Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-7124 | 1 Zkup | 1 Zkup | 2017-09-29 | 7.5 HIGH | N/A |
| zKup CMS 2.0 through 2.3 does not require administrative authentication for admin/configuration/modifier.php, which allows remote attackers to gain administrator privileges via a direct request, as demonstrated by adding a new administrator. | |||||
| CVE-2008-7136 | 1 Icq | 1 Icq Toolbar | 2017-09-29 | 4.3 MEDIUM | N/A |
| toolbaru.dll in ICQ Toolbar (ICQToolbar) 2.3 allows remote attackers to cause a denial of service (toolbar crash) via a long argument to the (1) RequestURL, (2) GetPropertyById, or (3) SetPropertyById method, different vectors than CVE-2008-7135. | |||||
| CVE-2008-7153 | 1 Docebo | 1 Docebo | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the autoDetectRegion function in doceboCore/lib/lib.regset.php in Docebo 3.5.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the Accept-Language HTTP header. NOTE: this can be leveraged to execute arbitrary PHP code using the INTO DUMPFILE command. | |||||
| CVE-2008-7154 | 1 Docebo | 1 Docebo | 2017-09-29 | 5.0 MEDIUM | N/A |
| Docebo 3.5.0.3 and earlier allows remote attackers to obtain sensitive information via a direct request to (1) class/class.conf_fw.php, (2) class.module/class.event_manager.php, (3) lib/lib.domxml5.php, or (4) menu/menu_over.php in doceboCore/; or (5) class/class.conf_cms.php, (6) lib/lib.compose.php, (7) modules/chat/teleskill.php, or (8) class/class.admin_menu_cms.php in doceboCms/; which reveals the installation path in an error message. | |||||
| CVE-2008-7156 | 1 Ekinboard | 1 Ekinboard | 2017-09-29 | 6.8 MEDIUM | N/A |
| EkinBoard 1.1.0 and earlier, when register_globals is enabled, allows remote attackers to bypass authorization and gain administrator privileges by setting the _groups[] parameter to 2, as demonstrated via backup.php. | |||||
| CVE-2008-7157 | 1 Ekinboard | 1 Ekinboard | 2017-09-29 | 6.8 MEDIUM | N/A |
| Unrestricted file upload vulnerability in EkinBoard 1.1.0 and earlier allows remote attackers to execute arbitrary code by uploading an avatar file with an executable extension followed by a safe extension, then accessing it via a direct request to the file in uploaded/avatars/. | |||||
| CVE-2008-7163 | 1 Sinecms | 1 Sinecms | 2017-09-29 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in mods/Integrated/index.php in SineCMS 2.3.5 and earlier, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via the sine[config][index_main] parameter. | |||||
| CVE-2008-7167 | 1 Sami Ekblad | 1 Page Manager | 2017-09-29 | 7.5 HIGH | N/A |
| Unrestricted file upload vulnerability in upload.php in Page Manager 2006-02-04 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory. | |||||
| CVE-2008-7169 | 2 Jabode, Joomla | 2 Com Jabode, Joomla\! | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Jabode horoscope extension (com_jabode) for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a sign task to index.php. | |||||
| CVE-2008-7171 | 1 Yanick Bourbeau | 1 Lightweight News Portal | 2017-09-29 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Lightweight news portal (LNP) 1.0b allow remote attackers to inject arbitrary web script or HTML via the (1) photo parameter to show_photo.php, (2) potd parameter to show_potd.php, or (3) the Current question field in a vote action to admin.php. | |||||
| CVE-2008-7172 | 1 Yanick Bourbeau | 1 Lightweight News Portal | 2017-09-29 | 7.5 HIGH | N/A |
| Lightweight news portal (LNP) 1.0b does not properly restrict access to administrator functionality, which allows remote attackers to gain administrator privileges via direct requests to admin.php with the (1) potd_delete, (2) potd, (3) vote_update, (4) vote, or (5) modifynews actions. | |||||
| CVE-2008-7176 | 1 Celina Jorge | 1 Facil Cms | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Facil CMS 0.1RC allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) change_lang parameter to index.php or (2) modload parameter to modules.php. | |||||
