Export limit exceeded: 363061 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 363061 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363061 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-0722 1 Pagetool 1 Pagetool 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.php in Pagetool 1.0.7 allows remote attackers to inject arbitrary web script or HTML via the search_term parameter in a pagetool_search action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-0723 1 Planetluc 1 Mynews 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in mynews.inc.php in MyNews 1.6.4, and other earlier 1.6.x versions, allows remote attackers to inject arbitrary web script or HTML via the hash parameter in an admin action to index.php, a different vulnerability than CVE-2006-2208.1.
CVE-2008-0724 1 The Everything Development Company 1 The Everything Development Engine 2026-04-23 N/A
The Everything Development Engine in The Everything Development System Pre-1.0 and earlier stores passwords in cleartext in a database, which makes it easier for context-dependent attackers to obtain access to user accounts.
CVE-2008-0725 1 Titan 1 Ftp Server 2026-04-23 N/A
Multiple heap-based buffer overflows in the (1) FTP service and (2) administration service in Titan FTP Server 6.0.5.549 allow remote attackers to cause a denial of service (daemon hang) and possibly execute arbitrary code via a long command. NOTE: the USER and PASS commands for the FTP service are covered by CVE-2008-0702.
CVE-2008-0726 2 Adobe, Redhat 3 Acrobat, Acrobat Reader, Rhel Extras 2026-04-23 N/A
Integer overflow in Adobe Reader and Acrobat 8.1.1 and earlier allows remote attackers to execute arbitrary code via crafted arguments to the printSepsWithParams, which triggers memory corruption.
CVE-2008-0727 1 Ibm 1 Informix Dynamic Server 2026-04-23 N/A
Multiple buffer overflows in oninit.exe in IBM Informix Dynamic Server (IDS) 7.x through 11.x allow (1) remote attackers to execute arbitrary code via a long password and (2) remote authenticated users to execute arbitrary code via a long DBPATH value.
CVE-2008-0728 1 Clamav 1 Clamav 2026-04-23 N/A
The unmew11 function in libclamav/mew.c in libclamav in ClamAV before 0.92.1 has unknown impact and attack vectors that trigger "heap corruption."
CVE-2008-0729 1 Apple 3 Iphone, Iphone Os, Mobile Safari 2026-04-23 N/A
Mobile Safari on Apple iPhone 1.1.2 and 1.1.3 allows remote attackers to cause a denial of service (memory exhaustion and device crash) via certain JavaScript code that constructs a long string and an array containing long string elements, possibly a related issue to CVE-2006-3677. NOTE: some of these details are obtained from third party information.
CVE-2008-0730 1 Sun 1 Solaris 2026-04-23 N/A
The (1) Simplified Chinese, (2) Traditional Chinese, (3) Korean, and (4) Thai language input methods in Sun Solaris 10 create files and directories with weak permissions under (a) .iiim/le and (b) .Xlocale in home directories, which might allow local users to write to, or read from, the home directories of other users.
CVE-2008-0731 3 Linux, Novell, Suse 3 Linux Kernel, Apparmor, Open Suse 2026-04-23 N/A
The Linux kernel before 2.6.18.8-0.8 in SUSE openSUSE 10.2 does not properly handle failure of an AppArmor change_hat system call, which might allow attackers to trigger the unconfining of an apparmored task.
CVE-2008-0732 2 Apache, Suse 2 Geronimo, Suse Linux 2026-04-23 N/A
The init script for Apache Geronimo on SUSE Linux follows symlinks when performing a chown operation, which might allow local users to obtain access to unspecified files or directories.
CVE-2008-0733 1 Cs Team 1 Counter Strike Portal 2026-04-23 N/A
SQL injection vulnerability in index.php in CS Team Counter Strike Portals allows remote attackers to execute arbitrary SQL commands via the id parameter, as demonstrated using the downloads page.
CVE-2008-0734 1 Limbo Cms 1 Limbo Cms 2026-04-23 N/A
SQL injection vulnerability in class_auth.php in Limbo CMS 1.0.4.2, and possibly earlier versions, allows remote attackers to execute arbitrary SQL commands via the cuid cookie parameter to admin.php.
CVE-2008-0735 1 Auracms 1 Auracms 2026-04-23 N/A
SQL injection vulnerability in mod/gallery/ajax/gallery_data.php in AuraCMS 2.2 allows remote attackers to execute arbitrary SQL commands via the albums parameter.
CVE-2008-0736 1 Shoppingtree 1 Candypress Store 2026-04-23 N/A
admin/SA_shipFedExMeter.asp in CandyPress (CP) 4.1.1.26, and possibly other 4.x and 3.x versions, allows remote attackers to obtain the path via a certain value of the FedExAccount parameter.
CVE-2008-0737 1 Shoppingtree 1 Candypress Store 2026-04-23 N/A
SQL injection vulnerability in admin/utilities_ConfigHelp.asp in CandyPress (CP) 4.1.1.26, and other 4.x and 3.x versions, allows remote attackers to execute arbitrary SQL commands via the helpfield parameter.
CVE-2008-0738 1 Shoppingtree 1 Candypress Store 2026-04-23 N/A
Multiple SQL injection vulnerabilities in CandyPress (CP) 4.1.1.26, and earlier 4.1.x versions, allow remote attackers to execute arbitrary SQL commands via the (1) idcust parameter to (a) ajax_getTiers.asp and (b) ajax_getCust.asp in ajax/, and the (2) tableName parameter to (c) ajax/ajax_tableFields.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-0739 1 Shoppingtree 1 Candypress Store 2026-04-23 N/A
SQL injection vulnerability in admin/SA_shipFedExMeter.asp in CandyPress (CP) 4.1.1.26, and earlier 4.x and 3.x versions, allows remote attackers to execute arbitrary SQL commands via the FedExAccount parameter.
CVE-2008-0740 1 Ibm 1 Websphere Application Server 2026-04-23 N/A
IBM WebSphere Application Server (WAS) before 6.0.2 Fix Pack 25 (6.0.2.25) and 6.1 before Fix Pack 15 (6.1.0.15) writes unspecified cleartext information to http_plugin.log, which might allow local users to obtain sensitive information by reading this file.
CVE-2008-0741 1 Ibm 1 Websphere Application Server 2026-04-23 N/A
Unspecified vulnerability in the PropFilePasswordEncoder utility in IBM WebSphere Application Server (WAS) before 6.0.2 Fix Pack 25 (6.0.2.25) has unknown impact and attack vectors.