Export limit exceeded: 364883 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364883 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-1549 1 Agtc 1 Agtc Myshop 2026-04-23 N/A
AGTC MyShop 3.2b allows remote attackers to bypass authentication and obtain administrative access setting the log_accept cookie to "correcto."
CVE-2008-6301 2 Phpbb, Prezmo 2 Phpbb, Small Shoutbox 2026-04-23 N/A
SQL injection vulnerability in shoutbox_view.php in the Small ShoutBox module 1.4 for phpBB allows remote attackers to execute arbitrary SQL commands via the id parameter in a delete action.
CVE-2008-6302 1 Turnkeyforms 1 Local Classifieds 2026-04-23 N/A
TurnkeyForms Local Classifieds allows remote attackers to bypass authentication and gain administrative access via a direct request to Site_Admin/admin.php.
CVE-2008-6303 1 Toursmanager 1 Tours Manager 2026-04-23 N/A
SQL injection vulnerability in tourview.php in ToursManager allows remote attackers to execute arbitrary SQL commands via the tourid parameter.
CVE-2008-6304 1 Xt-commerce 1 Xt-commerce 2026-04-23 N/A
SQL injection vulnerability in xt:Commerce before 3.0.4 Sp2.1, when magic_quotes_gpc is enabled and the SEO URLs are activated, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-6305 1 Freedirectoryscript 1 Free Directory Script 2026-04-23 N/A
PHP remote file inclusion vulnerability in init.php in Free Directory Script 1.1.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the API_HOME_DIR parameter.
CVE-2008-6306 1 Softbizscripts 1 Classifieds Script 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in signinform.php in Softbiz Classifieds Script allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-6307 1 E-topbiz 1 Link Back Checker 2026-04-23 N/A
E-topbiz Link Back Checker 1 allows remote attackers to bypass authentication and gain administrative access by setting the auth cookie to "admin."
CVE-2008-6308 1 Punbb 2 Private Messaging System, Punbb 2026-04-23 N/A
Multiple directory traversal vulnerabilities in Private Messaging System (PMS) 1.2.3 and earlier for PunBB allow remote attackers to include and execute arbitrary files via a .. (dot dot) in the pun_user[language] parameter to (1) functions_navlinks.php, (2) header_new_messages.php, (3) profile_send.php, and (4) viewtopic_PM-link.php in include/pms/.
CVE-2008-6309 1 W3matter 1 Askpert 2026-04-23 N/A
SQL injection vulnerability in index.php in W3matter AskPert allows remote attackers to execute arbitrary SQL commands via the f[password] parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-6310 1 W3matter 1 Revsense 2026-04-23 N/A
SQL injection vulnerability in index.php in W3matter RevSense 1.0 allows remote attackers to execute arbitrary SQL commands via the f[password] parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-6311 1 Butterflymedia 1 Butterfly Organizer 2026-04-23 N/A
SQL injection vulnerability in view.php in Butterfly Organizer 2.0.1 allows remote attackers to execute arbitrary SQL commands via the mytable parameter. NOTE: the id vector is covered by another CVE name.
CVE-2008-6312 1 Manzovi 1 Proquiz 2026-04-23 N/A
SQL injection vulnerability in index.php in ProQuiz 1.0 allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVE-2008-6313 1 Phpaddedit 1 Phpaddedit 2026-04-23 N/A
Directory traversal vulnerability in addedit-render.php in phpAddEdit 1.3, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a URL in the editform parameter. NOTE: PHP remote file inclusion attacks are also likely.
CVE-2008-6314 1 Phpbb 2 Phpbb, Tag Board 2026-04-23 N/A
SQL injection vulnerability in tag_board.php in the Tag Board module 4.0 and earlier for phpBB allows remote attackers to execute arbitrary SQL commands via the id parameter in a delete action.
CVE-2008-6315 1 Phpmygallery 1 Phpmygallery 2026-04-23 N/A
PHP remote file inclusion vulnerability in _conf/core/common-tpl-vars.php in PHPmyGallery 1.0 beta2 allows remote attackers to execute arbitrary PHP code via a URL in the confdir parameter, a different issue than CVE-2008-6316.
CVE-2008-6316 1 Phpmygallery 1 Phpmygallery 2026-04-23 N/A
Directory traversal vulnerability in _conf/core/common-tpl-vars.php in PHPmyGallery 1.0 beta2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter, a different issue than CVE-2008-6316 and a different vector than CVE-2008-6318.
CVE-2008-6317 1 Phpmygallery 1 Phpmygallery 2026-04-23 N/A
Directory traversal vulnerability in _conf/_php-core/common-tpl-vars.php in PHPmyGallery 1.5 beta allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the conf[lang] parameter, a different issue than CVE-2008-6318. NOTE: this might be the same issue as CVE-2008-6316.
CVE-2008-6327 1 Manzovi 1 Proquiz 2026-04-23 N/A
SQL injection vulnerability in index.php in ProQuiz 1.0 allows remote attackers to execute arbitrary SQL commands via the password parameter, a different vector than CVE-2008-6312.
CVE-2008-6318 1 Phpmygallery 1 Phpmygallery 2026-04-23 N/A
PHP remote file inclusion vulnerability in _conf/_php-core/common-tpl-vars.php in PHPmyGallery 1.5 beta allows remote attackers to execute arbitrary PHP code via a URL in the admindir parameter, a different vector than CVE-2008-6317.