| CVE-2008-7178 | 1 Xoops | 2 Uploader, Xoops | 2017-09-29 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in Uploader module 1.1 for XOOPS allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter in a downloadfile action to index.php. | |||||
| CVE-2008-7179 | 1 Otmanager | 1 Otmanager Cms | 2017-09-29 | 7.5 HIGH | N/A |
| OTManager CMS 2.4 allows remote attackers to bypass authentication and gain administrator privileges by setting the ADMIN_Hora, ADMIN_Logado, and ADMIN_Nome cookies to certain values, as reachable in Admin/index.php. | |||||
| CVE-2008-7180 | 1 Rittwick Banerjee | 1 Telephone Directory 2008 | 2017-09-29 | 5.0 MEDIUM | N/A |
| del_query1.php in Telephone Directory 2008 allows remote attackers to delete arbitrary contacts via a direct request with a modified id variable. | |||||
| CVE-2008-7181 | 1 Butterflymedia | 1 Butterfly Organizer | 2017-09-29 | 7.5 HIGH | N/A |
| Butterfly Organizer 2.0.0 allows remote attackers to (1) delete arbitrary categories via a modified tablehere parameter to category-delete.php with the is_js_confirmed parameter set to 1, or (2) delete arbitrary accounts via the mytable parameter to delete.php. | |||||
| CVE-2008-7182 | 1 Netwin | 1 Surgemail | 2017-09-29 | 4.0 MEDIUM | N/A |
| Buffer overflow in the IMAP service in NetWin Surgemail 3.9e, and possibly other versions before 3.9g2, allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long first argument to the APPEND command, a different vector than CVE-2008-1497 and CVE-2008-1498. NOTE: due to lack of details, it is not certain whether this is the same issue as CVE-2008-2859. | |||||
| CVE-2008-7188 | 1 Clip-share | 1 Clipshare | 2017-09-29 | 7.5 HIGH | N/A |
| ClipShare 2.6 does not properly restrict access to certain functionality, which allows remote attackers to change the profile of arbitrary users via a modified uid variable to siteadmin/useredit.php. NOTE: this can be used to recover the password of the user by using the modified e-mail address in the email parameter to recoverpass.php. | |||||
| CVE-2008-7210 | 1 Ming Han | 1 Ajchat | 2017-09-29 | 7.5 HIGH | N/A |
| directory.php in AJchat 0.10 allows remote attackers to bypass input validation and conduct SQL injection attacks via a numeric parameter with a value matching the s parameter's hash value, which prevents the associated $_GET["s"] variable from being unset. NOTE: it could be argued that this vulnerability is due to a bug in the unset PHP command (CVE-2006-3017) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in AJChat. | |||||
| CVE-2008-7224 | 1 Elinks | 1 Elinks | 2017-09-29 | 7.8 HIGH | N/A |
| Buffer overflow in entity_cache in ELinks before 0.11.4rc0 allows remote attackers to cause a denial of service (crash) via a crafted link. | |||||
| CVE-2008-7240 | 1 Linuxwebshop | 1 Php User Base | 2017-09-29 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in include/unverified.inc.php in Linux Web Shop (LWS) php User Base 1.3beta allows remote attackers to include and execute arbitrary local files via the template parameter. | |||||
| CVE-2009-0007 | 1 Apple | 1 Quicktime | 2017-09-29 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a QuickTime movie file containing invalid image width data in JPEG atoms within STSD atoms. | |||||
| CVE-2009-0008 | 2 Apple, Microsoft | 3 Quicktime Mpeg-2 Playback Component, Windows Vista, Windows Xp | 2017-09-29 | 7.6 HIGH | N/A |
| Unspecified vulnerability in Apple QuickTime MPEG-2 Playback Component before 7.60.92.0 on Windows allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted MPEG-2 movie. | |||||
| CVE-2009-0030 | 1 Squirrelmail | 1 Squirrelmail | 2017-09-29 | 6.5 MEDIUM | N/A |
| A certain Red Hat patch for SquirrelMail 1.4.8 sets the same SQMSESSID cookie value for all sessions, which allows remote authenticated users to access other users' folder lists and configuration data in opportunistic circumstances by using the standard webmail.php interface. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-3663. | |||||
| CVE-2009-0031 | 1 Linux | 1 Linux Kernel | 2017-09-29 | 4.9 MEDIUM | N/A |
