Crypt\ CVEs and Security Vulnerabilities

Export limit exceeded: 346170 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Expected end of text, found ':' (at char 27), (line:1, col:28)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (346170 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2008-0472	1 Woltlab	1 Burning Board	2026-04-23	N/A
Cross-site request forgery (CSRF) vulnerability in modcp.php in Woltlab Burning Board (wBB) 2.3.6 PL2 allows remote attackers to delete threads as moderators or administrators via a thread_del action.
CVE-2008-0473	1 Web Wiz	1 Rich Text Editor	2026-04-23	N/A
RTE_popup_save_file.asp in Web Wiz Rich Text Editor 4.0 allows remote attackers to upload (1) .html and (2) .htm files via unspecified vectors.
CVE-2009-3821	2 Apache, Typo3	2 Solr, Typo3	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in the Apache Solr Search (solr) extension 1.0.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-4079	1 Redmine	1 Redmine	2026-04-23	N/A
Cross-site request forgery (CSRF) vulnerability in Redmine 0.8.5 and earlier allows remote attackers to hijack the authentication of users for requests that delete a ticket via unspecified vectors.
CVE-2008-0477	1 Move Networks Inc	1 Move Media Player	2026-04-23	N/A
Stack-based buffer overflow in the QMPUpgrade.Upgrade.1 ActiveX control in QMPUpgrade.dll 1.0.0.1 in Move Networks Upgrade Manager allows remote attackers to execute arbitrary code via a long first argument to the Upgrade method. NOTE: some of these details are obtained from third party information.
CVE-2008-0478	1 Setcms	1 Setcms	2026-04-23	N/A
Directory traversal vulnerability in index.php in SetCMS 3.6.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the set parameter, as demonstrated by sending a certain CLIENT_IP HTTP header in an enter action to index.php, and injecting PHP sequences into files/enter.set, which is then included by index.php.
CVE-2008-0479	1 Web Wiz	1 Newspad	2026-04-23	N/A
Directory traversal vulnerability in RTE_file_browser.asp in Web Wiz NewsPad 1.02 allows remote attackers to list arbitrary directories, and .txt and .zip files, via a .....\\\ in the sub parameter.
CVE-2008-0481	1 Web Wiz	1 Rich Text Editor	2026-04-23	N/A
Directory traversal vulnerability in RTE_file_browser.asp in Web Wiz Rich Text Editor 4.0 allows remote attackers to list arbitrary directories, and .txt and .zip files, via a .....\\\ in the sub parameter in a save action.
CVE-2008-0485	1 Mplayer	1 Mplayer	2026-04-23	N/A
Array index error in libmpdemux/demux_mov.c in MPlayer 1.0 rc2 and earlier might allow remote attackers to execute arbitrary code via a QuickTime MOV file with a crafted stsc atom tag.
CVE-2009-3822	2 Fijiwebdesign, Joomla	2 Com Ajaxchat, Joomla\!	2026-04-23	N/A
PHP remote file inclusion vulnerability in Fiji Web Design Ajax Chat (com_ajaxchat) component 1.0 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[mosConfig_absolute_path] parameter to tests/ajcuser.php.
CVE-2008-0487	1 The Net Guys	1 Aspired2protect	2026-04-23	N/A
Multiple SQL injection vulnerabilities in login.asp in ASPired2Protect allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. NOTE: some of these details are obtained from third party information.
CVE-2008-0488	1 Vb Marketing	1 Vb Marketing	2026-04-23	N/A
Directory traversal vulnerability in tseekdir.cgi in VB Marketing allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the location parameter.
CVE-2008-0489	1 Clansphere	1 Clansphere	2026-04-23	N/A
Directory traversal vulnerability in install.php in Clansphere 2007.4.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
CVE-2008-0490	1 Wordpress	1 Wp Cal Plugin	2026-04-23	N/A
SQL injection vulnerability in functions/editevent.php in the WP-Cal 0.3 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-0491	1 Fgallery Project	1 Fgallery	2026-04-23	N/A
SQL injection vulnerability in fim_rss.php in the fGallery 2.4.1 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the album parameter.
CVE-2008-0493	1 Irfanview	1 Irfanview	2026-04-23	N/A
fpx.dll 3.9.8.0 in the FlashPix plugin for IrfanView 4.10 allows remote attackers to execute arbitrary code via a crafted FlashPix (.FPX) file, which triggers heap corruption. NOTE: some of these details are obtained from third party information.
CVE-2008-0512	1 Joomla	1 Com Fq	2026-04-23	N/A
SQL injection vulnerability in index.php in the fq (com_fq) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter.
CVE-2009-3823	1 Ac4p	1 Mobilelib Gold	2026-04-23	N/A
Directory traversal vulnerability in myhtml.php in Mobilelib GOLD 3.0, when magic_quotes_gpc is enabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the GLOBALS[page] parameter.
CVE-2008-0497	1 Nucleus Cms	1 Nucleus Cms	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in action.php in Nucleus CMS 3.31 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO, which is not quoted when processing PHP_SELF.
CVE-2008-0498	1 Bigware	1 Bigware Shop	2026-04-23	N/A
SQL injection vulnerability in main_bigware_53.tpl.php in Bigware Shop 2.0 allows remote attackers to execute arbitrary SQL commands via the pollid parameter in a results action to main_bigware_53.php.

« first previous Page 625 of 17309. next last »