Export limit exceeded: 364514 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364514 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-4595 1 Slaytanic Scripts 1 Content Plus 2026-04-23 N/A
Multiple unspecified vulnerabilities in Slaytanic Scripts Content Plus 2.1.1 have unknown impact and remote attack vectors.
CVE-2008-4596 1 Drupal 1 Shindig-integrator 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in Shindig-Integrator 5.x, a module for Drupal, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors in generated pages.
CVE-2008-4597 1 Drupal 1 Shindig-integrator 2026-04-23 N/A
Shindig-Integrator 5.x, a module for Drupal, does not properly restrict generated page access, which allows remote attackers to gain privileges via unspecified vectors.
CVE-2008-4598 1 Drupal 1 Shindig-integrator 2026-04-23 N/A
Unspecified vulnerability in Shindig-Integrator 5.x, a module for Drupal, has unspecified impact and remote attack vectors related to "numerous flaws" that are not related to XSS or access control, a different vulnerability than CVE-2008-4596 and CVE-2008-4597.
CVE-2008-4599 1 Mosaic Commerce 1 Mosaic Commerce 2026-04-23 N/A
SQL injection vulnerability in category.php in Mosaic Commerce allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2008-4600 1 Steve Dawson 1 Pokermax Poker League Tournament Script 2026-04-23 N/A
configure.php in PokerMax Poker League Tournament Script 0.13 allows remote attackers to bypass authentication and gain administrative access by setting the ValidUserAdmin cookie.
CVE-2008-4602 1 Qualityunit 1 Post Affiliate Pro 2026-04-23 N/A
Directory traversal vulnerability in index.php in Post Affiliate Pro 2.0 allows remote authenticated users to read and possibly execute arbitrary local files via a .. (dot dot) in the md parameter.
CVE-2008-4603 1 Igaming 1 Cms 2026-04-23 N/A
SQL injection vulnerability in search.php in iGaming CMS 2.0 Alpha 1 allows remote attackers to execute arbitrary SQL commands via the keywords parameter in a search_games action.
CVE-2008-4604 1 Cafeengine 1 Easycafeengine 2026-04-23 N/A
SQL injection vulnerability in index.php in Easy CafeEngine 1.1 allows remote attackers to execute arbitrary SQL commands via the itemid parameter.
CVE-2008-4605 1 Cafeengine 1 Easycafeengine 2026-04-23 N/A
SQL injection vulnerability in CafeEngine allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) dish.php and (2) menu.php.
CVE-2008-4606 1 Ip Reg 1 Ip Reg 2026-04-23 N/A
Multiple SQL injection vulnerabilities in IP Reg 0.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) location_id parameter to locationdel.php and (2) vlan_id parameter to vlanedit.php. NOTE: the vlanview.php and vlandel.php vectors are already covered by CVE-2007-6579.
CVE-2008-4609 12 Bsd, Bsdi, Cisco and 9 more 22 Bsd, Bsd Os, Catalyst Blade Switch 3020 and 19 more 2026-04-23 N/A
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.
CVE-2008-4610 1 Mplayer 1 Mplayer 2026-04-23 N/A
MPlayer allows remote attackers to cause a denial of service (application crash) via (1) a malformed AAC file, as demonstrated by lol-vlc.aac; or (2) a malformed Ogg Media (OGM) file, as demonstrated by lol-ffplay.ogm, different vectors than CVE-2007-6718.
CVE-2008-4611 1 Php Arsivimiz 1 Php Ziyaretci Defteri 2026-04-23 N/A
SQL injection vulnerability in index.php in PHP Arsivimiz Php Ziyaretci Defteri allows remote attackers to execute arbitrary SQL commands via the sayfa parameter.
CVE-2008-4612 1 Portalapp 1 Portalapp 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in PortalApp 4.0 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter to (1) forums.asp and (2) content.asp.
CVE-2008-4613 1 Portalapp 1 Portalapp 2026-04-23 N/A
SQL injection vulnerability in forums.asp in PortalApp 4.0 allows remote attackers to execute arbitrary SQL commands via the sortby parameter.
CVE-2008-4614 1 Portalapp 1 Portalapp 2026-04-23 N/A
PortalApp 4.0 does not require authentication for (1) forums.asp and (2) content.asp, which allows remote attackers to create and delete forums, topics, and replies.
CVE-2008-4615 1 Portalapp 1 Portalapp 2026-04-23 N/A
Unspecified vulnerability in i_utils.asp in PortalApp before 4.01a has unknown impact and attack vectors.
CVE-2008-4616 2 The Spanner, Wordpress 2 Spambam Plugin, Spambam Plugin 2026-04-23 N/A
The SpamBam plugin for WordPress allows remote attackers to bypass restrictions and add blog comments by using server-supplied values to calculate a shared key.
CVE-2008-4617 3 Joomla, Mambo-foundation, Pyxicom 3 Joomla, Mambo, Actualite 2026-04-23 N/A
SQL injection vulnerability in the actualite module 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter.