Export limit exceeded: 364861 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (364861 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-3224 | 1 Phpbb | 1 Phpbb | 2026-04-23 | N/A |
| Unspecified vulnerability in phpBB before 3.0.1 has unknown impact and attack vectors related to "urls gone through redirect() being used within login_box()." | ||||
| CVE-2008-3223 | 2 Drupal, Fedoraproject | 2 Drupal, Fedora | 2026-04-23 | N/A |
| SQL injection vulnerability in the Schema API in Drupal 6.x before 6.3 allows remote attackers to execute arbitrary SQL commands via vectors related to "an inappropriate placeholder for 'numeric' fields." | ||||
| CVE-2008-3225 | 1 Joomla | 1 Joomla | 2026-04-23 | N/A |
| Joomla! before 1.5.4 allows attackers to access administration functionality, which has unknown impact and attack vectors related to a missing "LDAP security fix." | ||||
| CVE-2008-3226 | 1 Joomla | 1 Joomla | 2026-04-23 | N/A |
| The file caching implementation in Joomla! before 1.5.4 allows attackers to access cached pages via unknown attack vectors. | ||||
| CVE-2008-3227 | 1 Joomla | 1 Joomla | 2026-04-23 | N/A |
| Unspecified vulnerability in Joomla! before 1.5.4 has unknown impact and attack vectors related to a "User Redirect Spam fix," possibly an open redirect vulnerability. | ||||
| CVE-2008-3228 | 1 Joomla | 1 Joomla | 2026-04-23 | N/A |
| Joomla! before 1.5.4 does not configure .htaccess to apply certain security checks that "block common exploits" to SEF URLs, which has unknown impact and remote attack vectors. | ||||
| CVE-2008-3229 | 1 Swapoff | 1 Op | 2026-04-23 | N/A |
| Stack-based buffer overflow in op before Changeset 563, when xauth support is enabled, allows local users to gain privileges via a long XAUTHORITY environment variable. | ||||
| CVE-2008-3677 | 1 Openfreeway | 1 Freeway | 2026-04-23 | N/A |
| Directory traversal vulnerability in includes/events_application_top.php in Freeway before 1.4.2.197 allows remote attackers to include and execute arbitrary local files via unspecified vectors. | ||||
| CVE-2008-3231 | 1 Xine | 1 Xine-lib | 2026-04-23 | N/A |
| xine-lib before 1.1.15 allows remote attackers to cause a denial of service (crash) via a crafted OGG file, as demonstrated by playing lol-ffplay.ogg with xine. | ||||
| CVE-2008-3233 | 1 Wordpress | 1 Wordpress | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in WordPress before 2.6, SVN development versions only, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2008-3234 | 2 Debian, Openbsd | 2 Debian Linux, Openssh | 2026-04-23 | N/A |
| sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH snapshot, allows remote authenticated users to obtain access to arbitrary SELinux roles by appending a :/ (colon slash) sequence, followed by the role name, to the username. | ||||
| CVE-2008-3235 | 1 Ibm | 1 Websphere Application Server | 2026-04-23 | N/A |
| Unspecified vulnerability in the PropFilePasswordEncoder utility in the Security component in IBM WebSphere Application Server (WAS) 5.1 before 5.1.1.19 has unknown impact and attack vectors. | ||||
| CVE-2008-3236 | 1 Ibm | 1 Websphere Application Server | 2026-04-23 | N/A |
| Unspecified vulnerability in Wsadmin in the System Management/Repository component in IBM WebSphere Application Server (WAS) 5.1 before 5.1.1.19 allows attackers to obtain sensitive information via vectors related to "previously encrypted properties" that are not encrypted. | ||||
| CVE-2008-3237 | 1 Itechscripts | 1 Itechbids | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in forward_to_friend.php in ITechBids 7.0 Gold allows remote attackers to inject arbitrary web script or HTML via the productid parameter. | ||||
| CVE-2008-3238 | 1 Itechscripts | 1 Itechbids | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in ITechBids 7.0 Gold allow remote attackers to execute arbitrary SQL commands via (1) the seller_id parameter in sellers_othersitem.php, (2) the productid parameter in classifieds.php, and (3) the id parameter in shop.php. | ||||
| CVE-2008-3240 | 1 Alstrasoft | 1 Affiliate Network Pro | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in AlstraSoft Affiliate Network Pro allows remote attackers to execute arbitrary SQL commands via the pgm parameter in a directory action. | ||||
| CVE-2008-3241 | 1 Ultrastats | 1 Ultrastats | 2026-04-23 | N/A |
| SQL injection vulnerability in players-detail.php in UltraStats 0.2.136, 0.2.140, and 0.2.142 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-3242 | 1 Ppmate | 1 Ppmedia Class | 2026-04-23 | N/A |
| Heap-based buffer overflow in the PPMedia Class ActiveX control in PPMPlayer.dll in PPMate 2.3.1.93 allows remote attackers to execute arbitrary code via a long argument to the StartUrl method. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-3243 | 1 F-prot | 2 F-prot Antivirus, Scanning Engine | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in the scanning engine before 4.4.4 in F-Prot Antivirus before 6.0.9.0 allow remote attackers to cause a denial of service via (1) a crafted UPX-compressed file, which triggers an engine crash; (2) a crafted Microsoft Office file, which triggers an infinite loop; or (3) an ASPack-compressed file, which triggers an engine crash. | ||||
| CVE-2008-3244 | 1 F-prot | 2 F-prot Antivirus, Scanning Engine | 2026-04-23 | N/A |
| The scanning engine before 4.4.4 in F-Prot Antivirus before 6.0.9.0 allows remote attackers to cause a denial of service (engine crash) via a CHM file with a large nb_dir value that triggers an out-of-bounds read. | ||||