• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2008-6917
Exophpdesk, Exoscripts
Exophpdesk
2017-09-29
N/A
N/A
SQL injection vulnerability in admin.php in Exocrew ExoPHPDesk 1.2 Final allows remote attackers to execute arbitrary SQL commands via the username (user parameter).
CVE-2008-6916
John Doe, Siemens
Netport_software, Logo!8_bm_firmware, Logo!8_bm, Cp1604_firmware, Cp1604, Cp1616_firmware, Cp1616, Dk_standard_ethernet_controller_firmware, Dk_standard_ethernet_controller, Ek-ertec_200_firmware, Ek-ertec_200
2017-09-29
N/A
N/A
Siemens SpeedStream 5200 with NetPort Software 1.1 allows remote attackers to bypass authentication via an invalid Host header, possibly involving a trailing dot in the hostname.
CVE-2008-6915
Zeeproperty, Zeeways
Ebay_clone_auction_script, Photovideotube, Shaadiclone, Zeejobsite, Zeelyrics, Zeematri, Zeeproperty
2017-09-29
N/A
N/A
Cross-site scripting (XSS) vulnerability in view_prop_details.php in Zeeways ZEEPROPERTY 1.0 allows remote attackers to inject arbitrary web script or HTML via the propid parameter.
CVE-2008-6914
Zeeproperty, Zeeways
Ebay_clone_auction_script, Photovideotube, Shaadiclone, Zeejobsite, Zeelyrics, Zeematri, Zeeproperty
2017-09-29
N/A
N/A
Unrestricted file upload vulnerability in viewprofile.php in Zeeways ZEEPROPERTY 1.0 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a photo in a profile modification, then accessing a related file via a direct request to the file in companylogo/.
CVE-2008-6913
Zeejobsite, Zeeways
Ebay_clone_auction_script, Photovideotube, Shaadiclone, Zeejobsite, Zeelyrics, Zeematri, Zeeproperty
2017-09-29
N/A
N/A
Unrestricted file upload vulnerability in editresume_next.php in Zeeways ZEEJOBSITE 2.0 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a photo in a profile edit action, then accessing the file via a direct request to jobseekers/logos/.
CVE-2008-6912
Shaadiclone, Zeeways
Ebay_clone_auction_script, Photovideotube, Shaadiclone, Zeejobsite, Zeelyrics, Zeematri, Zeeproperty
2017-09-29
N/A
N/A
Zeeways SHAADICLONE 2.0 allows remote attackers to bypass authentication and gain administrative privileges via a direct request to admin/home.php.
CVE-2008-6911
Brewblogger
2017-09-29
N/A
N/A
SQL injection vulnerability in the authenticateUser function in includes/authentication.inc.php in BrewBlogger (BB) 2.1.0.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the loginUsername parameter to includes/logincheck.inc.php. NOTE: some of these details are obtained from third party information.
CVE-2008-6910
Drupal, Marc Ingram
Acidfree, Activity, Aggregation_module, Ajax_checklist, Archive_module, Asin_field_module, Atom_module, Audio_module, Authenticated_user_page_caching, Avatar_uploader, Services
2017-08-17
N/A
N/A
Services 5.x before 5.x-0.92 and 6.x before 6.x-0.13, a module for Drupal, does not use timeouts for signed requests, which allows remote attackers to impersonate other users and gain privileges via a replay attack that sends the same request.
CVE-2008-6909
Drupal, Marc Ingram
Acidfree, Activity, Aggregation_module, Ajax_checklist, Archive_module, Asin_field_module, Atom_module, Audio_module, Authenticated_user_page_caching, Avatar_uploader, Services
2017-08-17
N/A
N/A
Services 5.x before 5.x-0.92 and 6.x before 6.x-0.13, a module for Drupal, does not sign all required data in requests, which has unspecified impact, probably related to man-in-the-middle attacks that modify critical data and allow remote attackers to impersonate other users and gain privileges.
CVE-2008-6908
Drupal, Marc Ingram
Acidfree, Activity, Aggregation_module, Ajax_checklist, Archive_module, Asin_field_module, Atom_module, Audio_module, Authenticated_user_page_caching, Avatar_uploader, Services
2017-08-17
N/A
N/A
Services 5.x before 5.x-0.92 and 6.x before 6.x-0.13, a module for Drupal, uses an insecure hash when signing requests, which allows remote attackers to impersonate other users and gain privileges.
« Previous 1 … 39 40 41 42 43 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE