Export limit exceeded: 346158 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346158 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-0544 | 1 Pycrypto | 1 Arc2 | 2026-04-23 | N/A |
| Buffer overflow in the PyCrypto ARC2 module 2.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large ARC2 key length. | ||||
| CVE-2008-6129 | 1 Mozilo | 1 Mozilowiki | 2026-04-23 | N/A |
| Directory traversal vulnerability in print.php in moziloWiki 1.0.1 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter. | ||||
| CVE-2009-0545 | 1 Zeroshell | 1 Zeroshell | 2026-04-23 | N/A |
| cgi-bin/kerbynet in ZeroShell 1.0beta11 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the type parameter in a NoAuthREQ x509List action. | ||||
| CVE-2008-6130 | 1 Mozilo | 1 Mozilowiki | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in moziloWiki 1.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) action and (2) page parameters. | ||||
| CVE-2008-6133 | 1 Ozsari | 1 Full Php Emlak Script | 2026-04-23 | N/A |
| SQL injection vulnerability in arsaprint.php in Full PHP Emlak Script allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3942. | ||||
| CVE-2009-0546 | 1 Newsgator | 1 Feeddemon | 2026-04-23 | N/A |
| Stack-based buffer overflow in NewsGator FeedDemon 2.7 and earlier allows user-assisted remote attackers to execute arbitrary code via a long text attribute in an outline element in a .opml file. | ||||
| CVE-2008-6136 | 1 Drupal | 1 Everyblog | 2026-04-23 | N/A |
| Unspecified vulnerability in EveryBlog 5.x and 6.x, a module for Drupal, allows remote attackers to gain privileges as another user or an administrator via unknown attack vectors. | ||||
| CVE-2008-6139 | 1 Webbiscuits | 1 Modules Controller | 2026-04-23 | N/A |
| Directory traversal vulnerability in faqsupport/wce.download.php in WebBiscuits Modules Controller 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the download parameter. | ||||
| CVE-2008-6143 | 1 Owentechkenya | 1 Owenpoll | 2026-04-23 | N/A |
| OwenPoll 1.0 allows remote attackers to bypass authentication and obtain administrative access via a modified account name in the username cookie. | ||||
| CVE-2008-6144 | 1 Typo3 | 2 Typo3, Wec Discussion Forum | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the WEC Discussion Forum (wec_discussion) extension 1.7.0 and earlier for TYPO3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2008-3029. | ||||
| CVE-2009-0832 | 2 Ausimods, Php-fusion | 2 E-cart, Php-fusion | 2026-04-23 | N/A |
| SQL injection vulnerability in items.php in the E-Cart module 1.3 for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the CA parameter. | ||||
| CVE-2008-6145 | 1 Typo3 | 2 Typo3, Wec Discussion Forum | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in the WEC Discussion Forum (wec_discussion) extension 1.7.0 and earlier for TYPO3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2009-0547 | 2 Evolution, Redhat | 2 Evolution, Enterprise Linux | 2026-04-23 | N/A |
| Evolution 2.22.3.1 checks S/MIME signatures against a copy of the e-mail text within a signed-data blob, not the copy of the e-mail text displayed to the user, which allows remote attackers to spoof a signature by modifying the latter copy, a different vulnerability than CVE-2008-5077. | ||||
| CVE-2008-6149 | 2 Joomla, Joomlaapps | 2 Joomla, Com Mdigg | 2026-04-23 | N/A |
| SQL injection vulnerability in the mDigg (com_mdigg) component 2.2.8 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cagtegory parameter in a story_lists action to index.php. | ||||
| CVE-2008-6150 | 1 Sepcity | 1 Classified Ads | 2026-04-23 | N/A |
| SQL injection vulnerability in classdis.asp in SepCity Classified Ads allows remote attackers to execute arbitrary SQL commands via the ID parameter. | ||||
| CVE-2008-6157 | 1 Sepcity | 1 Classified Ads | 2026-04-23 | 7.5 High |
| SepCity Classified Ads stores the admin password in cleartext in data/classifieds.mdb, which allows context-dependent attackers to obtain sensitive information. | ||||
| CVE-2009-0548 | 1 Eset | 1 Remote Administrator | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Additional Report Settings interface in ESET Remote Administrator before 3.0.105 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-6158 | 1 W3bcms | 1 W3b\>cms | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in the admin backend in w3b>cms (aka w3blabor CMS) before 3.2.0 have unknown impact and remote attack vectors. | ||||
| CVE-2008-6162 | 1 Bux | 1 Bux.to Clone Script | 2026-04-23 | N/A |
| Bux.to Clone script allows remote attackers to bypass authentication and gain administrative access by setting the loggedin cookie to 1 and the usNick cookie to admin. | ||||
| CVE-2008-6163 | 1 Openx | 1 Openx | 2026-04-23 | N/A |
| SQL injection vulnerability in www/delivery/ac.php in OpenX 2.6.1 allows remote attackers to execute arbitrary SQL commands via the bannerid parameter. | ||||