Export limit exceeded: 346158 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346158 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-0556 | 1 Openca | 1 Openca Pki | 2026-04-23 | N/A |
| Cross-site request forgery (CSRF) vulnerability in OpenCA PKI 0.9.2.5, and possibly earlier versions, allows remote attackers to perform unauthorized actions as authorized users via a link or IMG tag to RAServer. | ||||
| CVE-2008-0557 | 1 Mamboserver | 1 Catalogshop | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the CatalogShop (com_catalogshop) 1.0b1 componenent for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | ||||
| CVE-2008-0561 | 3 Arthur Konze Webdesign, Joomla, Mambo | 3 Akogallery, Joomla, Mambo | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the Arthur Konze AkoGallery (com_akogallery) 2.5 beta component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | ||||
| CVE-2008-0562 | 1 Mamboserver | 2 Joomla, Mambo | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the Restaurant (com_restaurant) 1.0 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | ||||
| CVE-2008-0564 | 2 Mailman, Redhat | 2 Mailman, Enterprise Linux | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Mailman before 2.1.10b1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) editing templates and (2) the list's "info attribute" in the web administrator interface, a different vulnerability than CVE-2006-3636. | ||||
| CVE-2008-0565 | 1 Deltascripts | 1 Php Links | 2026-04-23 | N/A |
| SQL injection vulnerability in vote.php in DeltaScripts PHP Links 1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-0566 | 1 Deltascripts | 1 Php Links | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in includes/smarty.php in DeltaScripts PHP Links 1.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the full_path_to_public_program parameter. | ||||
| CVE-2008-0567 | 1 Chronoengine | 1 Chronoforms | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in ChronoEngine ChronoForms (com_chronocontact) 2.3.5 component for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) PPS/File.php, (2) Writer.php, and (3) PPS.php in excelwriter/; and (4) BIFFwriter.php, (5) Workbook.php, (6) Worksheet.php, and (7) Format.php in excelwriter/Writer/. | ||||
| CVE-2008-2930 | 2 Fedora, Redhat | 2 Directory Server, Directory Server | 2026-04-23 | N/A |
| Red Hat Directory Server 7.1 before SP7, Red Hat Directory Server 8, and Fedora Directory Server 1.1.1 allow remote attackers to cause a denial of service (CPU consumption and search outage) via crafted LDAP search requests with patterns, related to a single-threaded regular-expression subsystem. | ||||
| CVE-2009-3833 | 1 Tftgallery | 1 Tftgallery | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in TFTgallery 0.13 allows remote attackers to inject arbitrary web script or HTML via the album parameter. | ||||
| CVE-2009-4083 | 1 E107 | 1 E107 | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in e107 0.7.16 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors in (1) submitnews.php, (2) usersettings.php; and (3) newpost.php, (4) banlist.php, (5) banner.php, (6) cpage.php, (7) download.php, (8) users_extended.php, (9) frontpage.php, (10) links.php, and (11) mailout.php in e107_admin/. NOTE: this may overlap CVE-2004-2040 and CVE-2006-4794, but there are insufficient details to be certain. | ||||
| CVE-2008-0572 | 1 Mindmeld | 1 Mindmeld | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Mindmeld 1.2.0.10 allow remote attackers to execute arbitrary PHP code via a URL in the MM_GLOBALS[home] parameter to (1) acweb/admin_index.php; and (2) ask.inc.php, (3) learn.inc.php, (4) manage.inc.php, (5) mind.inc.php, and (6) sensory.inc.php in include/. | ||||
| CVE-2008-0573 | 1 Safenet | 3 Ipsecdrv.sys, Safenet Highassurance Remote, Softremote Vpn Client | 2026-04-23 | N/A |
| IPSecDrv.sys 10.4.0.12 in SafeNET HighAssurance Remote and SoftRemote allows local users to gain privileges via a crafted IPSECDRV_IOCTL IOCTL request. | ||||
| CVE-2008-0575 | 1 Webspell | 1 Webspell | 2026-04-23 | N/A |
| Cross-site request forgery (CSRF) vulnerability in admin/admincenter.php in webSPELL 4.01.02 allows remote attackers to assign the superadmin privilege level to arbitrary accounts as administrators via an "update member" action. | ||||
| CVE-2009-3834 | 2 Joomla, Webguerilla | 2 Joomla, Com Photoblog | 2026-04-23 | N/A |
| SQL injection vulnerability in the Photoblog (com_photoblog) component alpha 3 and alpha 3a for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter in a blogs action to index.php. | ||||
| CVE-2008-0578 | 1 Tripwire | 1 Tripwire Enterprise | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the web management login page in Tripwire Enterprise 7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2008-0579 | 1 Joomla | 1 Com Buslicense | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the buslicense (com_buslicense) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in a list action. | ||||
| CVE-2008-0580 | 1 Geert Moernaut | 2 Lsrunase, Supercrypt | 2026-04-23 | N/A |
| Geert Moernaut LSrunasE and Supercrypt use an encryption key composed of an SHA1 hash of a fixed string embedded in the executable file, which makes it easier for local users to obtain this key without reverse engineering. | ||||
| CVE-2008-0581 | 1 Moernaut | 2 Lsrunase, Supercrypt | 2026-04-23 | N/A |
| Geert Moernaut LSrunasE allows local users to gain privileges by obtaining the encrypted password from a batch file, and constructing a modified batch file that specifies this password in the /password switch and specifies an arbitrary program in the /command switch. | ||||
| CVE-2008-0582 | 1 Skype Technologies | 1 Skype | 2026-04-23 | N/A |
| Cross-zone scripting vulnerability in the Internet Explorer web control in Skype 3.1 through 3.6.0.244 on Windows allows remote attackers to inject arbitrary web script or HTML in the Local Machine Zone via the Full Name field of a reviewer of a business item entry, accessible through (1) the SkypeFind dialog and (2) a skype:?skypefind URI for the skype: URI handler. | ||||