• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2008-6907
2532gigs
2017-09-29
N/A
N/A
Multiple SQL injection vulnerabilities in checkuser.php in 2532designs 2532|Gigs 1.2.2 Stable, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters, as accessible from a form generated by index.php.
CVE-2008-6906
Babbleboard
2017-09-29
N/A
N/A
Cross-site scripting (XSS) vulnerability in index.php in BabbleBoard 1.1.6 allows remote attackers to inject arbitrary web script or HTML via the username.
CVE-2008-6905
Babbleboard
2017-09-29
N/A
N/A
Cross-site request forgery (CSRF) vulnerability in index.php in BabbleBoard 1.1.6 allows remote authenticated users to hijack the authentication of administrators for requests that delete (1) categories or (2) groups; (3) ban users; or (4) delete users via the admin page.
CVE-2008-6904
Sophos
Cyberoamos, Cyberoam, Anti-virus7.6.3, Anti-virus_for_sophos_central, Anti-virus_for_sophos_home, Astaro_security_gateway, Astaro_security_gateway_firmware, Cloud_optix, Cyberoam_cr100ing_utm, Cyberoam_cr100ing_utm_firmware
2017-08-17
N/A
N/A
Multiple unspecified vulnerabilities in Sophos SAVScan 4.33.0 for Linux, and possibly other products and versions, allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via crafted files that have been packed with (1) armadillo, (2) asprotect, or (3) asprotectSKE.
CVE-2008-6903
Sophos
Cyberoamos, Cyberoam, Anti-virus7.6.3, Anti-virus_for_sophos_central, Anti-virus_for_sophos_home, Astaro_security_gateway, Astaro_security_gateway_firmware, Cloud_optix, Cyberoam_cr100ing_utm, Cyberoam_cr100ing_utm_firmware
2009-08-19
N/A
N/A
Sophos Anti-Virus for Windows before 7.6.3, Anti-Virus for Windows NT/9x before 4.7.18, Anti-Virus for OS X before 4.9.18, Anti-Virus for Linux before 6.4.5, Anti-Virus for UNIX before 7.0.5, Anti-Virus for Unix and Netware before 4.37.0, Sophos EM Library, and Sophos small business solutions, when CAB archive scanning is enabled, allows remote attackers to cause a denial of service (segmentation fault) via a "fuzzed" CAB archive file, as demonstrated by the OUSPG PROTOS GENOME test suite for Archive Formats.
CVE-2008-6902
2532gigs
2017-09-29
N/A
N/A
Unrestricted file upload vulnerability in upload_flyer.php in 2532designs 2532|Gigs 1.2.2 Stable allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in flyers/.
CVE-2008-6901
2532gigs
2017-09-29
N/A
N/A
Multiple directory traversal vulnerabilities in 2532designs 2532|Gigs 1.2.2 Stable, when register_globals is enabled and magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter to (1) settings.php, (2) deleteuser.php, (3) mini_calendar.php, (4) manage_venues.php, and (5) manage_gigs.php, a different vector than CVE-2007-4585.
CVE-2008-6900
Availscript
Availscript_article_script, Availscript_classmate_script, Availscript_jobs_portal_script, Availscript_photo_album, Jobs_portal_script
2017-09-29
N/A
N/A
Unrestricted file upload vulnerability in "Add Pen/Author Name" feature in addpen.php in AvailScript Article Script allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in photos/.
CVE-2008-6899
Freesshd
Freeftpd
2018-10-11
N/A
N/A
Multiple buffer overflows in freeSSHd 1.2.1 allow remote authenticated users to cause a denial of service (crash) and execute arbitrary code via a long (1) open, (2) unlink, (3) mkdir, (4) rmdir, or (5) stat SFTP command.
CVE-2008-6898
Sascam Webcam Server, Saschart
Rich_counter, Sascam_webcam_server
2017-09-29
N/A
N/A
Buffer overflow in the XHTTP Module 4.1.0.0 in the ActiveX control for SaschArt SasCam Webcam Server 2.6.5 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long argument to the Get method and other unspecified methods.
« Previous 1 … 40 41 42 43 44 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE