Export limit exceeded: 365158 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (365158 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-7242 | 1 Modxcms | 1 Modxcms | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in MODx CMS 0.9.6.1 and 0.9.6.1p1 allo remote attackers to inject arbitrary web script or HTML via the (1) search, (2) "a," (3) messagesubject, and (4) messagebody parameters to certain pages as reachable from manager/index.php; (5) highlight, (6) id, (7) email, (8) name, and (9) parent parameters to index.php; and the (10) docgrp and (11) moreResultsPage parameters to index-ajax.php. | ||||
| CVE-2008-7243 | 1 Modxcms | 1 Modxcms | 2026-04-23 | N/A |
| Cross-site request forgery (CSRF) vulnerability in page 34 in MODx CMS 0.9.6.1 and 0.9.6.1p1 allows remote attackers to hijack the authentication of other users for requests that modify passwords via manager/index.php. NOTE: due to the lack of details, it is not clear whether this is related to CVE-2008-5941. | ||||
| CVE-2008-7244 | 1 Mozilla | 1 Firefox | 2026-04-23 | N/A |
| Mozilla Firefox 3.0.1 and earlier allows remote attackers to cause a denial of service (browser hang) by calling the window.print function in a loop, aka a "printing DoS attack," possibly a related issue to CVE-2009-0821. | ||||
| CVE-2008-7245 | 1 Opera | 1 Opera Browser | 2026-04-23 | N/A |
| Opera 9.52 and earlier allows remote attackers to cause a denial of service (unusable browser) by calling the window.print function in a loop, aka a "printing DoS attack," possibly a related issue to CVE-2009-0821. | ||||
| CVE-2008-7246 | 1 Google | 1 Chrome | 2026-04-23 | N/A |
| Google Chrome 0.2.149.29 and earlier allows remote attackers to cause a denial of service (unusable browser) by calling the window.print function in a loop, aka a "printing DoS attack," possibly a related issue to CVE-2009-0821. | ||||
| CVE-2008-7247 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2026-04-23 | N/A |
| sql/sql_table.cc in MySQL 5.0.x through 5.0.88, 5.1.x through 5.1.41, and 6.0 before 6.0.9-alpha, when the data home directory contains a symlink to a different filesystem, allows remote authenticated users to bypass intended access restrictions by calling CREATE TABLE with a (1) DATA DIRECTORY or (2) INDEX DIRECTORY argument referring to a subdirectory that requires following this symlink. | ||||
| CVE-2008-6855 | 1 Xigla | 1 Absolute News Feed | 2026-04-23 | N/A |
| Xigla Software Absolute News Feed 1.0 and possibly 1.5 allows remote attackers to bypass authentication and gain administrative access by setting a certain cookie. | ||||
| CVE-2008-6856 | 1 Xigla | 1 Absolute News Manager.net | 2026-04-23 | N/A |
| Xigla Software Absolute News Manager.NET 5.1 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. | ||||
| CVE-2008-6857 | 1 Xigla | 1 Absolute Podcast.net | 2026-04-23 | N/A |
| Absolute Podcast .NET 1.0 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. | ||||
| CVE-2008-6858 | 1 Xigla | 1 Absolute Banner Manager.net | 2026-04-23 | N/A |
| Absolute Banner Manager .NET 4.0 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. | ||||
| CVE-2008-6859 | 1 Xigla | 1 Absolute Control Panel Xe | 2026-04-23 | N/A |
| Xigla Software Absolute Control Panel XE 1.5 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. | ||||
| CVE-2008-6860 | 1 Xigla | 1 Absolute Poll Manager Xe | 2026-04-23 | N/A |
| Xigla Software Absolute Poll Manager XE 4.1 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. | ||||
| CVE-2008-6861 | 1 Xigla | 1 Absolute Newsletter | 2026-04-23 | N/A |
| Xigla Software Absolute Newsletter 6.0 and 6.1 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. | ||||
| CVE-2008-6862 | 1 Xigla | 1 Absolute Content Rotator | 2026-04-23 | N/A |
| Absolute Content Rotator 6.0 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. | ||||
| CVE-2008-6863 | 1 Xigla | 1 Absolute Form Processor.net | 2026-04-23 | N/A |
| Xigla Software Absolute Form Processor .NET 4.0 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. | ||||
| CVE-2008-6864 | 1 Xigla | 1 Absolute Live Support .net | 2026-04-23 | N/A |
| Xigla Software Absolute Live Support .NET 5.1 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. | ||||
| CVE-2008-6865 | 2 Php-nuke, Phpnuke | 2 Sections Module, Php-nuke | 2026-04-23 | N/A |
| SQL injection vulnerability in modules.php in the Sectionsnew module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action. | ||||
| CVE-2008-6866 | 1 Php-nuke | 1 Current Issue Module | 2026-04-23 | N/A |
| SQL injection vulnerability in modules.php in the Current_Issue module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a summary action. | ||||
| CVE-2008-6867 | 1 Scripts For Sites | 1 Ez Career | 2026-04-23 | N/A |
| SQL injection vulnerability in content.php in Scripts For Sites (SFS) EZ Career allows remote attackers to execute arbitrary SQL commands via the topic parameter. | ||||
| CVE-2008-6868 | 1 Editeurscripts | 1 Esbaseadmin | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in default/login.php in EditeurScripts EsBaseAdmin 2.1 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: the EsContacts 1.0 issue is covered in CVE-2008-2037. | ||||