Export limit exceeded: 346176 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346176 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-6062 | 1 Adobe | 1 Dreamweaver | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in ActionScript in arbitrary Shockwave Flash (SWF) files created by Adobe Dreamweaver, when the Insert Flash Video feature is used, allows remote attackers to inject arbitrary web script or HTML via an asfunction: URI in the skinName parameter. NOTE: this may overlap CVE-2007-6242, CVE-2007-6244, or CVE-2007-6637. | ||||
| CVE-2008-6076 | 2 Jlleblanc, Joomla | 2 Com Dailymessage, Joomla | 2026-04-23 | N/A |
| SQL injection vulnerability in the Daily Message (com_dailymessage) 1.0.3 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | ||||
| CVE-2008-6079 | 1 Enlightenment | 1 Imlib2 | 2026-04-23 | N/A |
| imlib2 before 1.4.2 allows context-dependent attackers to have an unspecified impact via a crafted (1) ARGB, (2) BMP, (3) JPEG, (4) LBM, (5) PNM, (6) TGA, or (7) XPM file, related to "several heap and stack based buffer overflows - partly due to integer overflows." | ||||
| CVE-2008-6080 | 2 Codecall, Joomla | 2 Com Ionfiles, Joomla | 2026-04-23 | N/A |
| Directory traversal vulnerability in download.php in the ionFiles (com_ionfiles) 4.4.2 component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | ||||
| CVE-2008-6082 | 1 Southrivertech | 1 Titan Ftp Server | 2026-04-23 | N/A |
| Titan FTP Server 6.26 build 630 allows remote attackers to cause a denial of service (CPU consumption) via the SITE WHO command. | ||||
| CVE-2008-6088 | 2 Joomla, Joomtracker | 2 Joomla, Com Joomtracker | 2026-04-23 | N/A |
| SQL injection vulnerability in the Joomtracker (com_joomtracker) 1.01 module for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a tordetails action to index.php. | ||||
| CVE-2008-6089 | 1 Scriptsez | 1 Easy Image Downloader | 2026-04-23 | N/A |
| Directory traversal vulnerability in main.php in ScriptsEz Easy Image Downloader allows remote attackers to read arbitrary files via a .. (dot dot) in the id parameter in a download action. | ||||
| CVE-2008-6098 | 1 Mozilla | 1 Bugzilla | 2026-04-23 | N/A |
| Bugzilla 3.2 before 3.2 RC2, 3.0 before 3.0.6, 2.22 before 2.22.6, 2.20 before 2.20.7, and other versions after 2.17.4 allows remote authenticated users to bypass moderation to approve and disapprove quips via a direct request to quips.cgi with the action parameter set to "approve." | ||||
| CVE-2008-6101 | 1 Ezonescripts | 1 Adult Banner Exchange Website | 2026-04-23 | N/A |
| SQL injection vulnerability in click.php in Adult Banner Exchange Website allows remote attackers to execute arbitrary SQL commands via the targetid parameter. | ||||
| CVE-2009-1027 | 1 Opencart | 1 Opencart | 2026-04-23 | N/A |
| SQL injection vulnerability in OpenCart 1.1.8 allows remote attackers to execute arbitrary SQL commands via the order parameter. | ||||
| CVE-2008-6102 | 1 Ezonescripts | 1 Link Trader Script | 2026-04-23 | N/A |
| SQL injection vulnerability in ratelink.php in Link Trader Script allows remote attackers to execute arbitrary SQL commands via the lnkid parameter. | ||||
| CVE-2008-6106 | 1 Ibm | 2 Workplace For Business Controls And Reporting, Workplace Web Content Management | 2026-04-23 | N/A |
| Cross-site request forgery (CSRF) vulnerability in IBM Workplace for Business Controls and Reporting 2.x and IBM Workplace Web Content Management 6.x has unknown impact and remote attack vectors. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-6107 | 1 Linux | 1 Linux Kernel | 2026-04-23 | N/A |
| The (1) sys32_mremap function in arch/sparc64/kernel/sys_sparc32.c, the (2) sparc_mmap_check function in arch/sparc/kernel/sys_sparc.c, and the (3) sparc64_mmap_check function in arch/sparc64/kernel/sys_sparc.c, in the Linux kernel before 2.6.25.4, omit some virtual-address range (aka span) checks when the mremap MREMAP_FIXED bit is not set, which allows local users to cause a denial of service (panic) via unspecified mremap calls, a related issue to CVE-2008-2137. | ||||
| CVE-2008-6108 | 1 Gwm | 1 Galatolo Webmanager | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in result.php in Galatolo WebManager (GWM) 1.0 allows remote attackers to inject arbitrary web script or HTML via the key parameter. | ||||
| CVE-2008-6109 | 1 Shelter Manager | 1 Animal Shelter Manager | 2026-04-23 | N/A |
| Robin Rawson-Tetley Animal Shelter Manager (ASM) before 2.2.2 does not properly enforce the privileges of user accounts, which allows local users to bypass intended access restrictions by (1) opening unspecified screens, related to the "double click selector bug"; or modifying a (2) animal, (3) owner, (4) lost/found, (5) diary note, (6) owner donation, or (7) waiting list record, related to "change permissions" and the "new UI." | ||||
| CVE-2008-6111 | 1 Netart Media | 1 Vlog System | 2026-04-23 | N/A |
| SQL injection vulnerability in blog.php in NetArt Media Vlog System 1.1 allows remote attackers to execute arbitrary SQL commands via the note parameter. | ||||
| CVE-2008-6113 | 1 Semanticscuttle | 1 Semanticscuttle | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in SemanticScuttle before 0.90 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to the (1) username and (2) profile page. | ||||
| CVE-2008-6141 | 1 Avaya | 1 Ip Soft Phone | 2026-04-23 | N/A |
| Unspecified vulnerability in Avaya IP Softphone 6.0 SP4 and 6.01.85 allows remote attackers to cause a denial of service (crash) via a large amount of H.323 data. | ||||
| CVE-2008-6142 | 1 China-on-site | 1 Flexphpic | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPic 0.0.4 and FlexPHPic Pro 0.0.3, and other 0.0.x versions, allow remote attackers to execute arbitrary SQL commands via (1) the checkuser parameter (aka username field), or (2) the checkpass parameter (aka password field), to admin/index.php. | ||||
| CVE-2008-6143 | 1 Owentechkenya | 1 Owenpoll | 2026-04-23 | N/A |
| OwenPoll 1.0 allows remote attackers to bypass authentication and obtain administrative access via a modified account name in the username cookie. | ||||