Export limit exceeded: 346173 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346173 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-0491 | 1 Fgallery Project | 1 Fgallery | 2026-04-23 | N/A |
| SQL injection vulnerability in fim_rss.php in the fGallery 2.4.1 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the album parameter. | ||||
| CVE-2008-0493 | 1 Irfanview | 1 Irfanview | 2026-04-23 | N/A |
| fpx.dll 3.9.8.0 in the FlashPix plugin for IrfanView 4.10 allows remote attackers to execute arbitrary code via a crafted FlashPix (.FPX) file, which triggers heap corruption. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-0512 | 1 Joomla | 1 Com Fq | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the fq (com_fq) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter. | ||||
| CVE-2009-3823 | 1 Ac4p | 1 Mobilelib Gold | 2026-04-23 | N/A |
| Directory traversal vulnerability in myhtml.php in Mobilelib GOLD 3.0, when magic_quotes_gpc is enabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the GLOBALS[page] parameter. | ||||
| CVE-2008-0497 | 1 Nucleus Cms | 1 Nucleus Cms | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in action.php in Nucleus CMS 3.31 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO, which is not quoted when processing PHP_SELF. | ||||
| CVE-2008-0498 | 1 Bigware | 1 Bigware Shop | 2026-04-23 | N/A |
| SQL injection vulnerability in main_bigware_53.tpl.php in Bigware Shop 2.0 allows remote attackers to execute arbitrary SQL commands via the pollid parameter in a results action to main_bigware_53.php. | ||||
| CVE-2008-0499 | 1 Mamboxchange | 1 Laithai | 2026-04-23 | N/A |
| SQL injection vulnerability in Mambo LaiThai 4.5.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-0500 | 1 Mamboxchange | 1 Laithai | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in Mambo LaiThai 4.5.5 have unknown impact and attack vectors related to (1) mod_login and (2) mod_template_chooser. | ||||
| CVE-2008-0501 | 1 Sourceforge | 1 Phpmyclub | 2026-04-23 | N/A |
| Directory traversal vulnerability in phpMyClub 0.0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page_courante parameter to the top-level URI. | ||||
| CVE-2008-0502 | 1 Connectix | 1 Connectix Boards | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in templates/Official/part_userprofile.php in Connectix Boards 0.8.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the template_path parameter. | ||||
| CVE-2009-3824 | 1 Michael J Greenwood | 1 Php Content Manager | 2026-04-23 | N/A |
| Directory traversal vulnerability in include/processor.php in Greenwood PHP Content Manager 0.3.2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the content_path parameter. | ||||
| CVE-2008-0505 | 1 Coppermine | 1 Coppermine Photo Gallery | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in docs/showdoc.php in Coppermine Photo Gallery (CPG) before 1.4.15 allow remote attackers to inject arbitrary web script or HTML via the (1) h and (2) t parameters. | ||||
| CVE-2008-0506 | 1 Coppermine | 1 Coppermine Photo Gallery | 2026-04-23 | N/A |
| include/imageObjectIM.class.php in Coppermine Photo Gallery (CPG) before 1.4.15, when the ImageMagick picture processing method is configured, allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) quality, (2) angle, or (3) clipval parameter to picEditor.php. | ||||
| CVE-2008-0507 | 1 Wordpress | 1 Adserve | 2026-04-23 | N/A |
| SQL injection vulnerability in adclick.php in the AdServe 0.2 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-0508 | 1 Wordpress | 1 Permalinks Migration Plugin | 2026-04-23 | N/A |
| Cross-site request forgery (CSRF) vulnerability in deans_permalinks_migration.php in the Dean's Permalinks Migration 1.0 plugin for WordPress allows remote attackers to modify the oldstructure (aka dean_pm_config[oldstructure]) configuration setting as administrators via the old_struct parameter in a deans_permalinks_migration.php action to wp-admin/options-general.php, as demonstrated by placing an XSS sequence in this setting. | ||||
| CVE-2008-0509 | 1 Ibm | 1 Aix | 2026-04-23 | N/A |
| Multiple buffer overflows in IBM AIX 4.3 allow remote attackers to cause a denial of service (crash) or possibly gain privileges via a long argument to (1) piox25, related to piox25.c; or (2) piox25remote, related to piox25remote.sh. | ||||
| CVE-2008-0510 | 2 Joomla, Mambo | 3 Com Newsletter, Com Newsletter, Mambo | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the Newsletter (com_newsletter) component for Mambo 4.5 and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter. | ||||
| CVE-2008-0511 | 2 Joomla, Mambo | 2 Com Mamml, Com Mamml | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the MaMML (com_mamml) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter. | ||||
| CVE-2009-3826 | 1 Squidguard | 1 Squidguard | 2026-04-23 | N/A |
| Multiple buffer overflows in squidGuard 1.4 allow remote attackers to bypass intended URL blocking via a long URL, related to (1) the relationship between a certain buffer size in squidGuard and a certain buffer size in Squid and (2) a redirect URL that contains information about the originally requested URL. | ||||
| CVE-2008-0514 | 2 Joomla, Mambo | 2 Glossary, Glossary | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the Glossary (com_glossary) 2.0 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a display action. | ||||