Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-0586 | 1 Ibm | 1 Aix | 2017-09-29 | 7.2 HIGH | N/A |
| Multiple buffer overflows in IBM AIX 5.2 and 5.3 allow local users to gain privileges via unspecified vectors related to the (1) lchangevg, (2) ldeletepv, (3) putlvodm, (4) lvaryoffvg, and (5) lvgenminor programs in bos.rte.lvm; and the (6) tellclvmd program in bos.clvm.enh. | |||||
| CVE-2008-0587 | 1 Ibm | 1 Aix | 2017-09-29 | 7.2 HIGH | N/A |
| Buffer overflow in the uspchrp program in devices.chrp.base.diag in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2008-0588 | 1 Ibm | 1 Aix | 2017-09-29 | 7.2 HIGH | N/A |
| Buffer overflow in the utape program in devices.scsi.tape.diag in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2008-0598 | 1 Linux | 1 Linux Kernel | 2017-09-29 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in the 32-bit and 64-bit emulation in the Linux kernel 2.6.9, 2.6.18, and probably other versions allows local users to read uninitialized memory via unknown vectors involving a crafted binary. | |||||
| CVE-2008-0601 | 1 All Club Cms | 1 All Club Cms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in All Club CMS (ACCMS) 0.0.1f and earlier allows remote attackers to execute arbitrary SQL commands via the name parameter. | |||||
| CVE-2008-0602 | 1 All Club Cms | 1 All Club Cms | 2017-09-29 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in All Club CMS (ACCMS) 0.0.1f and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the class_name parameter. | |||||
| CVE-2008-0603 | 3 Amazoop, Joomla, Mambo | 3 Awesom, Com Awesom, Com Awesom | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the amazOOP Awesom! (com_awesom) 0.3.2component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter in a viewlist task. | |||||
| CVE-2008-0606 | 3 Joomla, Mambo, Phil Taylor | 3 Com Shambo2, Com Shambo2, Shambo2 | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Shambo2 (com_shambo2) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter. | |||||
| CVE-2008-0607 | 3 Joomla, Mambo, Sigsiu.net | 3 Com Sobi2, Com Sobi2, Sobi2 | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Sigsiu Online Business Index 2 (SOBI2, com_sobi2) 2.5.3 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-0611 | 2 Rmsoft, Xoops | 2 Gallery System, Xoops | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in rmgs/images.php in the RMSOFT Gallery System 2.0 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-0614 | 1 Photokorn | 1 Gallery | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Photokorn Gallery 1.543 allows remote attackers to execute arbitrary SQL commands via the pic parameter in a showpic action. | |||||
| CVE-2008-0623 | 1 Yahoo | 1 Music Jukebox | 2017-09-29 | 4.3 MEDIUM | N/A |
| Stack-based buffer overflow in the YMP Datagrid ActiveX control (datagrid.dll) in Yahoo! Music Jukebox 2.2.2.056 allows remote attackers to execute arbitrary code via a long argument to the AddImage method. | |||||
| CVE-2008-0624 | 1 Yahoo | 1 Music Jukebox | 2017-09-29 | 4.3 MEDIUM | N/A |
| Buffer overflow in the YMP Datagrid ActiveX control (datagrid.dll) in Yahoo! JukeBox 2.2.2.56 allows remote attackers to execute arbitrary code via a long argument to the AddButton method, a different vulnerability than CVE-2008-0623. | |||||
| CVE-2008-0625 | 1 Yahoo | 1 Music Jukebox | 2017-09-29 | 4.3 MEDIUM | N/A |
| Buffer overflow in the MediaGrid ActiveX control (mediagrid.dll) in Yahoo! Music Jukebox 2.2.2.56 allows remote attackers to execute arbitrary code via a long argument to the AddBitmap method. | |||||
| CVE-2008-0631 | 1 Afterlogic | 1 Mailbee Objects | 2017-09-29 | 4.3 MEDIUM | N/A |
| Multiple ActiveX controls in MailBee.dll in MailBee Objects 5.5 allow remote attackers to (1) overwrite arbitrary files via the SaveToDisk method, or (2) modify files via the AddStringToFile method. | |||||
| CVE-2008-0634 | 1 Sejoong Namo | 2 Activesquare, Namoinstall.1 Activex Control | 2017-09-29 | 7.5 HIGH | N/A |
| Buffer overflow in the NamoInstaller.NamoInstall.1 ActiveX control in NamoInstaller.dll 3.0.0.1, as used in Sejoong Namo ActiveSquare6, allows remote attackers to execute arbitrary code via a long argument to the Install method, a different vulnerability than CVE-2008-0551. | |||||
