• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2008-7037
Itn, Itn News Gadget
Itn_news_gadget
2017-08-17
N/A
N/A
The Sidebar gadget in ITN News Gadget (aka ITN Hub Gadget) 1.06 for Windows Vista, and possibly other versions before 1.23, allows remote web servers or man-in-the-middle attackers to execute arbitrary commands via script in a short_title response.
CVE-2008-7036
Bcoos, E-xoops
Devtracker, Event_calendar
2017-08-17
N/A
N/A
Multiple cross-site scripting (XSS) vulnerabilities in index.php in DevTracker module 3.0 for bcoos 1.1.11 and earlier, and DevTracker module 0.20 for E-XooPS 1.0.8 and earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) direction and (2) order_by parameters.
CVE-2008-7035
Phpraider, Simple Machines
Opencart, Phpraider, Simple_machines_forum, Simple_machines_smf, Smf, Smf_shoutbox
2017-08-17
N/A
N/A
Cross-site scripting (XSS) vulnerability in an unspecified component in Simple Machines phpRaider 1.0.7 allows remote attackers to inject arbitrary web script or HTML via the resistance field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-7034
Tigran Abrahamyan
Phpecho_cms
2017-08-17
N/A
N/A
PHP remote file inclusion vulnerability in kernel/smarty/Smarty.class.php in PHPEcho CMS 2.0 rc3 allows remote attackers to execute arbitrary PHP code via a URL in unspecified vectors that modify the _smarty_compile_path variable in the fetch function.
CVE-2008-7033
Galore, Joomla
Com_simpleshop, Akobook, Be_it_easypartner_component, Bibtex, Bsq_sitestats, Car_manager, Classifieds_component, Colophon, Com_acajoom, Com_acctexp, Com_artistavenue
2017-08-17
N/A
N/A
SQL injection vulnerability in the Simple Shop Galore (com_simpleshop) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the section parameter in a section action to index.php, a different vulnerability than CVE-2008-2568. NOTE: this issue was disclosed by an unreliable researcher, so the details might be incorrect.
CVE-2008-7032
Big-ip, F5
Big-ip_b2250_firmware, Big-ip_b2250, Big-ip_b4300_firmware, Big-ip_b4300, Big-ip_b4340n_firmware, Big-ip_b4340n, Big-ip_b4450n_firmware, Big-ip_b4450n, Big-ip_10000s_firmware, Big-ip_10000s
2018-10-11
N/A
N/A
Web Management Console Cross-site request forgery (CSRF) vulnerability in the web management console in F5 BIG-IP 9.4.3 allows remote attackers to hijack the authentication of administrators for requests that create new administrators and execute shell commands, as demonstrated using tmui/Control/form.
CVE-2008-7031
Foxitsoftware
Foxit_reader, Reader, Phantompdf, Foxit_studio_photo, 3d, E-mail_advertising_system, Enterprise_reader, Foxit_advanced_pdf_editor, Foxit_mobilepdf_-_pdf_reader, Foxit_pdf
2018-10-11
N/A
N/A
Heap-based buffer overflow in Foxit Remote Access Server (aka WAC Server) 2.0 Build 3503 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long SSH packets, a different vulnerability than CVE-2008-0151.
CVE-2008-7030
Site2nite
Auto_e-manager, Big_truck_broker, Boat_classifieds, Business_e-listings, Real_estate_web, Vacation_rental_listings
2018-10-11
N/A
N/A
Multiple SQL injection vulnerabilities in Site2Nite Real Estate Web allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password field to an unspecified component, possibly agentlist.asp. NOTE: this issue was disclosed by an unreliable researcher, so it might be incorrect.
CVE-2008-7029
Aliboard, Alilg
Aliboard, Alitalk
2018-10-11
N/A
N/A
Unrestricted file upload vulnerability in usercp.php in AlilG Application AliBoard Beta allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as an avatar, then accessing it via a direct request to the file in uploads/avatars/.
CVE-2008-7028
Aves
Rpg_board
2017-09-29
N/A
N/A
RPG.Board 0.8 Beta2 and earlier allows remote attackers to bypass authentication and gain privileges by setting the keep4u cookie to a certain value.
« Previous 1 … 27 28 29 30 31 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE