does not properly parse hosts.allow rules, which allows remote attackers to bypass intended access restrictions and execute SNMP queries, related to "source/destination IP address confusion."
CVE-2008-6124 2 Debian, Moodle 2 Debian Linux, Moodle 2026-04-23 N/A
SQL injection vulnerability in the hotpot_delete_selected_attempts function in report.php in the HotPot module in Moodle 1.6 before 1.6.7, 1.7 before 1.7.5, 1.8 before 1.8.6, and 1.9 before 1.9.2 allows remote attackers to execute arbitrary SQL commands via a crafted selected attempt.
CVE-2008-6125 2 Debian, Moodle 2 Debian Linux, Moodle 2026-04-23 N/A
Unspecified vulnerability in the user editing interface in Moodle 1.5.x, 1.6 before 1.6.6, and 1.7 before 1.7.3 allows remote authenticated users to gain privileges via unknown vectors.
CVE-2008-6126 1 Mozilo 1 Mozilocms 2026-04-23 N/A
Multiple directory traversal vulnerabilities in moziloCMS 1.10.2 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) file parameter to download.php and the (2) page parameter to index.php, a different vector than CVE-2008-3589.
CVE-2008-6127 1 Mozilo 1 Mozilocms 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in moziloCMS 1.10.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) page and (2) query parameters to (a) index.php, (3) cat and (4) file parameters to (b) download.php, (5) gal parameter to gallery.php, and the (6) URL to admin/login.php.
CVE-2008-6128 1 Mozilo 1 Mozilocms 2026-04-23 N/A
Session fixation vulnerability in moziloCMS 1.10.2 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.
CVE-2008-6129 1 Mozilo 1 Mozilowiki 2026-04-23 N/A
Directory traversal vulnerability in print.php in moziloWiki 1.0.1 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter.
CVE-2008-6130 1 Mozilo 1 Mozilowiki 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.php in moziloWiki 1.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) action and (2) page parameters.
CVE-2008-6131 1 Mozilo 1 Mozilowiki 2026-04-23 N/A
Session fixation vulnerability in moziloWiki 1.0.1 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.
CVE-2008-6132 1 Brickhost 1 Phpscheduleit 2026-04-23 N/A
Eval injection vulnerability in reserve.php in phpScheduleIt 1.2.10 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via the start_date parameter.
CVE-2008-6133 1 Ozsari 1 Full Php Emlak Script 2026-04-23 N/A
SQL injection vulnerability in arsaprint.php in Full PHP Emlak Script allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3942.
CVE-2008-6134 1 Drupal 2 Drupal, Everyblog 2026-04-23 N/A
SQL injection vulnerability in EveryBlog 5.x and 6.x, a module for Drupal, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.