| CVE-2008-0647 | 1 Ourgame.com | 2 Glworld, Hangameplugincn18 Activex Control | 2017-09-29 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in the HanGamePluginCn18.HanGamePluginCn18.1 ActiveX control in HanGamePluginCn18.dll in Ourgame GLWorld 2.6.1.29 (aka Lianzong Game Platform) allow remote attackers to execute arbitrary code via long arguments to the (1) hgs_startGame and (2) hgs_startNotify methods, as exploited in the wild as of February 2008. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-0648 | 1 Opensiteadmin | 1 Opensiteadmin | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in OpenSiteAdmin 0.9.1.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) indexFooter.php; and (2) DatabaseManager.php, (3) FieldManager.php, (4) Filter.php, (5) Form.php, (6) FormManager.php, (7) LoginManager.php, and (8) Filters/SingleFilter.php in scripts/classes/. | |||||
| CVE-2008-0649 | 1 Adp | 1 Astanda Directory Project | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in detail.php in Astanda Directory Project (ADP) 1.2 and 1.3 allows remote attackers to execute arbitrary SQL commands via the link_id parameter. | |||||
| CVE-2008-0652 | 2 Joomla, Mambo | 2 Com Downloads, Com Downloads | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Downloads (com_downloads) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in a selectfolder action. | |||||
| CVE-2008-0653 | 1 Joomla | 1 Com Ynews | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Ynews (com_ynews) 1.0.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showYNews action. | |||||
| CVE-2008-0657 | 1 Sun | 2 Jdk, Jre | 2017-09-29 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in the Java Runtime Environment in Sun JDK and JRE 6 Update 1 and earlier, and 5.0 Update 13 and earlier, allow context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs. | |||||
| CVE-2008-0659 | 2 Aurigma, Myspace | 2 Image Uploader Activex Control, Myspaceuploader | 2017-09-29 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.5.70 and earlier, as used in MySpace MySpaceUploader.ocx 1.0.0.4, allows remote attackers to execute arbitrary code via a long Action property. | |||||
| CVE-2008-0660 | 2 Aurigma, Facebook | 3 Image Uploader Activex Control, Facebook, Photouploader | 2017-09-29 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1) ExtractExif and (2) ExtractIptc properties. | |||||
| CVE-2008-0670 | 1 Joomla | 1 Com Noticias | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Noticias (com_noticias) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detalhe action. | |||||
| CVE-2008-0676 | 1 A-blog | 1 A-blog | 2017-09-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in A-Blog 2 allows remote attackers to inject arbitrary web script or HTML via the words parameter. | |||||
| CVE-2008-0677 | 1 A-blog | 1 A-blog | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in blog.php in A-Blog 2 allows remote attackers to execute arbitrary SQL commands via the id parameter in a news action. | |||||
| CVE-2008-0678 | 1 Blogphp | 1 Blogphp | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in BlogPHP 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a page action. | |||||
| CVE-2008-0679 | 1 Blogphp | 1 Blogphp | 2017-09-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in BlogPHP 2.0 allows remote attackers to inject arbitrary web script or HTML via the search parameter. | |||||
| CVE-2008-0682 | 1 Wordpress | 1 Wordspew | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in wordspew-rss.php in the Wordspew plugin before 3.72 for Wordpress allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-0683 | 1 Wordpress | 1 St Newsletter Plugin | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in shiftthis-preview.php in the ShiftThis Newsletter (st_newsletter) plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the newsletter parameter. | |||||
| CVE-2008-0686 | 2 Joomla, Mambo | 2 Com Neoreferences, Com Neoreferences | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the NeoReferences (com_neoreferences) 1.3.1 and 1.3.3 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter. | |||||
| CVE-2008-0689 | 1 Joomla | 1 Com Marketplace | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Marketplace (com_marketplace) 1.1.1 and 1.1.1-pl1 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a show_category action. | |||||
