Search Results (365153 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-4507 1 Ibm 1 Lotus Quickr 2026-04-23 N/A
Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 (8.1.0.1) allows editors to delete pages that were created by a different author via unknown vectors.
CVE-2008-4508 1 Tonec Inc. 1 Internet Download Manager 2026-04-23 N/A
Stack-based buffer overflow in the file parsing function in Tonec Internet Download Manager, possibly 5.14 and earlier, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted AppleDouble file containing a long string. NOTE: this is probably a different vulnerability than CVE-2005-2210.
CVE-2008-4509 1 Foss Gallery 1 Foss Gallery 2026-04-23 N/A
Unrestricted file upload vulnerability in processFiles.php in FOSS Gallery Admin and FOSS Gallery Public 1.0 beta allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the root directory.
CVE-2008-4510 1 Microsoft 1 Windows Vista 2026-04-23 N/A
Microsoft Windows Vista Home and Ultimate Edition SP1 and earlier allows local users to cause a denial of service (page fault and system crash) via multiple attempts to access a virtual address in a PAGE_NOACCESS memory page.
CVE-2008-4511 1 Todd Woolums 1 Asp News Management 2026-04-23 N/A
Todd Woolums ASP News Management, possibly 2.21, stores db/news.mdb under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request.
CVE-2008-4512 1 Designplace 1 Asp\/ms Access Shoutbox 2026-04-23 N/A
ASP/MS Access Shoutbox, probably 1.1 beta, stores db/shoutdb.mdb under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request.
CVE-2008-4513 1 Phorum 1 Phorum 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in BBcode API module in Phorum 5.2.8 allows remote attackers to inject arbitrary web script or HTML via nested BBcode image tags.
CVE-2008-4514 1 Konqueror 1 Konqueror 2026-04-23 N/A
The HTML parser in KDE Konqueror 3.5.9 allows remote attackers to cause a denial of service (application crash) via a font tag with a long color value, which triggers an assertion error.
CVE-2008-4515 1 Blue Coat Systems 1 K9 Web Protection 2026-04-23 N/A
Blue Coat K9 Web Protection 4.0.230 Beta relies on client-side JavaScript as a protection mechanism, which allows remote attackers to bypass authentication and access the (1) summary, (2) detail, (3) overrides, and (4) pwemail pages by disabling JavaScript.
CVE-2008-4516 1 Galerie 1 Galerie 2026-04-23 N/A
SQL injection vulnerability in galerie.php in Galerie 3.2 allows remote attackers to execute arbitrary SQL commands via the pic parameter.
CVE-2008-4517 1 Geccbblite 1 Geccbblite 2026-04-23 N/A
SQL injection vulnerability in leggi.php in geccBBlite 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-4518 1 Fastpublish 1 Fastpublish Cms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Fastpublish CMS 1.9.9.9.9 d (1.9999 d) allow remote attackers to execute arbitrary SQL commands via the (1) sprache parameter to index2.php and the (2) artikel parameter to index.php.
CVE-2008-4519 1 Fastpublish 1 Fastpublish Cms 2026-04-23 N/A
Multiple directory traversal vulnerabilities in Fastpublish CMS 1.9999 d allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the target parameter to (1) index2.php and (2) index.php.
CVE-2008-4520 1 Autonessus 1 Autonessus 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in bulk_update.pl in AutoNessus before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the remark parameter.
CVE-2008-4521 1 Php-fusion 1 World Of Warcraft Tracker Infusion Module 2026-04-23 N/A
SQL injection vulnerability in thisraidprogress.php in the World of Warcraft tracker infusion (raidtracker_panel) module 2.0 for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the INFO_RAID_ID parameter.
CVE-2008-4522 1 Jesse-web 1 Jmweb Mp3 Music Audio Search And Download Script 2026-04-23 N/A
Multiple directory traversal vulnerabilities in JMweb MP3 Music Audio Search and Download Script allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the src parameter to (1) listen.php and (2) download.php.
CVE-2008-4523 1 Ip Reg 1 Ip Reg 2026-04-23 N/A
SQL injection vulnerability in login.php in IP Reg 0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the user_name parameter.
CVE-2008-4524 1 Adaptcms 1 Adaptcms 2026-04-23 N/A
SQL injection vulnerability in the "Check User" feature (includes/check_user.php) in AdaptCMS Lite and AdaptCMS Pro 1.3 allows remote attackers to execute arbitrary SQL commands via the user_name parameter.
CVE-2008-4525 1 Ampjuke 1 Ampjuke 2026-04-23 N/A
SQL injection vulnerability in index.php in AmpJuke 0.7.5 allows remote attackers to execute arbitrary SQL commands via the special parameter in a performerid action.
CVE-2008-4526 1 Customcms 1 Ccms 2026-04-23 N/A
Multiple directory traversal vulnerabilities in CCMS 3.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the skin parameter to (1) index.php, (2) forums.php, (3) admin.php, (4) header.php, (5) pages/story.php and (6) pages/poll.php.