Export limit exceeded: 364988 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364988 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-2453 1 Phpclassifiedsscript 1 Php Classifieds Script 2026-04-23 N/A
Multiple SQL injection vulnerabilities in PHP Classifieds Script allow remote attackers to execute arbitrary SQL commands via the fatherID parameter to (1) browse.php and (2) search.php.
CVE-2008-2455 1 E107coders 1 E107 Blog Engine 2026-04-23 N/A
SQL injection vulnerability in comment.php in the MacGuru BLOG Engine plugin 2.2 for e107 allows remote attackers to execute arbitrary SQL commands via the rid parameter.
CVE-2008-2456 1 Comicshout 1 Comicshout 2026-04-23 N/A
SQL injection vulnerability in index.php in ComicShout 2.5 and earlier allows remote attackers to execute arbitrary SQL commands via the comic_id parameter.
CVE-2008-2490 1 Typo3 1 Kj Imagelightbox2 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the KJ Image Lightbox 2 (aka kj_imagelightbox2) extension 1.4.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified "user input."
CVE-2008-2487 1 Maxsite 1 Maxsite 2026-04-23 N/A
SQL injection vulnerability in index.php in MAXSITE 1.10 and earlier allows remote attackers to execute arbitrary SQL commands via the category parameter in a webboard action.
CVE-2008-2488 1 Beaussier 1 Roomphplanning 2026-04-23 N/A
admin/userform.php in RoomPHPlanning 1.5 does not require administrative credentials, which allows remote authenticated users to create new admin accounts.
CVE-2008-2489 1 Typo3 1 Sg Zfelib 2026-04-23 N/A
SQL injection vulnerability in the Library for Frontend Plugins (aka sg_zfelib) extension 1.1.512 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified "user input."
CVE-2008-2494 1 Pancake 1 Zina 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.php in Zina 1.0 RC3 allows remote attackers to inject arbitrary web script or HTML via the l parameter.
CVE-2008-2495 1 Pancake 1 Zina 2026-04-23 N/A
Directory traversal vulnerability in index.php in Zina 1.0 RC3 allows remote attackers to have an unknown impact via a .. (dot dot) in the p parameter.
CVE-2008-2496 1 Quate 1 Quate Cms 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Quate CMS 0.3.4 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) index.php, (2) login.php, and (3) credits.php in admin/, and (4) upgrade/index.php.
CVE-2008-2513 1 Ibm 1 Aix 2026-04-23 N/A
Buffer overflow in the kernel in IBM AIX 5.2, 5.3, and 6.1 allows local users to execute arbitrary code in kernel mode via unknown attack vectors.
CVE-2008-2514 1 Ibm 1 Aix 2026-04-23 N/A
Buffer overflow in errpt in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileges via unknown attack vectors.
CVE-2008-2515 1 Ibm 1 Aix 2026-04-23 N/A
Unspecified vulnerability in iostat in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileges via unknown vectors related to an "environment variable handling error."
CVE-2008-2516 1 Libpam-pgsql 1 Libpam-pgsql 2026-04-23 N/A
pam_sm_authenticate in pam_pgsql.c in libpam-pgsql 0.6.3 does not properly consider operator precedence when evaluating the success of a pam_get_pass function call, which allows local users to gain privileges via a SIGINT signal when this function is executing, as demonstrated by a CTRL-C sequence at a sudo password prompt in an "auth sufficient pam_pgsql.so" configuration.
CVE-2008-2517 1 Sarab 1 Sarab 2026-04-23 N/A
The sarab.sh script in SaraB before 0.2.4 places the dar program's encryption key on the command line, which allows local users to obtain sensitive information by listing the process.
CVE-2008-2537 1 Hispah 1 Model Search 2026-04-23 N/A
SQL injection vulnerability in cat.php in HispaH Model Search allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2008-2538 1 Sun 1 Solaris 2026-04-23 N/A
Unspecified vulnerability in crontab on Sun Solaris 8 through 10, and OpenSolaris before snv_93, allows local users to insert cron jobs into the crontab files of arbitrary users via unspecified vectors.
CVE-2008-2539 1 Sun 1 Cluster 2026-04-23 N/A
The Sun Cluster Global File System in Sun Cluster 3.1 on Sun Solaris 8 through 10, when an underlying ufs filesystem is used, might allow local users to read data from arbitrary deleted files, or corrupt files in global filesystems, via unspecified vectors.
CVE-2006-5386 1 Nuralstorm 1 Nuralstorm Webmail 2026-04-23 N/A
PHP remote file inclusion vulnerability in process.php in NuralStorm Webmail 0.98b and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the DEFAULT_SKIN parameter.
CVE-2007-3659 1 Freewrl 1 Freewrl 2026-04-23 N/A
Buffer overflow in the doBrowserAction function in FreeWRL 1.19.3 allows local users to execute arbitrary code via a crafted BROWSER environment variable. NOTE: it is not clear whether this issue crosses privilege boundaries.