Export limit exceeded: 346145 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346145 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-6997 | 1 Google | 1 Chrome | 2026-04-23 | N/A |
| Google Chrome 0.2.149.27 allows user-assisted remote attackers to cause a denial of service (browser crash) via an IMG tag with a long src attribute, which triggers the crash when the victim performs an "Inspect Element" action. | ||||
| CVE-2008-7000 | 1 Phpauction | 1 Phpauction | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in index.php in PHPAuction 3.2 allows remote attackers to execute arbitrary PHP code via a URL in the lan parameter. NOTE: this might be related to CVE-2005-2255.1. | ||||
| CVE-2008-7001 | 1 Creative Mind | 1 Creator Cms | 2026-04-23 | N/A |
| Unrestricted file upload vulnerability in the file manager in Creative Mind Creator CMS 5.0 allows remote attackers to execute arbitrary code via unknown vectors. | ||||
| CVE-2008-7002 | 1 Php | 1 Php | 2026-04-23 | N/A |
| PHP 5.2.5 does not enforce (a) open_basedir and (b) safe_mode_exec_dir restrictions for certain functions, which might allow local users to bypass intended access restrictions and call programs outside of the intended directory via the (1) exec, (2) system, (3) shell_exec, (4) passthru, or (5) popen functions, possibly involving pathnames such as "C:" drive notation. | ||||
| CVE-2008-7003 | 1 The-rat-cms | 1 The-rat-cms | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in login.php in The Rat CMS Alpha 2 allow remote attackers to execute arbitrary SQL commands via the (1) user_id and (2) password parameter. | ||||
| CVE-2008-7004 | 1 Elog | 1 Elog | 2026-04-23 | N/A |
| Buffer overflow in Electronic Logbook (ELOG) before 2.7.1 has unknown impact and attack vectors, possibly related to elog.c. | ||||
| CVE-2008-7005 | 1 Minb | 1 Minb Is Not A Blog | 2026-04-23 | N/A |
| include/modules/top/1-random_quote.php in Minb Is Not a Blog (minb) 0.1.0 allows remote attackers to execute arbitrary PHP code via the quotes_to_edit parameter. NOTE: this issue has been reported as an unrestricted file upload by some sources, but that is a potential consequence of code execution. | ||||
| CVE-2008-7006 | 1 Phpversion | 1 Php Vx Guestbook | 2026-04-23 | N/A |
| Free PHP VX Guestbook 1.06 allows remote attackers to bypass authentication and download a backup of the database via a direct request to admin/backupdb.php. | ||||
| CVE-2008-7007 | 1 Phpversion | 1 Php Vx Guestbook | 2026-04-23 | N/A |
| Free PHP VX Guestbook 1.06 allows remote attackers to bypass authentication and gain administrative access by setting the (1) admin_name and (2) admin_pass cookie values to 1. | ||||
| CVE-2008-7008 | 1 Hyperstop | 1 Web Host Directory | 2026-04-23 | N/A |
| HyperStop Web Host Directory 1.2 allows remote attackers to bypass authentication and download a database backup via a direct request to admin/backup/db. | ||||
| CVE-2008-7009 | 1 Checkpoint | 1 Zonealarm | 2026-04-23 | N/A |
| Buffer overflow in multiscan.exe in Check Point ZoneAlarm Security Suite 7.0.483.000 and 8.0.020.000 allows local users to execute arbitrary code via a file or directory with a long path. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-7010 | 1 Skalinks | 1 Exchange Script | 2026-04-23 | N/A |
| Skalfa Software SkaLinks Exchange Script 1.5 allows remote attackers to add new administrators and gain privileges via a direct request to admin/register.php. | ||||
| CVE-2008-7012 | 1 Accellion | 1 Secure File Transfer Appliance | 2026-04-23 | N/A |
| courier/1000@/api_error_email.html (aka "error reporting page") in Accellion File Transfer Appliance FTA_7_0_178, and possibly other versions before FTA_7_0_189, allows remote attackers to send spam e-mail via modified description and client_email parameters. | ||||
| CVE-2008-7013 | 1 Baidu | 1 Baidu Hi Im | 2026-04-23 | N/A |
| NetService.dll in Baidu Hi IM allows remote servers to cause a denial of service (client crash) via a crafted login response that triggers a divide-by-zero error. | ||||
| CVE-2008-7014 | 1 Fhttpd | 1 Fhttpd | 2026-04-23 | N/A |
| fhttpd 0.4.2 allows remote attackers to cause a denial of service (crash) via an Authorization HTTP header with an invalid character after the Basic value. | ||||
| CVE-2008-7015 | 2 Epic Games, Frontlines | 2 Unreal Tournament, Fuel Of War | 2026-04-23 | N/A |
| Unreal engine 3, as used in Unreal Tournament 3 1.3, Frontlines: Fuel of War 1.1.1, and other products, allows remote attackers to cause a denial of service (server exit) via a packet with a large length value that triggers a memory allocation failure. | ||||
| CVE-2008-7017 | 1 Cacert | 1 Cacert | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in analyse.php in CAcert 20080921, and possibly other versions before 20080928, allows remote attackers to inject arbitrary web script or HTML via the CN (CommonName) field in the subject of an X.509 certificate. | ||||
| CVE-2008-7019 | 1 Esqlanelapse | 1 Esqlanelapse | 2026-04-23 | N/A |
| Esqlanelapse 2.6.1 and 2.6.2 allows remote attackers to bypass authentication and gain privileges via modified (1) enombre and (2) euri cookies. | ||||
| CVE-2008-7020 | 1 Mcafee | 1 Safeboot Device Encryption | 2026-04-23 | N/A |
| McAfee SafeBoot Device Encryption 4 build 4750 and earlier stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer after use, which allows local users to obtain sensitive information by reading the physical memory locations associated with this buffer. | ||||
| CVE-2008-7022 | 1 Chilkatsoft | 1 Chilkat Imap Activex Control | 2026-04-23 | N/A |
| Insecure method vulnerability in ChilkatMail_v7_9.dll in the Chilkat Software IMAP ActiveX control (ChilkatMail2.ChilkatMailMan2.1) allows remote attackers to execute arbitrary programs via the LoadXmlEmail method. | ||||