Total
288280 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2008-6097 | 1 Wikyblog | 1 Wikyblog | 2024-11-21 | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in WikyBlog before 1.7.1 allow remote attackers to inject arbitrary web script or HTML via the (1) key parameter to index.php/Special/Main/keywordSearch, (2) revNum parameter to index.php/Edit/Main/Home, (3) to parameter to index.php/Special/Main/WhatLinksHere, (4) user parameter to index.php/Special/Main/UserEdits, and (5) the PATH_INFO to index.php. | ||||
CVE-2008-6096 | 1 Juniper | 1 Netscreen Screenos | 2024-11-21 | N/A |
Cross-site scripting (XSS) vulnerability in Juniper NetScreen ScreenOS before 5.4r10, 6.0r6, and 6.1r2 allows remote attackers to inject arbitrary web script or HTML via the user name parameter to the (1) web interface login page or the (2) telnet login page. | ||||
CVE-2008-6095 | 1 Opennms | 1 Opennms | 2024-11-21 | N/A |
Cross-site scripting (XSS) vulnerability in surveillanceView.htm in OpenNMS 1.5.94 allows remote attackers to inject arbitrary web script or HTML via the viewName parameter. | ||||
CVE-2008-6094 | 1 Celoxis | 1 Celoxis | 2024-11-21 | N/A |
Cross-site scripting (XSS) vulnerability in user.do in Celoxis Technologies Celoxis allows remote attackers to inject arbitrary web script or HTML via the ni.smessage parameter. | ||||
CVE-2008-6093 | 1 Noname-cms | 1 Noname Cms | 2024-11-21 | N/A |
SQL injection vulnerability in index.php in Noname CMS 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the (1) file_id parameter in a detailansicht action and the (2) kategorie parameter in a kategorien action. | ||||
CVE-2008-6092 | 1 Phpscripts | 1 Ranking-script | 2024-11-21 | N/A |
phpscripts Ranking Script allows remote attackers to bypass authentication and gain administrative access by sending an admin=ja cookie. | ||||
CVE-2008-6091 | 1 Bmforum | 1 Bmforum | 2024-11-21 | N/A |
SQL injection vulnerability in plugins.php in BMForum 5.6, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the tagname parameter. | ||||
CVE-2008-6090 | 1 Scriptsez | 1 Mini Hosting Panel | 2024-11-21 | N/A |
Directory traversal vulnerability in members.php in ScriptsEz Mini Hosting Panel allows remote attackers to read arbitrary local files via a .. (dot dot) in the dir parameter in a view action. | ||||
CVE-2008-6089 | 1 Scriptsez | 1 Easy Image Downloader | 2024-11-21 | N/A |
Directory traversal vulnerability in main.php in ScriptsEz Easy Image Downloader allows remote attackers to read arbitrary files via a .. (dot dot) in the id parameter in a download action. | ||||
CVE-2008-6088 | 2 Joomla, Joomtracker | 2 Joomla, Com Joomtracker | 2024-11-21 | N/A |
SQL injection vulnerability in the Joomtracker (com_joomtracker) 1.01 module for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a tordetails action to index.php. | ||||
CVE-2008-6087 | 1 Camera Life | 1 Camera Life | 2024-11-21 | N/A |
Cross-site scripting (XSS) vulnerability in topic.php in Camera Life 2.6.2b4 allows remote attackers to inject arbitrary web script or HTML via the name parameter. | ||||
CVE-2008-6086 | 1 Camera Life | 1 Camera Life | 2024-11-21 | N/A |
SQL injection vulnerability in album.php in Camera Life 2.6.2b4 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3355. | ||||
CVE-2008-6085 | 1 F-secure | 17 F-secure Anti-virus, F-secure Anti-virus For Citrix Servers, F-secure Anti-virus For Microsoft Exchange and 14 more | 2024-11-21 | N/A |
Integer overflow in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, when configured to scan inside compressed archives, allows remote attackers to execute arbitrary code via a crafted RPM compressed archive file, which triggers a buffer overflow. | ||||
CVE-2008-6084 | 1 .matteoiammarrone | 1 Iamma Simple Gallery | 2024-11-21 | N/A |
Unrestricted file upload vulnerability in pages/download.php in Iamma Simple Gallery 1.0 and 2.0 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the file in the uploads directory. | ||||
CVE-2008-6083 | 1 Txtshop | 1 Txtshop | 2024-11-21 | N/A |
Directory traversal vulnerability in header.php in TXTshop beta 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter. | ||||
CVE-2008-6082 | 1 Southrivertech | 1 Titan Ftp Server | 2024-11-21 | N/A |
Titan FTP Server 6.26 build 630 allows remote attackers to cause a denial of service (CPU consumption) via the SITE WHO command. | ||||
CVE-2008-6081 | 1 Simplecustomer | 1 Simple Customer | 2024-11-21 | N/A |
SQL injection vulnerability in contact.php in Simple Customer 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
CVE-2008-6080 | 2 Codecall, Joomla | 2 Com Ionfiles, Joomla | 2024-11-21 | N/A |
Directory traversal vulnerability in download.php in the ionFiles (com_ionfiles) 4.4.2 component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | ||||
CVE-2008-6079 | 1 Enlightenment | 1 Imlib2 | 2024-11-21 | N/A |
imlib2 before 1.4.2 allows context-dependent attackers to have an unspecified impact via a crafted (1) ARGB, (2) BMP, (3) JPEG, (4) LBM, (5) PNM, (6) TGA, or (7) XPM file, related to "several heap and stack based buffer overflows - partly due to integer overflows." | ||||
CVE-2008-6078 | 1 Limbo Cms | 2 Com Privmsg, Limbo Cms | 2024-11-21 | N/A |
SQL injection vulnerability in open.php in the Private Messaging (com_privmsg) component for Limbo CMS allows remote attackers to execute arbitrary SQL commands via the id parameter in a pms action to index.php. |