Export limit exceeded: 361570 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (361570 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-4736 | 1 Aves | 1 Rpg Board | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in RPG.Board 0.8 Beta2 and earlier allows remote attackers to execute arbitrary SQL commands via the showtopic parameter. | ||||
| CVE-2008-4729 | 1 Hummingbird | 2 Exceed, Exceed Powersuite | 2026-04-23 | N/A |
| Stack-based buffer overflow in Hummingbird.XWebHostCtrl.1 ActiveX control (hclxweb.dll) in Hummingbird Xweb ActiveX Control 13.0 and earlier allows remote attackers to execute arbitrary code via a long PlainTextPassword property. NOTE: code execution might not be possible in 13.0. | ||||
| CVE-2008-4730 | 1 Phpmyid | 1 Phpmyid | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in MyID.php in phpMyID 0.9 allows remote attackers to inject arbitrary web script or HTML via the openid_trust_root parameter and an inconsistent openid_return_to parameter, which is not properly handled in an error message. | ||||
| CVE-2008-4731 | 1 Michael Christen | 1 Yacy | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in YaCy before 0.61 have unknown impact and attack vectors. | ||||
| CVE-2008-4733 | 2 Pressography, Wordpress | 2 Wp Comment Remix Plugin, Wordpress | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in wpcommentremix.php in WP Comment Remix plugin before 1.4.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the (1) replytotext, (2) quotetext, (3) originallypostedby, (4) sep, (5) maxtags, (6) tagsep, (7) tagheadersep, (8) taglabel, and (9) tagheaderlabel parameters. | ||||
| CVE-2008-4734 | 2 Pressography, Wordpress | 2 Wp Comment Remix Plugin, Wordpress | 2026-04-23 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the wpcr_do_options_page function in WP Comment Remix plugin before 1.4.4 for WordPress allows remote attackers to perform unauthorized actions as administrators via a request that sets the wpcr_hidden_form_input parameter. | ||||
| CVE-2008-4735 | 1 Coastal | 1 Coast | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in header.php in Concord Asset, Software, and Ticket system (CoAST) 0.95 allows remote attackers to execute arbitrary PHP code via a URL in the sections_file parameter. | ||||
| CVE-2008-4738 | 1 Tufat | 1 Mycard | 2026-04-23 | N/A |
| SQL injection vulnerability in gallery.php in MyCard 1.0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-4739 | 1 Plugspace | 1 Plugspace | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in PlugSpace 0.1, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the navi parameter. | ||||
| CVE-2008-4740 | 1 Tinycms | 1 Tinycms | 2026-04-23 | N/A |
| Directory traversal vulnerability in templater.php in the ZZ_Templater module in TinyCMS 1.1.2, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the config[template] parameter. | ||||
| CVE-2008-4741 | 1 Far-php | 1 Far-php | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in FAR-PHP 1.00, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the c parameter. | ||||
| CVE-2008-4742 | 1 Timetrex | 1 Timetrex | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in interface/Login.php in TimeTrex 2.2.11 allow remote attackers to inject arbitrary web script or HTML via the (1) password and (2) user_name parameters. | ||||
| CVE-2008-4743 | 1 Quidascript | 1 Faq Management Script | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in QuidaScript FAQ Management Script allows remote attackers to execute arbitrary SQL commands via the catid parameter. | ||||
| CVE-2008-4744 | 1 Dxproscripts | 1 Dxshopcart | 2026-04-23 | N/A |
| SQL injection vulnerability in product_detail.php in DXShopCart 4.30mc allows remote attackers to execute arbitrary SQL commands via the pid parameter. | ||||
| CVE-2008-4756 | 1 Php-daily | 1 Php-daily | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in add_prest_date.php in PHP-Daily allows remote attackers to inject arbitrary web script or HTML via the date parameter. | ||||
| CVE-2008-4757 | 1 Php-daily | 1 Php-daily | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in PHP-Daily allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) add_postit.php (b) delete.php, and (c) mod_prest_date.php; and the (2) prev parameter to (d) prest_detail.php. | ||||
| CVE-2008-4758 | 1 Php-daily | 1 Php-daily | 2026-04-23 | N/A |
| Directory traversal vulnerability in download_file.php in PHP-Daily allows remote attackers to read arbitrary local files via a .. (dot dot) in the fichier parameter. | ||||
| CVE-2008-4759 | 1 Buzzscripts | 1 Buzzywall | 2026-04-23 | N/A |
| Directory traversal vulnerability in download.php in BuzzyWall 1.3.1 allows remote attackers to read arbitrary local files via a .. (dot dot) in the id parameter. | ||||
| CVE-2008-4760 | 1 Graphiks | 1 Myforum | 2026-04-23 | N/A |
| SQL injection vulnerability in lecture.php in Graphiks MyForum 1.3, when register_globals is enabled, allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-4762 | 1 Freesshd | 1 Freesshd | 2026-04-23 | N/A |
| Stack-based buffer overflow in freeSSHd 1.2.1 allows remote authenticated users to cause a denial of service (service crash) and potentially execute arbitrary code via a long argument to the (1) rename and (2) realpath parameters. | ||||