| Memory leak in the keyctl_join_session_keyring function (security/keys/keyctl.c) in Linux kernel 2.6.29-rc2 and earlier allows local users to cause a denial of service (kernel memory consumption) via unknown vectors related to a "missing kfree." | |||||
| CVE-2009-0036 | 1 Libvirt | 1 Libvirt | 2017-09-29 | 4.4 MEDIUM | N/A |
| Buffer overflow in the proxyReadClientSocket function in proxy/libvirt_proxy.c in libvirt_proxy 0.5.1 might allow local users to gain privileges by sending a portion of the header of a virProxyPacket packet, and then sending the remainder of the packet with crafted values in the header, related to use of uninitialized memory in a validation check. | |||||
| CVE-2009-0065 | 1 Linux | 1 Linux Kernel | 2017-09-29 | 10.0 HIGH | N/A |
| Buffer overflow in net/sctp/sm_statefuns.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.28-git8 allows remote attackers to have an unknown impact via an FWD-TSN (aka FORWARD-TSN) chunk with a large stream ID. | |||||
| CVE-2009-0070 | 1 Apple | 1 Safari | 2017-09-29 | 9.3 HIGH | N/A |
| Integer signedness error in Apple Safari allows remote attackers to read the contents of arbitrary memory locations, cause a denial of service (application crash), and probably have unspecified other impact via the array index of the arguments array in a JavaScript function, possibly a related issue to CVE-2008-2307. | |||||
| CVE-2009-0071 | 1 Mozilla | 1 Firefox | 2017-09-29 | 2.6 LOW | N/A |
| Mozilla Firefox 3.0.5 and earlier 3.0.x versions, when designMode is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a certain (a) replaceChild or (b) removeChild call, followed by a (1) queryCommandValue, (2) queryCommandState, or (3) queryCommandIndeterm call. NOTE: it was later reported that 3.0.6 and 3.0.7 are also affected. | |||||
| CVE-2009-0103 | 1 Playsms | 1 Playsms | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in playSMS 0.9.3 allow remote attackers to execute arbitrary PHP code via a URL in the (1) apps_path[plug] parameter to plugin/gateway/gnokii/init.php, the (2) apps_path[themes] parameter to plugin/themes/default/init.php, and the (3) apps_path[libs] parameter to lib/function.php. | |||||
| CVE-2009-0104 | 1 Se-ed | 1 Ezpack | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in EZpack 4.2b2 allows remote attackers to execute arbitrary SQL commands via the qType parameter in a webboard prog action. | |||||
| CVE-2009-0105 | 1 Se-ed | 1 Ezpack | 2017-09-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in EZpack 4.2b2 allows remote attackers to inject arbitrary web script or HTML via the mdfd parameter in a prog action. | |||||
| CVE-2009-0108 | 1 Phpauctions | 1 Phpauctions | 2017-09-29 | 7.5 HIGH | N/A |
| PHPAuctions (aka PHPAuctionSystem) allows remote attackers to bypass authentication and gain administrative access via modified (1) PHPAUCTION_RM_ID, (2) PHPAUCTION_RM_NAME, (3) PHPAUCTION_RM_USERNAME, and (4) PHPAUCTION_RM_EMAIL cookies. | |||||
| CVE-2009-0109 | 1 Riotpix | 1 Riotpix | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in RiotPix 0.61 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-0110 | 1 Riotpix | 1 Riotpix | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in read.php in RiotPix 0.61 and earlier allows remote attackers to execute arbitrary SQL commands via the forumid parameter. | |||||
| CVE-2009-0111 | 1 Goople Cms | 1 Goople Cms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in frontpage.php in Goople CMS 1.8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2009-0113 | 1 Joomla | 2 Joomla, Xstandard | 2017-09-29 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in attachmentlibrary.php in the XStandard component for Joomla! 1.5.8 and earlier allows remote attackers to list arbitrary directories via a .. (dot dot) in the X_CMS_LIBRARY_PATH HTTP header. | |||||
| CVE-2009-0114 | 2 Adobe, Microsoft | 5 Air, Flash Player, Flash Player For Linux and 2 more | 2017-09-29 | 5.8 MEDIUM | N/A |
