Search Results (366811 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-1755 1 Zekewalker 1 World Of Phaos 2026-04-23 N/A
Directory traversal vulnerability in the showSource function in showSource.php in World of Phaos 4.0.1 allows remote attackers to read arbitrary files via directory traversal sequences in the file parameter.
CVE-2008-1756 1 Sun 1 N1 Grid Engine 2026-04-23 N/A
Unspecified vulnerability in the Qmaster daemon in Sun N1 Grid Engine 6.1 allows local users to cause a denial of service (daemon crash) via unspecified vectors.
CVE-2008-1757 1 Kwsphp 1 Kwsphp 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.php in the ConcoursPhoto module for KwsPHP 1.0 allows remote attackers to inject arbitrary web script or HTML via the VIEW parameter.
CVE-2008-1758 1 Kwsphp 1 Kwsphp 2026-04-23 N/A
SQL injection vulnerability in the ConcoursPhoto module for KwsPHP allows remote attackers to execute arbitrary SQL commands via the C_ID parameter to index.php.
CVE-2008-1759 2 Jeuxflash, Kwsphp 2 Jeuxflash Module, Kwsphp 2026-04-23 N/A
SQL injection vulnerability in the jeuxflash module for KwsPHP allows remote attackers to execute arbitrary SQL commands via the cat parameter to index.php, a different vector than CVE-2007-4922.
CVE-2008-1760 1 Blogator-script 1 Blogator-script 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in Blogator-script before 1.01 allow remote attackers to execute arbitrary PHP code via a URL in the incl_page parameter in (1) struct_admin.php, (2) struct_admin_blog.php, and (3) struct_main.php in _blogadata/include.
CVE-2008-1761 1 Opera 1 Opera 2026-04-23 N/A
Opera before 9.27 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted newsfeed source, which triggers an invalid memory access.
CVE-2008-1762 1 Opera 1 Opera Browser 2026-04-23 N/A
Opera before 9.27 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted scaled image pattern in an HTML CANVAS element, which triggers memory corruption.
CVE-2008-1763 1 Blogator Script 1 Blogator Script 2026-04-23 N/A
SQL injection vulnerability in _blogadata/include/sond_result.php in Blogator-script 0.95 allows remote attackers to execute arbitrary SQL commands via the id_art parameter.
CVE-2008-1765 1 Adobe 1 Photoshop 2026-04-23 N/A
Buffer overflow in Adobe Photoshop Album Starter Edition 3.2, and possibly After Effects CS3, allows user-assisted remote attackers and physically proximate attackers to execute arbitrary code via a BMP file with an invalid image header. NOTE: the related issue in Photoshop CS3 is already covered by CVE-2007-2244.
CVE-2008-1766 1 Phpbb 1 Phpbb 2026-04-23 N/A
Multiple unspecified vulnerabilities in phpBB before 3.0.1 have unknown impact and attack vectors, related to "two minor security-related bugs."
CVE-2008-1767 1 Redhat 5 Desktop, Enterprise Linux, Enterprise Linux Desktop and 2 more 2026-04-23 N/A
Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large number of steps.
CVE-2008-1768 1 Videolan 1 Vlc 2026-04-23 N/A
Multiple integer overflows in VLC before 0.8.6f allow remote attackers to cause a denial of service (crash) via the (1) MP4 demuxer, (2) Real demuxer, and (3) Cinepak codec, which triggers a buffer overflow.
CVE-2008-1769 1 Videolan 1 Vlc 2026-04-23 N/A
VLC before 0.8.6f allow remote attackers to cause a denial of service (crash) via a crafted Cinepak file that triggers an out-of-bounds array access and memory corruption.
CVE-2008-1770 1 Akamai 1 Download Manager 2026-04-23 N/A
CRLF injection vulnerability in Akamai Download Manager ActiveX control before 2.2.3.6 allows remote attackers to force the download and execution of arbitrary files via a URL parameter containing an encoded LF followed by a malicious target line.
CVE-2008-1771 1 Fireflymediaserver 1 Fireflymediaserver 2026-04-23 N/A
Integer overflow in the ws_getpostvars function in Firefly Media Server (formerly mt-daapd) 0.2.4.1 (0.9~r1696-1.2 on Debian) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP POST request with a large Content-Length.
CVE-2008-1772 1 Iscripts 1 Socialware 2026-04-23 N/A
iScripts SocialWare stores passwords in cleartext in a database, which allows context-dependent attackers to obtain sensitive information.
CVE-2008-1775 1 Manageengine 1 Firewall Analyzer 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in mindex.do in ManageEngine Firewall Analyzer 4.0.3 allows remote attackers to inject arbitrary web script or HTML via the displayName parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-1776 1 Phpblock 1 Phpblock 2026-04-23 N/A
PHP remote file inclusion vulnerability in modules/basicfog/basicfogfactory.class.php in PhpBlock A8.4 allows remote attackers to execute arbitrary PHP code via a URL in the PATH_TO_CODE parameter.
CVE-2008-1777 1 Novell 1 Edirectory 2026-04-23 N/A
The eDirectory Host Environment service (dhost.exe) in Novell eDirectory 8.8.2 allows remote attackers to cause a denial of service (CPU consumption) via a long HTTP HEAD request to TCP port 8028.