CVE Vulnerability

Home ยป CVE’s

CVE’s

CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2008-3387
2017-09-29
N/A
N/A
SQL injection vulnerability in show.php in PHPFootball 1.6 allows remote attackers to execute arbitrary SQL commands via the dbtable parameter.
CVE-2008-3386
Alstrasoft, Video Share Enterprise
Affiliate_network_pro, Article_manager_pro, Askme, Askme_pro, E-friends, Epay, Forum_pay_per_post_exchange, Live_support, Sendit, Sms_text_messaging_enterprise
2017-09-29
N/A
N/A
SQL injection vulnerability in album.php in AlstraSoft Video Share Enterprise 4.51 allows remote attackers to execute arbitrary SQL commands via the UID parameter, a different vector than CVE-2007-4086.
CVE-2008-3385
Linuxwebshop, Php Help Agent
Php_help_agent, Php_user_base
2017-09-29
N/A
N/A
Directory traversal vulnerability in include/head_chat.inc.php in php Help Agent 1.0 and 1.1 Full allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the content parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL.
CVE-2008-3384
2018-10-11
N/A
N/A
Multiple directory traversal vulnerabilities in help/help.php in Interact Learning Community Environment Interact 2.4.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) module and (2) file parameters.
CVE-2008-3383
2017-09-29
N/A
N/A
SQL injection vulnerability in mojoAuto.cgi in MojoAuto allows remote attackers to execute arbitrary SQL commands via the cat_a parameter in a browse action.
CVE-2008-3382
2017-09-29
N/A
N/A
SQL injection vulnerability in mojoClassified.cgi in MojoClassifieds 2.0 allows remote attackers to execute arbitrary SQL commands via the cat_a parameter.
CVE-2008-3381
2017-08-08
N/A
N/A
Multiple cross-site scripting (XSS) vulnerabilities in macro/AdvancedSearch.py in moin (and MoinMoin) 1.6.3 and 1.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-3380
2018-10-11
N/A
N/A
Cross-site scripting (XSS) vulnerability in ajaxp_backend.php in MyioSoft EasyBookMarker 4.0 trial edition (tr) allows remote attackers to inject arbitrary web script or HTML via the rs parameter.
CVE-2008-3379
2017-08-08
N/A
N/A
Cross-site scripting (XSS) vulnerability in Snark VisualPic 0.3.1 allows remote attackers to inject arbitrary web script or HTML via the pic parameter to the default URI. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-3378
2017-09-29
N/A
N/A
SQL injection vulnerability in comment.php in Fizzmedia 1.51.2 allows remote attackers to execute arbitrary SQL commands via the mid parameter.
1 386 387 388 389 390 11,258