Export limit exceeded: 364725 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364725 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-5057 1 Aspindir 1 Dizi Portali 2026-04-23 N/A
SQL injection vulnerability in film.asp in Yigit Aybuga Dizi Portali allows remote attackers to execute arbitrary SQL commands via the film parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-5058 1 Preproject 1 Pre Simple Cms 2026-04-23 N/A
SQL injection vulnerability in siteadmin/loginsucess.php in Pre Simple CMS allows remote attackers to execute arbitrary SQL commands via the user parameter, as reachable from siteadmin/adminlogin.php. NOTE: some of these details are obtained from third party information.
CVE-2008-5059 1 Modernbill 1 Modernbill 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.php in ModernBill 4.4 and earlier allows remote attackers to inject arbitrary web script or HTML via a Javascript event in the new_language parameter in a login action.
CVE-2008-5060 1 Modernbill 1 Modernbill 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in ModernBill 4.4 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the DIR parameter to (1) export_batch.inc.php, (2) run_auto_suspend.cron.php, and (3) send_email_cache.php in include/scripts/; (4) include/misc/mod_2checkout/2checkout_return.inc.php; and (5) include/html/nettools.popup.php, different vectors than CVE-2006-4034 and CVE-2005-1054.
CVE-2008-5061 1 Smolinari 1 Mini Web Calendar 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in php/cal_default.php in Mini Web Calendar (mwcal) 1.2 allows remote attackers to inject arbitrary web script or HTML via the URL.
CVE-2008-5062 1 Smolinari 1 Mini Web Calendar 2026-04-23 N/A
Directory traversal vulnerability in php/cal_pdf.php in Mini Web Calendar (mwcal) 1.2 allows remote attackers to read arbitrary files via directory traversal sequences in the thefile parameter.
CVE-2008-5063 1 Otmanager 1 Otmanager 2026-04-23 N/A
PHP remote file inclusion vulnerability in Admin/ADM_Pagina.php in OTManager 2.4 allows remote attackers to execute arbitrary PHP code via a URL in the Tipo parameter.
CVE-2008-5064 1 H\&h 1 Websoccer 2026-04-23 N/A
SQL injection vulnerability in liga.php in H&H WebSoccer 2.80 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-5065 1 Easy-script 1 Tlguesbook 2026-04-23 N/A
TlGuestBook 1.2 allows remote attackers to bypass authentication and gain administrative access by setting the tlGuestBook_login cookie to admin.
CVE-2008-5066 1 Agaresmedia 1 Themesitescript 2026-04-23 N/A
PHP remote file inclusion vulnerability in upload/admin/frontpage_right.php in Agares Media ThemeSiteScript 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the loadadminpage parameter.
CVE-2008-5067 1 Kkeim 1 Kmita Catalogue 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in search.php in Kmita Catalogue 2.x allows remote attackers to inject arbitrary web script or HTML via the q parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-5068 1 Kkeim 1 Kmita Gallery 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Kmita Gallery allow remote attackers to inject arbitrary web script or HTML via the (1) begin parameter to index.php and the (2) searchtext parameter to search.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-5071 1 Yoxel 1 Yoxel 2026-04-23 N/A
Multiple eval injection vulnerabilities in itpm_estimate.php in Yoxel 1.23beta and earlier allow remote authenticated users to execute arbitrary PHP code via the proj_id parameter.
CVE-2008-5072 1 K-lite 1 Mega Codec Pack 2026-04-23 N/A
vsfilter.dll in K-Lite Mega Codec Pack 3.5.7.0 allows remote attackers to cause a denial of service (application crash) via a malformed FLV file.
CVE-2008-5073 1 Novell 1 Zenworks Desktop Management 2026-04-23 N/A
Heap-based buffer overflow in an ActiveX control in Novell ZENworks Desktop Management 6.5 allows remote attackers to execute arbitrary code via a long argument to the CanUninstall method.
CVE-2008-5074 1 Php-fusion 2 Freshlinks Module, Php-fusion 2026-04-23 N/A
SQL injection vulnerability in index.php in the Freshlinks 1.0 RC1 module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the linkid parameter.
CVE-2008-5075 1 Scriptsfrenzy 1 E-uploader Pro 2026-04-23 N/A
Multiple SQL injection vulnerabilities in E-Uploader Pro 1.0 (aka Uploader PRO), when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) img.php, (b) file.php, (c) mail.php, (d) thumb.php, (e) zip.php, and (f) zipit.php, and (2) the view parameter to (g) browser.php.
CVE-2008-5076 1 Htop 1 Htop 2026-04-23 N/A
htop 0.7 writes process names to a terminal without sanitizing non-printable characters, which might allow local users to hide processes, modify arbitrary files, or have unspecified other impact via a process name with "crazy control strings."
CVE-2008-5078 2 Gnu, Redhat 2 Escript, Enterprise Linux 2026-04-23 N/A
Multiple buffer overflows in the (1) recognize_eps_file function (src/psgen.c) and (2) tilde_subst function (src/util.c) in GNU enscript 1.6.1, and possibly earlier, might allow remote attackers to execute arbitrary code via an epsf escape sequence with a long filename.
CVE-2008-5079 2 Linux, Redhat 4 Linux Kernel, Enterprise Linux, Enterprise Mrg and 1 more 2026-04-23 N/A
net/atm/svc.c in the ATM subsystem in the Linux kernel 2.6.27.8 and earlier allows local users to cause a denial of service (kernel infinite loop) by making two calls to svc_listen for the same socket, and then reading a /proc/net/atm/*vc file, related to corruption of the vcc table.