Export limit exceeded: 363819 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 363819 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363819 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-2909 | 1 Clever Copy | 1 Clever Copy | 2026-04-23 | N/A |
| SQL injection vulnerability in results.php in Clever Copy 3.0 allows remote attackers to execute arbitrary SQL commands via the searchtype parameter. | ||||
| CVE-2008-2910 | 1 Muvee | 1 Autoproducer | 2026-04-23 | N/A |
| Buffer overflow in the DXTTextOutEffect ActiveX control (aka the Text-Effect DXT Filter), as distributed in TextOut.dll 6.0.18.1 and mvtextout.dll, in muvee autoProducer 6.0 and 6.1 allows remote attackers to execute arbitrary code via a long FontSetting property value. | ||||
| CVE-2008-2911 | 1 Contenido | 1 Contendio | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in Contenido 4.8.4 allow remote attackers to inject arbitrary web script or HTML via the (1) contenido, (2) Belang, and (3) username parameters. | ||||
| CVE-2008-2912 | 1 Contenido | 1 Contenido Cms | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Contenido CMS 4.8.4 allow remote attackers to execute arbitrary PHP code via a URL in the (1) contenido_path parameter to (a) contenido/backend_search.php; the (2) cfg[path][contenido] parameter to (b) move_articles.php, (c) move_old_stats.php, (d) optimize_database.php, (e) run_newsletter_job.php, (f) send_reminder.php, (g) session_cleanup.php, and (h) setfrontenduserstate.php in contenido/cronjobs/, and (i) includes/include.newsletter_jobs_subnav.php and (j) plugins/content_allocation/includes/include.right_top.php in contenido/; the (3) cfg[path][templates] parameter to (k) includes/include.newsletter_jobs_subnav.php and (l) plugins/content_allocation/includes/include.right_top.php in contenido/; and the (4) cfg[templates][right_top_blank] parameter to (m) plugins/content_allocation/includes/include.right_top.php and (n) contenido/includes/include.newsletter_jobs_subnav.php in contenido/, different vectors than CVE-2006-5380. | ||||
| CVE-2008-2913 | 1 Devalcms | 1 Devalcms | 2026-04-23 | N/A |
| Directory traversal vulnerability in func.php in Devalcms 1.4a, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the currentpath parameter, in conjunction with certain ... (triple dot) and ..... sequences in the currentfile parameter, to index.php. | ||||
| CVE-2008-2914 | 1 Preprojects | 1 Php Jobwebsite Pro | 2026-04-23 | N/A |
| SQL injection vulnerability in jobseekers/JobSearch3.php (aka the search module) in PHP JOBWEBSITE PRO allows remote attackers to execute arbitrary SQL commands via the (1) kw or (2) position parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-2915 | 1 Preprojects | 1 Pre Job Board | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in jobseekers/JobSearch.php (aka the search module) in Pre Job Board allow remote attackers to execute arbitrary SQL commands via the (1) position or (2) kw parameter. | ||||
| CVE-2008-2916 | 1 Preprojects | 1 Pre Ads Portal | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Pre ADS Portal 2.0 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) cid parameter to showcategory.php and the (2) id parameter to software-description.php. | ||||
| CVE-2008-2917 | 1 Preprojects | 1 E-smart Cart | 2026-04-23 | N/A |
| SQL injection vulnerability in productsofcat.asp in E-SMART CART allows remote attackers to execute arbitrary SQL commands via the category_id parameter. | ||||
| CVE-2008-2918 | 1 Application Dynamics | 1 Cartweaver | 2026-04-23 | N/A |
| SQL injection vulnerability in details.php in Application Dynamics Cartweaver 3.0 allows remote attackers to execute arbitrary SQL commands via the prodId parameter, possibly a related issue to CVE-2006-2046.3. | ||||
| CVE-2008-2919 | 1 Gryphonllc | 1 Gryphon Gllcts2 | 2026-04-23 | N/A |
| SQL injection vulnerability in listing.php in Gryphon gllcTS2 4.2.4 allows remote attackers to execute arbitrary SQL commands via the sort parameter. | ||||
| CVE-2008-2920 | 1 Ezcms | 1 Eztechhelp Ezcms | 2026-04-23 | N/A |
| admin/filemanager/ (aka the File Manager) in EZTechhelp EZCMS 1.2 and earlier does not require authentication, which allows remote attackers to create, modify, read, and delete files. | ||||
| CVE-2008-2921 | 1 Eztechhelp Company | 1 Ezcms | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in EZTechhelp EZCMS 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the page parameter. | ||||
| CVE-2008-2922 | 1 T0pp8uzz | 1 Dana Irc Client | 2026-04-23 | N/A |
| Stack-based buffer overflow in artegic Dana IRC client 1.3 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long IRC message. | ||||
| CVE-2008-2923 | 1 Lyris | 1 List Manager | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in read/search/results in Lyris ListManager 8.8, 8.95, and 9.3d allows remote attackers to inject arbitrary web script or HTML via the words parameter. | ||||
| CVE-2008-2924 | 1 Valarsoft | 1 Webmatic | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Webmatic before 2.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2008-2925 | 1 Valarsoft | 1 Webmatic | 2026-04-23 | N/A |
| SQL injection vulnerability in Webmatic before 2.8 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-2926 | 2 Broadcom, Ca | 5 Internet Security Suite, Host Based Intrusion Prevention System, Internet Security Suite 2008 and 2 more | 2026-04-23 | N/A |
| The kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIPS) r8, as used in CA Internet Security Suite and Personal Firewall, does not properly verify IOCTL requests, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted request. | ||||
| CVE-2008-2927 | 3 Adium, Pidgin, Redhat | 3 Adium, Pidgin, Enterprise Linux | 2026-04-23 | N/A |
| Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin before 2.4.3 and Adium before 1.3 allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, a different vulnerability than CVE-2008-2955. | ||||
| CVE-2008-2928 | 1 Redhat | 1 Directory Server | 2026-04-23 | N/A |
| Multiple buffer overflows in the adminutil library in CGI applications in Red Hat Directory Server 7.1 before SP7 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted Accept-Language HTTP header. | ||||