Export limit exceeded: 366311 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (366311 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-1623 | 1 Lotus Web Studios Inc | 1 Smoothflash | 2026-04-23 | N/A |
| SQL injection vulnerability in admin_view_image.php in Smoothflash allows remote attackers to execute arbitrary SQL commands via the cid parameter. | ||||
| CVE-2008-1624 | 1 Whorl Ltd | 1 Jshop Server | 2026-04-23 | N/A |
| Directory traversal vulnerability in v2demo/page.php in Jshop Server 1.x through 2.x allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the xPage parameter. | ||||
| CVE-2008-1625 | 1 Avast | 2 Avast Antivirus Home, Avast Antivirus Professional | 2026-04-23 | N/A |
| aavmker4.sys in avast! Home and Professional 4.7 for Windows does not properly validate input to IOCTL 0xb2d60030, which allows local users to gain privileges via certain IOCTL requests. | ||||
| CVE-2008-1626 | 1 Eggblog | 1 Eggblog | 2026-04-23 | N/A |
| SQL injection vulnerability in eggBlog before 4.0.1 allows remote attackers to execute arbitrary SQL commands via an unspecified cookie. NOTE: this might overlap CVE-2008-0159. | ||||
| CVE-2008-1627 | 1 Cds Software Consortium | 1 Invenio | 2026-04-23 | N/A |
| CDS Invenio 0.92.1 and earlier allows remote authenticated users to delete email notification alerts of arbitrary users via a modified internal UID. | ||||
| CVE-2008-1628 | 1 Linux | 1 Audit | 2026-04-23 | N/A |
| Stack-based buffer overflow in the audit_log_user_command function in lib/audit_logging.c in Linux Audit before 1.7 might allow remote attackers to execute arbitrary code via a long command argument. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-1629 | 1 Pau Rodriguez | 1 Phpkrm | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in PHPkrm before 1.5.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2008-1454 | 1 Microsoft | 4 Windows 2000, Windows Server 2003, Windows Server 2008 and 1 more | 2026-04-23 | N/A |
| Unspecified vulnerability in Microsoft DNS in Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008 allows remote attackers to conduct cache poisoning attacks via unknown vectors related to accepting "records from a response that is outside the remote server's authority," aka "DNS Cache Poisoning Vulnerability," a different vulnerability than CVE-2008-1447. | ||||
| CVE-2008-1220 | 1 Phpnuke | 1 4nchat | 2026-04-23 | N/A |
| SQL injection vulnerability in the 4nChat 0.91 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the roomid parameter in an index action to modules.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-1221 | 1 Microworld Technologies | 3 Escan, Escan Management Console, Escan Server | 2026-04-23 | N/A |
| Absolute path traversal vulnerability in the FTP server in MicroWorld eScan Corporate Edition 9.0.742.98 and eScan Management Console (aka eScan Server) 9.0.742.1 allows remote attackers to read arbitrary files via an absolute pathname in the RETR (get) command. | ||||
| CVE-2008-1222 | 1 Dokeos | 1 Open Source Learning And Knowledge Management Tool | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Dokeos 1.8.4 before SP3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2008-1223 | 1 Dokeos | 1 Open Source Learning And Knowledge Management Tool | 2026-04-23 | N/A |
| Unspecified vulnerability in Dokeos 1.8.4 before SP3 allows attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2008-1224 | 1 Bosdev | 1 Bosclassifieds Classified Ads | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in account.php in BosClassifieds Classified Ads System 3.0 allows remote attackers to inject arbitrary web script or HTML via the returnTo parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-1225 | 1 Webct | 1 Webct | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in WebCT Campus Edition 4.1.5.8, when "Don't wrap text" is enabled, allow remote authenticated users to inject arbitrary web script or HTML via a (1) mail message or (2) discussion board message. NOTE: this might overlap CVE-2005-1076. | ||||
| CVE-2008-1226 | 1 Zimbra | 1 Collaboration Suite | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Collaboration Suite (ZCS) 4.0.3, 4.5.6, and possibly other versions before 4.5.10 allow remote attackers to inject arbitrary web script or HTML via an e-mail attachment, possibly involving a (1) .jpg or (2) .gif image attachment. | ||||
| CVE-2008-1227 | 1 Silc | 1 Silc Toolkit | 2026-04-23 | N/A |
| Stack-based buffer overflow in the silc_fingerprint function in lib/silcutil/silcutil.c in Secure Internet Live Conferencing (SILC) Toolkit 1.1.5, and unspecified earlier versions, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via long input data. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-1228 | 1 Minigal | 1 Mg2 | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in admin.php in MG2 (formerly Minigal) allows remote attackers to inject arbitrary web script or HTML via the list parameter in an import action. | ||||
| CVE-2008-1229 | 1 Jspwiki | 1 Jspwiki | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Edit.jsp in JSPWiki 2.4.104 and 2.5.139 allows remote attackers to inject arbitrary web script or HTML via the editor parameter, a different vector than CVE-2007-5120.b. | ||||
| CVE-2008-1230 | 1 Jspwiki | 1 Jspwiki | 2026-04-23 | N/A |
| Unrestricted file upload vulnerability in JSPWiki 2.4.104 and 2.5.139 allows remote attackers to upload and execute arbitrary .jsp files via an unspecified manipulation that attaches a .jsp file to an "entry page." | ||||
| CVE-2008-1231 | 1 Jspwiki | 1 Jspwiki | 2026-04-23 | N/A |
| Directory traversal vulnerability in Edit.jsp in JSPWiki 2.4.104 and 2.5.139 allows remote attackers to include and execute arbitrary local .jsp files, and obtain sensitive information, via a .. (dot dot) in the editor parameter. | ||||