| Unspecified vulnerability in the Settings Manager in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87, and possibly other versions, allows remote attackers to trick a user into visiting an arbitrary URL via unknown vectors, related to "a potential Clickjacking issue variant." | |||||
| CVE-2009-0115 | 1 Christophe.varoqui | 1 Multipath-tools | 2017-09-29 | 7.2 HIGH | N/A |
| The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon. | |||||
| CVE-2009-0119 | 1 Microsoft | 1 Windows Xp | 2017-09-29 | 10.0 HIGH | N/A |
| Buffer overflow in Microsoft Windows XP SP3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .chm file. | |||||
| CVE-2009-0133 | 1 Microsoft | 1 Html Help Workshop | 2017-09-29 | 10.0 HIGH | N/A |
| Buffer overflow in Microsoft HTML Help Workshop 4.74 and earlier allows context-dependent attackers to execute arbitrary code via a .hhp file with a long "Index file" field, possibly a related issue to CVE-2006-0564. | |||||
| CVE-2009-0134 | 1 Share2 | 1 Easy Grid Control | 2017-09-29 | 9.3 HIGH | N/A |
| Insecure method vulnerability in the EasyGrid.SGCtrl.32 ActiveX control in EasyGrid.ocx 1.0.0.1 in AAA EasyGrid ActiveX 3.51 allows remote attackers to create and overwrite arbitrary files via the (1) DoSaveFile or (2) DoSaveHtmlFile method. NOTE: vector 1 could be leveraged for code execution by creating executable files in Startup folders or by accessing files using hcp:// URLs. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-0148 | 1 Cscope | 1 Cscope | 2017-09-29 | 9.3 HIGH | N/A |
| Multiple buffer overflows in Cscope before 15.7a allow remote attackers to execute arbitrary code via long strings in input such as (1) source-code tokens and (2) pathnames, related to integer overflows in some cases. NOTE: this issue exists because of an incomplete fix for CVE-2004-2541. | |||||
| CVE-2009-0153 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-09-29 | 4.3 MEDIUM | N/A |
| International Components for Unicode (ICU) 4.0, 3.6, and other 3.x versions, as used in Apple Mac OS X 10.5 before 10.5.7, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Fedora 9 and 10, and possibly other operating systems, does not properly handle invalid byte sequences during Unicode conversion, which might allow remote attackers to conduct cross-site scripting (XSS) attacks. | |||||
| CVE-2009-0167 | 1 Sun | 2 Opensolaris, Solaris | 2017-09-29 | 4.7 MEDIUM | N/A |
| Unspecified vulnerability in lpadmin in Sun Solaris 10 and OpenSolaris snv_61 through snv_106 allows local users to cause a denial of service via unspecified vectors, related to enumeration of "wrong printers," aka a "Temporary file vulnerability." | |||||
| CVE-2009-0168 | 1 Sun | 2 Opensolaris, Solaris | 2017-09-29 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in ppdmgr in Sun Solaris 10 and OpenSolaris snv_61 through snv_106 allows local users to cause a denial of service via unspecified vectors, related to a failure to "include all cache files," and improper handling of temporary files. | |||||
| CVE-2009-0174 | 1 Vuplayer | 1 Vuplayer | 2017-09-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in VUPlayer 2.49 allows remote attackers to execute arbitrary code via a long .asf URI in the HREF attribute of a REF element in a .asx file. | |||||
| CVE-2009-0175 | 1 Heathcosoft | 1 Mp3 Trackmaker | 2017-09-29 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in Heathco Software MP3 TrackMaker 1.5 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long string in an invalid .mp3 file. | |||||
| CVE-2009-0207 | 2 Hp, Oracle | 3 Hp-ux, Vrtsodm, Vrtsvxfs | 2017-09-29 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in HP-UX B.11.11 running VERITAS Oracle Disk Manager (VRTSodm) 3.5, B.11.23 running VRTSodm 4.1 or VERITAS File System (VRTSvxfs) 4.1, B.11.23 running VRTSodm 5.0 or VRTSvxfs 5.0, and B.11.31 running VRTSodm 5.0 allows local users to gain root privileges via unknown vectors. | |||||
| CVE-2009-0248 | 1 Katywhitton | 1 Rankem | 2017-09-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in rankup.asp in Katy Whitton RankEm allows remote attackers to inject arbitrary web script or HTML via the siteID parameter. | |||||