• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2008-6257
2017-09-29
N/A
N/A
SQL injection vulnerability in default.asp in Openasp 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the idpage parameter in the pages module.
CVE-2008-6256
2018-10-11
N/A
N/A
SQL injection vulnerability in admincp/admincalendar.php in vBulletin 3.7.3.pl1 allows remote authenticated administrators to execute arbitrary SQL commands via the holidayinfo[recurring] parameter, a different vector than CVE-2005-3022.
CVE-2008-6255
2018-10-11
N/A
N/A
Multiple SQL injection vulnerabilities in vBulletin 3.7.4 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) answer parameter to admincp/verify.php, (2) extension parameter in an edit action to admincp/attachmentpermission.php, and the (3) iperm parameter to admincp/image.php.
CVE-2008-6254
2017-09-29
N/A
N/A
SQL injection vulnerability in scripts/documents.php in Jadu Galaxies allows remote attackers to execute arbitrary SQL commands via the categoryID parameter.
CVE-2008-6253
2017-10-11
N/A
N/A
Directory traversal vulnerability in data/inc/lib/pcltar.lib.php in Pluck 4.5.3, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the g_pcltar_lib_dir parameter.
CVE-2008-6252
2017-09-29
N/A
N/A
Stack-based buffer overflow in the smc program in smcFanControl 2.1.2 allows local users to execute arbitrary code and gain privileges via a long -k option.
CVE-2008-6251
2017-09-29
N/A
N/A
PHP remote file inclusion vulnerability in includes/init.php in phpFan 3.3.4 allows remote attackers to execute arbitrary PHP code via a URL in the includepath parameter.
CVE-2008-6250
2018-10-11
N/A
N/A
SQL injection vulnerability in Comdev Web Blogger 4.1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the arcmonth parameter to a blog page.
CVE-2008-6249
2017-09-29
N/A
N/A
SQL injection vulnerability in plugins/users/index.php in Galatolo WebManager 1.3a and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-6248
2017-09-29
N/A
N/A
Cross-site scripting (XSS) vulnerability in all.php in Galatolo WebManager 1.3a and earlier allows remote attackers to inject arbitrary web script or HTML via the tag parameter.
« Previous 1 … 105 106 107 108 109 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE