Search Results (364500 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-2048 1 Aspindir 1 Angelo-emlak 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in hpz/admin/Default.asp in Angelo-Emlak 1.0 allows remote attackers to inject arbitrary web script or HTML via the sayfa parameter.
CVE-2008-2049 1 E-post Corporation 1 Mail Server 2026-04-23 N/A
The POP3 server (EPSTPOP3S.EXE) 4.22 in E-Post Mail Server 4.10 allows remote attackers to obtain sensitive information via multiple crafted APOP commands for a known POP3 account, which displays the password in a POP3 error message.
CVE-2008-2050 1 Php 1 Php 2026-04-23 N/A
Stack-based buffer overflow in the FastCGI SAPI (fastcgi.c) in PHP before 5.2.6 has unknown impact and attack vectors.
CVE-2008-2091 1 Kubelabs 1 Kubelance 2026-04-23 N/A
Directory traversal vulnerability in ipn.php in KubeLabs Kubelance 1.6.4 allows remote attackers to include and execute arbitrary local files via the i parameter.
CVE-2008-2051 2 Php, Redhat 3 Php, Enterprise Linux, Rhel Application Stack 2026-04-23 N/A
The escapeshellcmd API function in PHP before 5.2.6 has unknown impact and context-dependent attack vectors related to "incomplete multibyte chars."
CVE-2008-2052 1 Bitrix24 1 Bitrix Site Manager 2026-04-23 6.1 Medium
Open redirect vulnerability in redirect.php in Bitrix Site Manager 6.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the goto parameter.
CVE-2008-2053 1 Cisco 1 Unified Customer Voice Portal 2026-04-23 N/A
Unspecified vulnerability in Cisco Unified Customer Voice Portal (CVP) 4.0.x before 4.0(2)_ES14, 4.1.x before 4.1(1)_ES11, and 7.x before 7.0(1) allows remote authenticated users with administrator role privileges to create, modify, or delete a superuser account.
CVE-2008-2054 1 Cisco 1 Ciscoworks Common Services 2026-04-23 N/A
Unspecified vulnerability in Cisco CiscoWorks Common Services 3.0.3 through 3.1.1 allows remote attackers to execute arbitrary code on a client machine via unknown vectors.
CVE-2008-2055 1 Cisco 2 Adaptive Security Appliance Software, Pix Security Appliance 2026-04-23 N/A
Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.1.x before 7.1(2)70, 7.2.x before 7.2(4), and 8.0.x before 8.0(3)10 allows remote attackers to cause a denial of service via a crafted TCP ACK packet to the device interface.
CVE-2008-2056 1 Cisco 3 Adaptive Security Appliance, Adaptive Security Appliance Software, Pix Security Appliance 2026-04-23 N/A
Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 8.0.x before 8.0(3)9 and 8.1.x before 8.1(1)1 allows remote attackers to cause a denial of service (device reload) via a crafted Transport Layer Security (TLS) packet to the device interface.
CVE-2008-2057 1 Cisco 2 Adaptive Security Appliance Software, Pix Security Appliance 2026-04-23 N/A
The Instant Messenger (IM) inspection engine in Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(4), 8.0.x before 8.0(3)10, and 8.1.x before 8.1(1)2 allows remote attackers to cause a denial of service via a crafted packet.
CVE-2008-2058 1 Cisco 2 Adaptive Security Appliance Software, Pix Security Appliance 2026-04-23 N/A
Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(3)2 and 8.0.x before 8.0(2)17 allows remote attackers to cause a denial of service (device reload) via a port scan against TCP port 443 on the device.
CVE-2008-2059 1 Cisco 2 Adaptive Security Appliance Software, Pix Security Appliance 2026-04-23 N/A
Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 8.0.x before 8.0(3)9 allows remote attackers to bypass control-plane ACLs for the device via unknown vectors.
CVE-2008-2060 1 Cisco 1 Intrusion Prevention System 2026-04-23 N/A
Unspecified vulnerability in Cisco Intrusion Prevention System (IPS) 5.x before 5.1(8)E2 and 6.x before 6.0(5)E2, when inline mode and jumbo Ethernet support are enabled, allows remote attackers to cause a denial of service (panic), and possibly bypass intended restrictions on network traffic, via a "specific series of jumbo Ethernet frames."
CVE-2008-2061 1 Cisco 1 Unified Communications Manager 2026-04-23 N/A
The Computer Telephony Integration (CTI) Manager service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3c) and 6.x before 6.1(2) allows remote attackers to cause a denial of service (TSP crash) via malformed network traffic to TCP port 2748.
CVE-2008-2062 1 Cisco 1 Unified Communications Manager 2026-04-23 N/A
The Real-Time Information Server (RIS) Data Collector service in Cisco Unified Communications Manager (CUCM) before 4.2(3)SR4, and 4.3 before 4.3(2)SR1, allows remote attackers to bypass authentication, and obtain cluster configuration information and statistics, via a direct TCP connection to the service port, aka Bug ID CSCsq35151.
CVE-2008-2063 1 Joovili 1 Joovili 2026-04-23 N/A
SQL injection vulnerability in browse.videos.php in Joovili 3.1 allows remote attackers to execute arbitrary SQL commands via the category parameter.
CVE-2008-2064 1 Phpgedview 1 Phpgedview 2026-04-23 N/A
Multiple unspecified vulnerabilities in PhpGedView before 4.1.5 have unknown impact and attack vectors related to "a fundamental design flaw in the interface (API) to connect phpGedView with external programs like content management systems."
CVE-2008-2065 1 Yourfreeworld 1 Jokes Site Script 2026-04-23 N/A
SQL injection vulnerability in jokes.php in YourFreeWorld Jokes Site Script allows remote attackers to execute arbitrary SQL commands via the catagorie parameter.
CVE-2008-2066 1 Minibb 1 Minibb 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in bb_admin.php in miniBB 2.2a allows remote attackers to inject arbitrary web script or HTML via the whatus parameter in a searchusers2 action. NOTE: it was later reported that other versions before 3.0.1 are also vulnerable.