Export limit exceeded: 365170 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (365170 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-2786 1 Mozilla 1 Firefox 2026-04-23 N/A
Buffer overflow in Firefox 3.0 and 2.0.x has unknown impact and attack vectors. NOTE: due to lack of details as of 20080619, it is not clear whether this is the same issue as CVE-2008-2785. A CVE identifier has been assigned for tracking purposes.
CVE-2008-2787 1 Opendocman 1 Opendocman 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in out.php in OpenDocMan 1.2.5 allows remote attackers to inject arbitrary web script or HTML via the last_message parameter.
CVE-2008-2788 1 Opendocman 1 Opendocman 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.php in OpenDocMan 1.2.5 allows remote attackers to inject arbitrary web script or HTML via the redirection parameter.
CVE-2008-2790 1 Mountaingrafix 1 Easytrade 2026-04-23 N/A
SQL injection vulnerability in detail.php in MountainGrafix easyTrade 2.x allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-2811 2 Mozilla, Redhat 4 Firefox, Seamonkey, Thunderbird and 1 more 2026-04-23 N/A
The block reflow implementation in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image whose display requires more pixels than nscoord_MAX, related to nsBlockFrame::DrainOverflowLines.
CVE-2008-2835 1 Igsuite 1 Igsuite 2026-04-23 N/A
SQL injection vulnerability in cgi-bin/igsuite in IGSuite 3.2.4 allows remote attackers to execute arbitrary SQL commands via the formid parameter.
CVE-2008-2821 2 Glub, Microsoft 2 Secure Ftp, Windows Nt 2026-04-23 N/A
Directory traversal vulnerability in the FTP client in Glub Tech Secure FTP before 2.5.16 on Windows allows remote FTP servers to create or overwrite arbitrary files via a ..\ (dot dot backslash) in a response to a LIST command, a related issue to CVE-2002-1345.
CVE-2008-2822 1 3dftp 1 3d-ftp Client 2026-04-23 N/A
Multiple directory traversal vulnerabilities in the FTP client in 3D-FTP Client 8.01 (8.0 build 1) allow remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a response to a (1) LIST or (2) MLSD command.
CVE-2008-2823 1 Phpeasynews 1 Phpeasyblog 2026-04-23 N/A
SQL injection vulnerability in newsarchive.php in PHPeasyblog (formerly phpeasynews) 1.13 RC2 and earlier allows remote attackers to execute arbitrary SQL commands via the post parameter.
CVE-2008-2846 1 Boatscripts 1 Boatscripts Classifieds 2026-04-23 N/A
SQL injection vulnerability in index.php in BoatScripts Classifieds allows remote attackers to execute arbitrary SQL commands via the type parameter.
CVE-2008-2847 1 Softdivision 1 Maxtrade Aoi 2026-04-23 N/A
SQL injection vulnerability in the Trade module in Maxtrade AIO 1.3.23 allows remote attackers to execute arbitrary SQL commands via the categori parameter in a pocategorisell action to modules.php.
CVE-2008-2848 1 Mindtouch 1 Dekiwiki 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the search functionality in MindTouch DekiWiki before 8.05.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-2849 1 Drupal 1 Trailscout Module 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the TrailScout module 5.x before 5.x-1.4 for Drupal allows remote authenticated users, with create post permissions, to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-2850 1 Drupal 1 Trailscout Module 2026-04-23 N/A
SQL injection vulnerability in the TrailScout module 5.x before 5.x-1.4 for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified cookies, related to improper use of the Drupal database API.
CVE-2008-2851 1 Offsystem 1 Offsystem 2026-04-23 N/A
Multiple buffer overflows in OFF System before 0.19.14 allow remote attackers to have an unknown impact via unspecified vectors related to "parsing of http headers."
CVE-2008-2852 1 Nathan Neulinger 1 Cgiwrap 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in CGIWrap before 4.1, when an Internet Explorer based browser is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to failure to set the charset in error messages.
CVE-2008-2854 1 Orlando Cms 1 Orlando Cms 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in Orlando CMS 0.6 allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[preloc] parameter to (1) modules/core/logger/init.php and (2) AJAX/newscat.php.
CVE-2008-2856 1 Ownrs 1 Ownrs 2026-04-23 N/A
SQL injection vulnerability in clanek.php in OwnRS Beta 3 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-2857 1 Alstrasoft 1 Askme 2026-04-23 N/A
AlstraSoft AskMe Pro 2.1 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
CVE-2008-2859 1 Netwin 1 Surgemail 2026-04-23 N/A
Unspecified vulnerability in the IMAP service in NetWin SurgeMail before 3.9g2 allows remote attackers to cause a denial of service (daemon crash) via unknown vectors related to an "imap command."