Export limit exceeded: 363821 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363821 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-2867 1 E-topbiz 1 Viral Dx 1 2026-04-23 N/A
SQL injection vulnerability in adclick.php in E-topbiz Viral DX 1 2.07 allows remote attackers to execute arbitrary SQL commands via the bannerid parameter.
CVE-2008-2868 1 Duware 1 Ducalendar 2026-04-23 N/A
SQL injection vulnerability in detail.asp in DUware DUcalendar 1.0 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the iEve parameter.
CVE-2008-2869 1 E-topbiz 1 Link Ads 1 2026-04-23 N/A
SQL injection vulnerability in out.php in E-topbiz Link ADS 1 allows remote attackers to execute arbitrary SQL commands via the linkid parameter.
CVE-2008-2870 1 Sharecms 1 Sharecms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in ShareCMS 0.1 Beta allow remote attackers to execute arbitrary SQL commands via the (1) eventID parameter to event_info.php and the (2) userID parameter to list_user.php.
CVE-2008-2871 1 Pegames 1 Pegames 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in template2.php in PEGames allow remote attackers to inject arbitrary web script or HTML via the (1) sitetitle, (2) sitenav, (3) sitemain, and (4) sitealt parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-2872 1 Aspindir 1 Shibby Shop 2026-04-23 N/A
SQL injection vulnerability in default.asp in sHibby sHop 2.2 and earlier allows remote attackers to execute arbitrary SQL commands via the sayfa parameter.
CVE-2008-2873 1 Aspindir 1 Shibby Shop 2026-04-23 N/A
sHibby sHop 2.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request to Db/urun.mdb.
CVE-2008-2874 1 Softbizscripts 1 Softbiz Jokes And Funny Pics Script 2026-04-23 N/A
SQL injection vulnerability in index.php in Softbiz Jokes & Funny Pics Script allows remote attackers to execute arbitrary SQL commands via the sbjoke_id parameter, a different vector than CVE-2008-1050.
CVE-2008-2875 1 Webdevindo-cms 1 Webdevindo-cms 2026-04-23 N/A
SQL injection vulnerability in index.php in Webdevindo-CMS 1.0.0 allows remote attackers to execute arbitrary SQL commands via the hal parameter.
CVE-2008-2876 1 Munky 1 Munky 2026-04-23 N/A
Directory traversal vulnerability in index.php in mUnky 0.0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the zone parameter.
CVE-2008-2877 1 Cmsworks 1 Cmsworks 2026-04-23 N/A
PHP remote file inclusion vulnerability in admin/include/lib.module.php in cmsWorks 2.2 RC4, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mod_root parameter.
CVE-2008-2878 1 Yektaweb 1 Academic Web Tools 2026-04-23 N/A
Open redirect vulnerability in rss_getfile.php in Academic Web Tools (AWT YEKTA) 1.4.3.1, and 1.4.2.8 and earlier, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the file parameter.
CVE-2008-2879 1 Benjacms 1 Benja Cms 2026-04-23 N/A
Benja CMS 0.1 does not require authentication for access to admin/, which allows remote attackers to add or delete a menu.
CVE-2008-2880 1 Ibm 1 Afp Viewer Plug-in 2026-04-23 N/A
Heap-based buffer overflow in the IBM AFP Viewer Plug-in 2.0.7.1 and 3.2.1.1 allows remote attackers to execute arbitrary code via a long SRC property value. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-2881 1 Relative Real Estate Systems 1 Relative Real Estate Systems 2026-04-23 N/A
Relative Real Estate Systems 3.0 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
CVE-2008-2882 1 Aspindir 1 Shibby Shop 2026-04-23 N/A
upgrade.asp in sHibby sHop 2.2 and earlier does not require administrative authentication, which allows remote attackers to update a file or have unspecified other impact via a direct request.
CVE-2008-2883 1 Jamroom 1 Jamroom 2026-04-23 N/A
PHP remote file inclusion vulnerability in include/plugins/jrBrowser/payment.php in Jamroom 3.3.0 through 3.3.5 allows remote attackers to execute arbitrary PHP code via a URL in the jamroom[jm_dir] parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-2884 1 Rss Aggregator 1 Rss Aggregator 2026-04-23 N/A
PHP remote file inclusion vulnerability in display.php in RSS-aggregator allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-2885 1 Odars 1 Odars 2026-04-23 N/A
PHP remote file inclusion vulnerability in src/browser/resource/categories/resource_categories_view.php in Open Digital Assets Repository System (ODARS) 1.0.2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the CLASSES_ROOT parameter.
CVE-2008-2886 1 Jamroom 1 Jamroom 2026-04-23 N/A
PHP remote file inclusion vulnerability in include/plugins/jrBrowser/purchase.php in Jamroom 3.3.0 through 3.3.5, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the jamroom[jm_dir] parameter.