• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2008-7007
Php Vx Guestbook, Phpversion
Php_vx_guestbook
2017-09-29
N/A
N/A
Free PHP VX Guestbook 1.06 allows remote attackers to bypass authentication and gain administrative access by setting the (1) admin_name and (2) admin_pass cookie values to 1.
CVE-2008-7006
Php Vx Guestbook, Phpversion
Php_vx_guestbook
2017-09-29
N/A
N/A
Free PHP VX Guestbook 1.06 allows remote attackers to bypass authentication and download a backup of the database via a direct request to admin/backupdb.php.
CVE-2008-7005
Minb, Minb Is Not A Blog
Minb_is_not_a_blog
2018-10-11
N/A
N/A
include/modules/top/1-random_quote.php in Minb Is Not a Blog (minb) 0.1.0 allows remote attackers to execute arbitrary PHP code via the quotes_to_edit parameter. NOTE: this issue has been reported as an unrestricted file upload by some sources, but that is a potential consequence of code execution.
CVE-2008-7004
Elog
Elogd
2017-08-17
N/A
N/A
Buffer overflow in Electronic Logbook (ELOG) before 2.7.1 has unknown impact and attack vectors, possibly related to elog.c.
CVE-2008-7003
The-rat-cms
2017-09-29
N/A
N/A
Multiple SQL injection vulnerabilities in login.php in The Rat CMS Alpha 2 allow remote attackers to execute arbitrary SQL commands via the (1) user_id and (2) password parameter.
CVE-2008-7002
Php
Animated_smiley_generator, Archive_tar, Ar_memberscript, Blog_cms, Bloq, Com_extensions, Comoblog, Directory_listing_script, Dirlist, Easymoblog
2009-08-19
N/A
N/A
PHP 5.2.5 does not enforce (a) open_basedir and (b) safe_mode_exec_dir restrictions for certain functions, which might allow local users to bypass intended access restrictions and call programs outside of the intended directory via the (1) exec, (2) system, (3) shell_exec, (4) passthru, or (5) popen functions, possibly involving pathnames such as "C:" drive notation.
CVE-2008-7001
Creative Mind
Creator_cms
2017-09-29
N/A
N/A
Unrestricted file upload vulnerability in the file manager in Creative Mind Creator CMS 5.0 allows remote attackers to execute arbitrary code via unknown vectors.
CVE-2008-7000
Phpauction
Phpauction_gpl
2017-08-17
N/A
N/A
PHP remote file inclusion vulnerability in index.php in PHPAuction 3.2 allows remote attackers to execute arbitrary PHP code via a URL in the lan parameter. NOTE: this might be related to CVE-2005-2255.1.
CVE-2008-6999
Phpauction
Phpauction_gpl
2017-08-17
N/A
N/A
phpAuction 3.2, and possibly 3.3.0 GPL Basic edition, allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function.
CVE-2008-6998
Google
Admob, Android, Android_api, Android_browser, Android_debug_bridge, Android_one, Android_sdk, Android_sdk_platform_tools, Android_sdk_tools, Android_tv
2017-09-29
N/A
N/A
Stack-based buffer overflow in chrome/common/gfx/url_elider.cc in Google Chrome 0.2.149.27 and other versions before 0.2.149.29 might allow user-assisted remote attackers to execute arbitrary code via a link target (href attribute) with a large number of path elements, which triggers the overflow when the status bar is updated after the user hovers over the link.
« Previous 1 … 30 31 32 33 34 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE