Search Results (363851 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-4087 1 Acoustica 1 Beatcraft 2026-04-23 N/A
Stack-based buffer overflow in Acoustica Beatcraft 1.02 Build 19 allows user-assisted attackers to cause a denial of service or execute arbitrary code via a Beatcraft Project (aka bcproj) file with a long string in a certain instruments title field.
CVE-2008-7119 1 Webidsupport 1 Webid 2026-04-23 N/A
SQL injection vulnerability in item.php in WeBid auction script 0.5.4 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2006-6139 1 Sisfo Kampus 1 Sisfo Kampus 2026-04-23 N/A
Directory traversal vulnerability in downloadexcel.php in Sisfo Kampus 2006 (Semarang 3) allows remote attackers to read arbitrary files via the fn parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-4089 1 Myphpnuke 1 Myphpnuke 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in print.php in myPHPNuke (MPN) before 1.8.8_8rc2 allows remote attackers to inject arbitrary web script or HTML via the sid parameter.
CVE-2008-4154 1 Living-e 1 Webedition Cms 2026-04-23 N/A
SQL injection vulnerability in living-e webEdition CMS allows remote attackers to execute arbitrary SQL commands via the we_objectID parameter.
CVE-2008-4158 1 Zanfi Solutions 1 Zanfi Cms Lite 2026-04-23 N/A
Multiple directory traversal vulnerabilities in index.php in Zanfi CMS lite 1.2 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) flag and (2) inc parameters.
CVE-2008-4354 1 Net Art Media 1 Iboutique 2026-04-23 N/A
SQL injection vulnerability in the products module in NetArt Media iBoutique 4.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter to index.php.
CVE-2006-6150 1 Owllib 1 Owllib 2026-04-23 N/A
PHP remote file inclusion vulnerability in memory/OWLMemoryProperty.php in OWLLib 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the OWLLIB_ROOT parameter.
CVE-2008-4371 1 Availscript 1 Availscript Article Script 2026-04-23 N/A
SQL injection vulnerability in articles.php in AvailScript Article Script allows remote attackers to execute arbitrary SQL commands via the aIDS parameter.
CVE-2007-5087 1 Linux 1 Linux Kernel 2026-04-23 N/A
The ATM module in the Linux kernel before 2.4.35.3, when CLIP support is enabled, allows local users to cause a denial of service (kernel panic) by reading /proc/net/atm/arp before the CLIP module has been loaded.
CVE-2008-4374 1 Cmsbuzz 1 Cms Buzz 2026-04-23 N/A
SQL injection vulnerability in index.php in CMS Buzz allows remote attackers to execute arbitrary SQL commands via the id parameter in a playgame action.
CVE-2008-4423 1 Ovidentia 1 Ovidentia 2026-04-23 N/A
SQL injection vulnerability in index.php in Ovidentia 6.6.5 allows remote attackers to execute arbitrary SQL commands via the item parameter in a contact modify action.
CVE-2008-4425 1 Phlatline 1 Personal Information Manager 2026-04-23 N/A
Directory traversal vulnerability in upload.php in Phlatline's Personal Information Manager (pPIM) 1.0 allows remote attackers to delete arbitrary files via directory traversal sequences in the file parameter within a delfile action.
CVE-2006-6164 1 Openbsd 1 Openbsd 2026-04-23 N/A
The _dl_unsetenv function in loader.c in the ELF ld.so in OpenBSD 3.9 and 4.0 does not properly remove duplicate environment variables, which allows local users to pass dangerous variables such as LD_PRELOAD to loading processes, which might be leveraged to gain privileges.
CVE-2008-4461 1 Vastal I-tech 1 Dating Zone 2026-04-23 N/A
SQL injection vulnerability in advanced_search_results.php in Vastal I-Tech Dating Zone, possibly 0.9.9, allows remote attackers to execute arbitrary SQL commands via the fage parameter.
CVE-2008-4469 1 Vastal I-tech 1 Freelance Zone 2026-04-23 N/A
SQL injection vulnerability in view_cresume.php in Vastal I-Tech Freelance Zone allows remote attackers to execute arbitrary SQL commands via the coder_id parameter.
CVE-2008-4470 1 Numark 1 Cue 2026-04-23 N/A
Stack-based buffer overflow in Numark CUE 5.0 rev2 allows user-assisted attackers to cause a denial of service (application crash) or execute arbitrary code via an M3U playlist file that contains a long absolute pathname.
CVE-2006-6170 1 Proftpd Project 1 Proftpd 2026-04-23 N/A
Buffer overflow in the tls_x509_name_oneline function in the mod_tls module, as used in ProFTPD 1.3.0a and earlier, and possibly other products, allows remote attackers to execute arbitrary code via a large data length argument, a different vulnerability than CVE-2006-5815.
CVE-2006-6172 2 Mplayer, Xine 2 Mplayer, Real Media Input Plugin 2026-04-23 N/A
Buffer overflow in the asmrp_eval function in the RealMedia RTSP stream handler (asmrp.c) for Real Media input plugin, as used in (1) xine/xine-lib, (2) MPlayer 1.0rc1 and earlier, and possibly others, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a rulebook with a large number of rulematches.
CVE-2008-4700 1 Liberiacms 1 Liberia Cms 2026-04-23 N/A
SQL injection vulnerability in admin.php in Libera CMS 1.12 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the libera_staff_pass cookie parameter.