| CVE-2008-0690 | 1 Joomla | 1 Com Directory | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the mosDirectory (com_directory) 2.3.2 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a viewcat action. | |||||
| CVE-2008-0692 | 1 Itechscripts | 1 Itechbids | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in bidhistory.php in iTechBids 3 Gold and 5.0 allows remote attackers to execute arbitrary SQL commands via the item_id parameter. | |||||
| CVE-2008-0695 | 1 Bookmarkx | 1 Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in BookmarkX script 2007 allows remote attackers to execute arbitrary SQL commands via the topicid parameter in a showtopic action. | |||||
| CVE-2008-0713 | 1 Hp | 1 Hp-ux | 2017-09-29 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in the FTP server for HP-UX B.11.11, B.11.23, and B.11.31 allows remote authenticated users to cause a denial of service (FTP server outage) via unknown attack vectors. | |||||
| CVE-2008-0714 | 1 Mihalism | 1 Multi Host | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in users.php in Mihalism Multi Host allows remote attackers to execute arbitrary SQL commands via the username parameter in a lost_password_go action. | |||||
| CVE-2008-0718 | 1 Sun | 1 Solaris | 2017-09-29 | 4.7 MEDIUM | N/A |
| Unspecified vulnerability in the USB Mouse STREAMS module (usbms) in Sun Solaris 9 and 10, when 64-bit mode is enabled, allows local users to cause a denial of service (panic) via unspecified vectors. | |||||
| CVE-2008-0719 | 1 Oscommerce | 2 Customer Testimonials, Oscommerce | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in customer_testimonials.php in the Customer Testimonials 3 and 3.1 Addon for osCommerce Online Merchant 2.2 allows remote attackers to execute arbitrary SQL commands via the testimonial_id parameter. | |||||
| CVE-2008-0721 | 1 Mambo | 1 Com Sermon | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Sermon (com_sermon) 0.2 component for Mambo allows remote attackers to execute arbitrary SQL commands via the gid parameter. | |||||
| CVE-2008-0722 | 1 Pagetool | 1 Pagetool | 2017-09-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Pagetool 1.0.7 allows remote attackers to inject arbitrary web script or HTML via the search_term parameter in a pagetool_search action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-0734 | 1 Limbo Cms | 1 Limbo Cms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in class_auth.php in Limbo CMS 1.0.4.2, and possibly earlier versions, allows remote attackers to execute arbitrary SQL commands via the cuid cookie parameter to admin.php. | |||||
| CVE-2008-0735 | 1 Auracms | 1 Auracms | 2017-09-29 | 10.0 HIGH | N/A |
| SQL injection vulnerability in mod/gallery/ajax/gallery_data.php in AuraCMS 2.2 allows remote attackers to execute arbitrary SQL commands via the albums parameter. | |||||
| CVE-2008-0745 | 1 Domphp | 1 Domphp | 2017-09-29 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in aides/index.php in DomPHP 0.82 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. | |||||
| CVE-2008-0746 | 2 Joomla, Mambo | 2 Com Gallery, Com Gallery | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Gallery (com_gallery) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | |||||
| CVE-2008-0752 | 2 Joomla, Mambo | 2 Com Neogallery, Com Neogallery | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Neogallery (com_neogallery) 1.1 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a show action. | |||||
| CVE-2008-0761 | 1 Joomla | 1 Com Pcchess | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Prince Clan Chess Club (com_pcchess) 0.8 and earlier component for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter in a players action. | |||||
| CVE-2008-0770 | 1 Ibproarcade | 1 Ibproarcade | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in arcade.php in ibProArcade 3.3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the g_display_order cookie parameter. | |||||
| CVE-2008-0772 | 2 Joomla, Mambo | 2 Com Doc, Com Doc | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the com_doc component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the sid parameter in a view task. | |||||