• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2008-7127
Microfocus
Filr, Accurev, Acutoweb, Application_automation_tools, Application_lifecycle_management, Application_performance_management, Arcsight_enterprise_security_manager, Arcsight_enterprise_security_manager_express, Arcsight_logger, Arcsight_management_center
2017-08-17
N/A
N/A
osagent.exe in Borland VisiBroker Smart Agent 08.00.00.C1.03 and earlier allows remote attackers to cause a denial of service (crash) via a crafted packet with a large string length value to UDP port 14000, which triggers a memory allocation failure that is not properly handled.
CVE-2008-7126
Microfocus
Filr, Accurev, Acutoweb, Application_automation_tools, Application_lifecycle_management, Application_performance_management, Arcsight_enterprise_security_manager, Arcsight_enterprise_security_manager_express, Arcsight_logger, Arcsight_management_center
2017-08-17
N/A
N/A
Integer overflow in osagent.exe in Borland VisiBroker Smart Agent 08.00.00.C1.03 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet with a large string length value to UDP port 14000, which triggers a heap-based buffer overflow.
CVE-2008-7125
Ariadne-cms
Ariadne, Ariadne_cms, Ariadne_component_library
2017-08-17
N/A
N/A
pphoto in Ariadne before 2.6 allows remote authenticated users with certain privileges to execute arbitrary shell commands via vectors related to PINP programs and the annotate command. NOTE: some of these details are obtained from third party information.
CVE-2008-7124
Zkup
2017-09-29
N/A
N/A
zKup CMS 2.0 through 2.3 does not require administrative authentication for admin/configuration/modifier.php, which allows remote attackers to gain administrator privileges via a direct request, as demonstrated by adding a new administrator.
CVE-2008-7123
Zkup
2017-09-29
N/A
N/A
Static code injection vulnerability in admin/configuration/modifier.php in zKup CMS 2.0 through 2.3 allows remote attackers to inject arbitrary PHP code into fichiers/config.php via a null byte (%00) in the login parameter in an ajout action, which bypasses the regular expression check.
CVE-2008-7122
Evansprogramming, Registry Pro
Registry_pro
2017-09-29
N/A
N/A
Multiple insecure method vulnerabilities in an ActiveX control in (epRegPro.ocx) in Evans Programming Registry Pro allow remote attackers to read and modify sensitive registry keys via the (1) About, (2) CreateKey, (3) DeleteBranch, (4) DeleteKey, (5) DeleteValue, (6) EnumKeys, (7) EnumValues, (8) QueryType, (9) QueryValue, (10) RenameKey, and (11) SetValue methods.
CVE-2008-7121
Hot Links Sql-php, Mrcgiguy
Freeticket, Guestbook, Hot_links, Hot_links_sql-php, The_ticket_system
2009-08-28
N/A
N/A
Cross-site scripting (XSS) vulnerability in Mr. CGI Guy Hot Links SQL-PHP 3 and earlier allows remote attackers to inject arbitrary web script or HTML via the search bar.
CVE-2008-7120
Hot Links Sql-php, Mrcgiguy
Freeticket, Guestbook, Hot_links, Hot_links_sql-php, The_ticket_system
2009-08-28
N/A
N/A
SQL injection vulnerability in Mr. CGI Guy Hot Links SQL-PHP 3 and earlier allows remote attackers to execute arbitrary SQL commands via the news.php parameter.
CVE-2008-7119
Webid, Webidsupport
Webid
2017-09-29
N/A
N/A
SQL injection vulnerability in item.php in WeBid auction script 0.5.4 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-7118
Webid, Webidsupport
Webid
2017-09-29
N/A
N/A
WeBid auction script 0.5.4 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain SQL query logs via a direct request for logs/cron.log.
« Previous 1 … 18 19 20 21 22 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE