Search Results (364909 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-0145 1 Php 1 Php 2026-04-23 N/A
Unspecified vulnerability in glob in PHP before 4.4.8, when open_basedir is enabled, has unknown impact and attack vectors. NOTE: this issue reportedly exists because of a regression related to CVE-2007-4663.
CVE-2008-0146 1 Hughes Technologies 1 W3-msql 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the error page in W3-mSQL allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the top-level URI.
CVE-2008-0147 1 Smallnuke 1 Smallnuke 2026-04-23 N/A
SQL injection vulnerability in index.php in SmallNuke 2.0.4 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via (1) the user_email parameter and possibly (2) username parameter in a Members action.
CVE-2008-0148 1 Tutos 1 Tutos 2026-04-23 N/A
TUTOS 1.3 does not restrict access to php/admin/cmd.php, which allows remote attackers to execute arbitrary shell commands via the cmd parameter in a direct request.
CVE-2008-0149 1 Tutos 1 Tutos 2026-04-23 N/A
TUTOS 1.3 allows remote attackers to read system information via a direct request to php/admin/phpinfo.php, which calls the phpinfo function.
CVE-2008-0150 1 Aruba Networks 1 Aruba Mobility Controllers 2026-04-23 N/A
Unspecified vulnerability in the LDAP authentication feature in Aruba Mobility Controller 2.3.6.15, 2.5.2.11, 2.5.4.25, 2.5.5.7, 3.1.1.3, and 2.4.8.11-FIPS or earlier allows remote attackers to bypass authentication mechanisms and obtain management or VPN interface access.
CVE-2008-0151 1 Foxitsoftware 1 Wac Server 2026-04-23 N/A
Heap-based buffer overflow in Foxit WAC Server 2.1.0.910, 2.0 Build 3503, and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a Telnet request with long options.
CVE-2008-0152 1 Seattle Lab Software 1 Slnet Rf Telnet Server 2026-04-23 N/A
SLnet.exe in SeattleLab SLNet RF Telnet Server 4.1.1.3758 and earlier allows user-assisted remote attackers to cause a denial of service (crash) via unspecified telnet options, which triggers a NULL pointer dereference. NOTE: the crash is not user-assisted when the server is running in debug mode.
CVE-2008-0153 1 Pragma Systems 1 Pragma Telnetserver 2026-04-23 N/A
telnetd.exe in Pragma TelnetServer 7.0.4.589 allows remote attackers to cause a denial of service (process crash and resource exhaustion) via a crafted TELOPT PRAGMA LOGON telnet option, which triggers a NULL pointer dereference.
CVE-2008-0154 1 Evilboard 1 Evilboard 2026-04-23 N/A
SQL injection vulnerability in index.php in EvilBoard 0.1a (Alpha) allows remote attackers to execute arbitrary SQL commands the c parameter.
CVE-2008-0156 1 Million Dollar Script 1 Million Dollar Script 2026-04-23 N/A
Absolute path traversal vulnerability in index.php in Million Dollar Script 2.0.14 allows remote attackers to read arbitrary files via encoded "/" (%2F) sequences in the link parameter.
CVE-2008-0157 1 Flexbb 1 Flexbb 2026-04-23 N/A
SQL injection vulnerability in FlexBB 0.6.3 and earlier allows remote attackers to execute arbitrary SQL commands via the flexbb_temp_id parameter in a cookie.
CVE-2008-0158 1 Shop-script 1 Shop-script 2026-04-23 N/A
Directory traversal vulnerability in index.php in Shop-Script 2.0 and possibly other versions allows remote attackers to read arbitrary files via a .. (dot dot) in the aux_page parameter.
CVE-2008-0159 1 Eggblog 1 Eggblog 2026-04-23 N/A
SQL injection vulnerability in index.php in eggBlog 3.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the eggblogpassword parameter in a cookie.
CVE-2008-0162 2 Debian, Sam Lantinga 2 Debian Linux, Splitvt 2026-04-23 N/A
misc.c in splitvt 1.6.6 and earlier does not drop group privileges before executing xprop, which allows local users to gain privileges.
CVE-2008-0163 1 Linux 1 Linux Kernel 2026-04-23 N/A
Linux kernel 2.6, when using vservers, allows local users to access resources of other vservers via a symlink attack in /proc.
CVE-2008-0164 1 Plone 1 Plone Cms 2026-04-23 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in Plone CMS 3.0.5 and 3.0.6 allow remote attackers to (1) add arbitrary accounts via the join_form page and (2) change the privileges of arbitrary groups via the prefs_groups_overview page.
CVE-2008-0165 1 Ikiwiki 1 Ikiwiki 2026-04-23 N/A
Cross-site request forgery (CSRF) vulnerability in Ikiwiki before 2.42 allows remote attackers to modify user preferences, including passwords, via the (1) preferences and (2) edit forms.
CVE-2008-0166 3 Canonical, Debian, Openssl 3 Ubuntu Linux, Debian Linux, Openssl 2026-04-23 7.5 High
OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems uses a random number generator that generates predictable numbers, which makes it easier for remote attackers to conduct brute force guessing attacks against cryptographic keys.
CVE-2008-0167 2 Debian, Gforge 2 Debian Linux, Gforge 2026-04-23 N/A
The write_array_file function in utils/include.pl in GForge 4.5.14 updates configuration files by truncating them to zero length and then writing new data, which might allow attackers to bypass intended access restrictions or have unspecified other impact in opportunistic circumstances.