• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2008-5957
2018-10-11
N/A
N/A
SQL injection vulnerability in the Mydyngallery (com_mydyngallery) component 1.4.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the directory parameter to index.php.
CVE-2008-5956
2017-09-29
N/A
N/A
Wbstreet (aka PHPSTREET Webboard) 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain database credentials via a direct request to connect.inc.
CVE-2008-5955
2017-09-29
N/A
N/A
SQL injection vulnerability in show.php in Wbstreet (aka PHPSTREET Webboard) 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-5954
2017-08-08
N/A
N/A
SQL injection vulnerability in KTP Computer Customer Database (KTPCCD) CMS, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the lname parameter in a login action to an unspecified component. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-5953
2017-09-29
N/A
N/A
Directory traversal vulnerability in KTP Computer Customer Database (KTPCCD) CMS, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the p parameter to the default URI.
CVE-2008-5952
2017-09-29
N/A
N/A
SQL injection vulnerability in KTP Computer Customer Database (KTPCCD) CMS, when magic_quotes_gpc is disabled, allows remote authenticated users to execute arbitrary SQL commands via the tid parameter in a vtech action to the default URI.
CVE-2008-5951
2017-09-29
N/A
N/A
ASP Template Creature stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for workDB/templatemonster.mdb.
CVE-2008-5950
2017-09-29
N/A
N/A
SQL injection vulnerability in media/media_level.asp in ASP Template Creature allows remote attackers to execute arbitrary SQL commands via the mcatid parameter.
CVE-2008-5949
2017-09-29
N/A
N/A
Multiple PHP remote file inclusion vulnerabilities in ccTiddly 1.7.4 and 1.7.6 allow remote attackers to execute arbitrary PHP code via a URL in the cct_base parameter to (1) index.php; (2) handle/proxy.php; (3) header.php, (4) include.php, and (5) workspace.php in includes/; and (6) plugins/RSS/files/rss.php.
CVE-2008-5948
2017-09-29
N/A
N/A
Directory traversal vulnerability in index.php in BNCwi 1.04 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the newlanguage parameter.
« Previous 1 … 135 136 137 138 139 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE