• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2008-7047
Natterchat
2017-09-29
N/A
N/A
NatterChat 1.1 allows remote attackers to bypass authentication and gain administrator privileges to read or delete rooms and messages via a direct request to admin/home.asp.
CVE-2008-7046
Ajsquare, Free Polling Script
Aj_article, Aj_auction_pro-oopd, Aj_classifieds, Aj_hyip, Aj_matrix_dna, Aj_shopping_cart, Free_polling_script, Zeuscart
2009-08-24
N/A
N/A
AJ Square Free Polling Script (AJPoll) allows remote attackers to bypass authentication and create new polls via a direct request to admin/include/newpoll.php, a different vector than CVE-2008-7045. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-7045
Ajsquare, Free Polling Script
Aj_article, Aj_auction_pro-oopd, Aj_classifieds, Aj_hyip, Aj_matrix_dna, Aj_shopping_cart, Free_polling_script, Zeuscart
2017-09-29
N/A
N/A
AJ Square Free Polling Script (AJPoll) Database version allows remote attackers to bypass authentication and reset poll votes via a direct request to admin/resetvote.php.
CVE-2008-7044
Ajsquare, Free Polling Script
Aj_article, Aj_auction_pro-oopd, Aj_classifieds, Aj_hyip, Aj_matrix_dna, Aj_shopping_cart, Free_polling_script, Zeuscart
2017-09-29
N/A
N/A
SQL injection vulnerability in admin/include/newpoll.php in AJ Square Free Polling Script (AJPoll) Database version allows remote attackers to execute arbitrary SQL commands via the ques parameter.
CVE-2008-7043
Freshscripts
Fresh_email_script
2017-09-29
N/A
N/A
Cross-site scripting (XSS) vulnerability in register.php in FreshScripts Fresh Email Script 1.0 through 1.11 allows remote attackers to inject arbitrary web script or HTML via the Email parameter. NOTE: this can be leveraged to modify cookies and conduct session fixation attacks.
CVE-2008-7042
Freshscripts
Fresh_email_script
2017-09-29
N/A
N/A
PHP remote file inclusion vulnerability in url.php in FreshScripts Fresh Email Script 1.0 through 1.11 allows remote attackers to execute arbitrary PHP code via a URL in the tmp_sid parameter.
CVE-2008-7041
Aj Classifieds, Ajsquare
Aj_article, Aj_auction_pro-oopd, Aj_classifieds, Aj_hyip, Aj_matrix_dna, Aj_shopping_cart, Free_polling_script, Zeuscart
2017-09-29
N/A
N/A
AJ Classifieds allows remote attackers to bypass authentication and gain administrator privileges via a direct request to admin/home.php.
CVE-2008-7040
Simple Forum, Yellowswordfish
Simple_forum
2017-08-17
N/A
N/A
SQL injection vulnerability in ahah/sf-profile.php in the Yellow Swordfish Simple Forum module for Wordpress allows remote attackers to execute arbitrary SQL commands via the u parameter. NOTE: this issue was disclosed by an unreliable researcher, so the details might be incorrect.
CVE-2008-7039
Gelatocms
2017-08-17
N/A
N/A
Cross-site scripting (XSS) vulnerability in admin/comments.php in Gelato CMS 0.95 allows remote attackers to inject arbitrary web script or HTML via the content parameter in a comment. NOTE: some of these details are obtained from third party information.
CVE-2008-7038
Php-nuke, Phpnuke
Advanced_classified_module, Autohtml_module, Current_issue_module, Downloads_module, Downloadsplus_module, Eboard_module, Emporium_module, Ev, Hadith_module, Iframe_module, 4nchat, 4ndvddb, Book, Easycontent_module, Kose_yazilari_module, Kutubisitte_component, Myheadlines, Nukestyles_viewpage_module, Okul_module, Php-nuke
2018-10-11
N/A
N/A
SQL injection vulnerability in the My_eGallery module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the gid parameter in a showgall action to modules.php. NOTE: this issue was disclosed by an unreliable researcher, so the details might be incorrect.
« Previous 1 … 26 27 28 29 30 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE