Search Results (365162 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-4457 1 Memht 1 Memht Portal 2026-04-23 N/A
SQL injection vulnerability in inc/inc_statistics.php in MemHT Portal 3.9.0 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via a stats_res cookie to index.php.
CVE-2008-4458 1 E-php Scripts 1 B2b Trading Marketplace Script 2026-04-23 N/A
SQL injection vulnerability in listings.php in E-Php B2B Trading Marketplace Script allows remote attackers to execute arbitrary SQL commands via the cid parameter in a product action.
CVE-2008-4459 1 Extrovert Software 1 Thyme 2026-04-23 N/A
SQL injection vulnerability in pick_users.php in the groups module in eXtrovert Thyme 1.3 allows remote attackers to execute arbitrary SQL commands via the uname_search parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-4461 1 Vastal I-tech 1 Dating Zone 2026-04-23 N/A
SQL injection vulnerability in advanced_search_results.php in Vastal I-Tech Dating Zone, possibly 0.9.9, allows remote attackers to execute arbitrary SQL commands via the fage parameter.
CVE-2008-4462 1 Vastal I-tech 1 Visa Zone 2026-04-23 N/A
SQL injection vulnerability in view_news.php in Vastal I-Tech Visa Zone allows remote attackers to execute arbitrary SQL commands via the news_id parameter.
CVE-2008-4463 1 Vastal I-tech 1 Jobs Zone 2026-04-23 N/A
SQL injection vulnerability in view_news.php in Vastal I-Tech Jobs Zone allows remote attackers to execute arbitrary SQL commands via the news_id parameter.
CVE-2008-4464 1 Vastal I-tech 1 Mag Zone 2026-04-23 N/A
SQL injection vulnerability in view_mags.php in Vastal I-Tech Mag Zone allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
CVE-2008-4465 1 Vastal I-tech 1 Dvd Zone 2026-04-23 N/A
SQL injection vulnerability in view_mags.php in Vastal I-Tech DVD Zone allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
CVE-2008-4466 1 Vastal I-tech 1 Cosmetics Zone 2026-04-23 N/A
SQL injection vulnerability in view_products_cat.php in Vastal I-Tech Cosmetics Zone allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
CVE-2008-4467 1 Vastal I-tech 1 Toner Cart 2026-04-23 N/A
SQL injection vulnerability in show_series_ink.php in Vastal I-Tech Toner Cart allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-4468 1 Vastal I-tech 1 Share Zone 2026-04-23 N/A
SQL injection vulnerability in view_news.php in Vastal I-Tech Share Zone allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-4469 1 Vastal I-tech 1 Freelance Zone 2026-04-23 N/A
SQL injection vulnerability in view_cresume.php in Vastal I-Tech Freelance Zone allows remote attackers to execute arbitrary SQL commands via the coder_id parameter.
CVE-2008-4470 1 Numark 1 Cue 2026-04-23 N/A
Stack-based buffer overflow in Numark CUE 5.0 rev2 allows user-assisted attackers to cause a denial of service (application crash) or execute arbitrary code via an M3U playlist file that contains a long absolute pathname.
CVE-2008-4471 1 Autodesk 3 Design Review, Dwf Viewer, Revit Architecture 2026-04-23 N/A
Directory traversal vulnerability in the CExpressViewerControl class in the DWF Viewer ActiveX control (AdView.dll 9.0.0.96), as used in Revit Architecture 2009 SP2 and Autodesk Design Review 2009, allows remote attackers to overwrite arbitrary files via "..\" sequences in the argument to the SaveAS method.
CVE-2008-4472 1 Autodesk 3 Design Review, Dwf Viewer, Revit Architecture 2026-04-23 N/A
The UpdateEngine class in the LiveUpdate ActiveX control (LiveUpdate16.DLL 17.2.56), as used in Revit Architecture 2009 SP2 and Autodesk Design Review 2009, allows remote attackers to execute arbitrary programs via the second argument to the ApplyPatch method.
CVE-2008-4473 2 Adobe, Microsoft 2 Flash Player, Windows 2026-04-23 N/A
Multiple heap-based buffer overflows in Adobe Flash CS3 Professional on Windows and Flash MX 2004 allow remote attackers to execute arbitrary code via an SWF file containing long control parameters.
CVE-2008-4474 1 Freeradius 1 Freeradius 2026-04-23 N/A
freeradius-dialupadmin in freeradius 2.0.4 allows local users to overwrite arbitrary files via a symlink attack on temporary files in (1) backup_radacct, (2) clean_radacct, (3) monthly_tot_stats, (4) tot_stats, and (5) truncate_radacct.
CVE-2008-4475 1 Gnu 1 Ibackup 2026-04-23 N/A
ibackup 2.27 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
CVE-2008-4476 1 Sympa 1 Sympa 2026-04-23 N/A
sympa.pl in sympa 5.3.4 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/sympa_aliases.$$ temporary file. NOTE: wwsympa.fcgi was also reported, but the issue occurred in a dead function, so it is not a vulnerability.
CVE-2008-4477 1 Jim Trocki 1 Mon 2026-04-23 N/A
alert.d/test.alert in mon 0.99.2 allows local users to overwrite arbitrary files via a symlink attack on the test.alert.log temporary file.