CVE Vulnerability

Home ยป CVE’s

CVE’s

CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2008-6967
Alt-n, Worldclient
Mdaemon, Securitygateway, Webadmin, Worldclient
2017-08-17
N/A
N/A
Multiple unspecified vulnerabilities in WorldClient in Alt-N MDaemon before 10.02 have unknown impact and attack vectors, probably related to cross-site scripting (XSS) and WorldClient DLL 10.0.1, a different vulnerability than CVE-2008-6893.
CVE-2008-6966
Aj Square
Aj_auction, Ajauction, Ajdating
2017-09-29
N/A
N/A
AJ Square AJ Auction Pro Platinum Skin #1 sends a redirect but does not exit when it is called directly, which allows remote attackers to bypass authentication via a direct request to admin/user.php.
CVE-2008-6965
Aj Square
Aj_auction, Ajauction, Ajdating
2017-09-29
N/A
N/A
AJ Square AJ Auction OOPD, Pro Platinum Skin #1, Pro Platinum Skin #2, and Web 2.0 send a redirect but do not exit when certain scripts are called directly, which allows remote attackers to bypass authentication via a direct request to (1) site.php, (2) auction.php, (3) mail.php, (4) fee_setting.php, (5) earnings.php, (6) insertion_fee_settings.php, (7) custom_category.php, (8) subcategory.php, (9) category.php, (10) report.php, (11) store_manager.php, and (12) choose_sell_format.php in admin/, and possibly other vectors.
CVE-2008-6964
X7 Group
X7_chat
2017-09-29
N/A
N/A
SQL injection vulnerability in the login page in X7 Chat 2.0.5 allows remote attackers to execute arbitrary SQL commands via the password field.
CVE-2008-6963
Turnkeyforms
Business_survey_pro, Entertainment_portal, Local_classifieds, Text_link_sales, Web_hosting_directory, Yahoo-answers-clone
2017-09-29
N/A
N/A
admin.php in TurnkeyForms Text Link Sales allows remote attackers to bypass authentication and gain administrative privileges via a direct request.
CVE-2008-6962
Avira
Free_security_suite, Software_updater, Free_antivirus, Anti-malware_sdk, Antivir, Antivir_mailgate, Antivir_mailgate_suite, Antivir_personal, Antivir_professional, Antivir_security_suite
2017-08-17
N/A
N/A
Avira AntiVir Premium, Premium Security Suite, AntiVir Professional, and AntiVir Personal - FREE allows local users to execute arbitrary code via a crafted IOCTL request that overwrites a kernel pointer.
CVE-2008-6961
Mozilla
Firefox, Firefox_esr, Thunderbird, Bleach, Bonsai, Bugzilla, Camino, Convict, Durian_web_application_server, Firefox_focus
2018-10-30
N/A
N/A
mailnews in Mozilla Thunderbird before 2.0.0.18 and SeaMonkey before 1.1.13, when JavaScript is enabled in mail, allows remote attackers to obtain sensitive information about the recipient, or comments in forwarded mail, via script that reads the (1) .documentURI or (2) .textContent DOM properties.
CVE-2008-6960
.x10 Automatic Mp3 Script, X10media
Adult_script, Glitter_central_script, Mp3_search_engine, .x10_automatic_mp3_script
2017-09-29
N/A
N/A
download.php in X10media x10 Automatic Mp3 Search Engine Script 1.5.5 through 1.6 allows remote attackers to read arbitrary files via an encoded url parameter, as demonstrated by obtaining database credentials from includes/constants.php.
CVE-2008-6959
Chilkatsoft
Chilkat_imap_activex_control, Chilkat_smtpq, Chilkat_socket
2017-09-29
N/A
N/A
Insecure method vulnerability in the Chilkat Socket ActiveX control (ChilkatSocket.ChilkatSocket.1) in ChilkatSocket.dll 2.3.1.1 allows remote attackers to overwrite arbitrary files via the SaveLastError method. NOTE: this might be related to CVE-2008-1647.
CVE-2008-6958
Comsenz
Crazy_star_plugin, Crossday_discuz!_board, Duomicms
2017-09-29
N/A
N/A
wap/index.php in Crossday Discuz! Board 6.x and 7.x allows remote authenticated users to execute arbitrary PHP code via the creditsformula parameter.
1 34 35 36 37 38 11,258