Export limit exceeded: 364834 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364834 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-5631 1 Activewebsoftwares 1 Active Ewebquiz 2026-04-23 N/A
SQL injection vulnerability in start.asp in Active eWebquiz 8.0 allows remote attackers to execute arbitrary SQL commands via the (1) useremail parameter (aka username field) or the (2) password parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-5632 1 Activewebsoftwares 1 Active Time Billing 2026-04-23 N/A
SQL injection vulnerability in Account.asp in Active Time Billing 3.2 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters, possibly related to start.asp. NOTE: some of these details are obtained from third party information.
CVE-2008-5633 1 Activewebsoftwares 1 Activevotes 2026-04-23 N/A
SQL injection vulnerability in register.asp in ActiveVotes 2.2 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters, possibly related to start.asp. NOTE: some of these details are obtained from third party information.
CVE-2008-5634 1 Activewebsoftwares 1 Active Force Matrix 2026-04-23 N/A
SQL injection vulnerability in account.asp in Active Force Matrix 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters, possibly related to start.asp. NOTE: some of these details are obtained from third party information.
CVE-2008-5635 1 Activewebsoftwares 1 Active Membership 2026-04-23 N/A
SQL injection vulnerability in account.asp in Active Membership 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters, possibly related to start.asp. NOTE: some of these details are obtained from third party information.
CVE-2008-5636 1 Lovedesigner 1 Lito Lite Cms 2026-04-23 N/A
SQL injection vulnerability in cate.php in Lito Lite CMS, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2008-5637 1 Parsblogger 1 Parsblogger 2026-04-23 N/A
SQL injection vulnerability in blog.asp in ParsBlogger (Pb) allows remote attackers to execute arbitrary SQL commands via the wr parameter.
CVE-2008-5638 1 Activewebsoftwares 1 Active Price Comparison 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Active Price Comparison 4 allow remote attackers to execute arbitrary SQL commands via the (1) ProductID parameter to reviews.aspx or the (2) linkid parameter to links.asp.
CVE-2008-5639 1 Txtblogcms 1 Txtblog 2026-04-23 N/A
Directory traversal vulnerability in index.php in TxtBlog 1.0 Alpha allows remote attackers to read arbitrary files via a .. (dot dot) in the m parameter.
CVE-2008-5640 1 Activewebsoftwares 1 Active Bids 2026-04-23 N/A
SQL injection vulnerability in bidhistory.asp in Active Bids 3.5 allows remote attackers to execute arbitrary SQL commands via the ItemID parameter.
CVE-2008-5641 1 Activewebsoftwares 1 Active Photo Gallery 2026-04-23 N/A
SQL injection vulnerability in account.asp in Active Photo Gallery 6.2 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters.
CVE-2008-5642 1 Cmsmadesimple 1 Cms Made Simple 2026-04-23 N/A
Directory traversal vulnerability in admin/login.php in CMS Made Simple 1.4.1 allows remote attackers to read arbitrary files via a .. (dot dot) in a cms_language cookie.
CVE-2008-5643 2 Joomla, Mambo 3 Com Books, Joomla, Mambo 2026-04-23 N/A
SQL injection vulnerability in the Books (com_books) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the book_id parameter in a book_details action to index.php.
CVE-2008-5644 1 Typo3 1 Typo3 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the file backend module in TYPO3 4.2.2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2008-5645 1 Orb Networks 1 Orb 2026-04-23 N/A
Directory traversal vulnerability in the media server in Orb Networks Orb before 2.01.0022 allows remote attackers to read arbitrary files via directory traversal sequences in an HTTP GET request.
CVE-2008-5646 1 Trac 1 Trac 2026-04-23 N/A
Unspecified vulnerability in Trac before 0.11.2 allows attackers to cause a denial of service via unknown attack vectors related to "certain wiki markup."
CVE-2008-5647 1 Trac 1 Trac 2026-04-23 N/A
Unspecified vulnerability in the HTML sanitizer filter in Trac before 0.11.2 allows attackers to conduct phishing attacks via unknown attack vectors.
CVE-2008-5648 1 Deltascripts 1 Php Shop 2026-04-23 N/A
SQL injection vulnerability in admin/login.php in DeltaScripts PHP Shop 1.0 allows remote attackers to execute arbitrary SQL commands via the admin_username parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-5649 1 Alstrasoft 1 Article Manager Pro 2026-04-23 N/A
SQL injection vulnerability in admin/admin.php in AlstraSoft Article Manager Pro 1.6 allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVE-2008-5650 1 Alstrasoft 1 Webhost Directory 2026-04-23 N/A
SQL injection vulnerability in the login directory in AlstraSoft Web Host Directory allows remote attackers to execute arbitrary SQL commands via the pwd parameter.