CVE Vulnerability

Home ยป CVE’s

CVE’s

CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2008-6897
Andres Garcia
Getleft
2017-09-29
N/A
N/A
Multiple buffer overflows in Getleft.exe in Andres Garcia Getleft 1.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) "a" HTML tag; a long src attribute in (2) embed, (3) img, or (4) script tags; (5) a long background attribute in a body tag; and other unspecified tags.
CVE-2008-6896
3cx, Phone System
Phone_system_firmware, Phone_system, 3cx_web_server, Call_flow_designer, Crm_template_generator, Live_chat, Wp-live_chat
2017-08-17
N/A
N/A
login.php in 3CX Phone System 6.0.806.0, when 100% disk capacity is reached, allows remote attackers to gain sensitive information via unspecified vectors that reveal the installation path.
CVE-2008-6895
3cx, Phone System
Phone_system_firmware, Phone_system, 3cx_web_server, Call_flow_designer, Crm_template_generator, Live_chat, Wp-live_chat
2017-08-17
N/A
N/A
3CX Phone System 6.0.806.0 allows remote attackers to cause a denial of service (unstable service or crash) via unspecified vectors, as demonstrated by vulnerability scans from Nessus or SAINT.
CVE-2008-6894
3cx, Phone System
Phone_system_firmware, Phone_system, 3cx_web_server, Call_flow_designer, Crm_template_generator, Live_chat, Wp-live_chat
2017-08-17
N/A
N/A
Multiple cross-site scripting (XSS) vulnerabilities in login.php in 3CX Phone System Free Edition 6.1793 and 6.0.806.0 allow remote attackers to inject arbitrary web script or HTML via the (1) fName and (2) fPassword parameters.
CVE-2008-6893
Alt-n, Worldclient
Mdaemon, Securitygateway, Webadmin, Worldclient
2021-07-23
N/A
N/A
Cross-site scripting (XSS) vulnerability in Alt-N MDaemon WorldClient 10.0.2, when Internet Explorer 7 is used, allows remote attackers to inject arbitrary web script or HTML via a crafted img tag.
CVE-2008-6892
Peel
Peel_shopping
2017-09-29
N/A
N/A
SQL injection vulnerability in lire/index.php in Peel 3.1 allows remote attackers to execute arbitrary SQL commands via the rubid parameter. NOTE: this might be the same issue as CVE-2005-3572.
CVE-2008-6891
Codetoad
Asp_forum_script, Asp_shopping_cart_script
2017-08-17
N/A
N/A
Multiple cross-site scripting (XSS) vulnerabilities in ASP Forum Script allow remote attackers to inject arbitrary web script or HTML via the (1) forum_id parameter to (a) new_message.asp and (b) messages.asp, and the (2) query string to default.asp.
CVE-2008-6890
Codetoad
Asp_forum_script, Asp_shopping_cart_script
2017-08-17
N/A
N/A
SQL injection vulnerability in messages.asp in ASP Forum Script allows remote attackers to execute arbitrary SQL commands via the message_id parameter.
CVE-2008-6889
Activewebsoftwares, Aspreferral
Active_auction_house, Active_bids, Active_business_directory, Active_ewebquiz, Active_force_matrix, Active_membership, Active_newsletter, Active_photo_gallery, Active_price_comparison, Active_test
2017-09-29
N/A
N/A
SQL injection vulnerability in Merchantsadd.asp in ASPReferral 5.3 allows remote attackers to execute arbitrary SQL commands via the AccountID parameter.
CVE-2008-6888
Pre Classified Listings, Preprojects
Business_cards_designer, E-smart_cart, Php_jobwebsite_pro, Pre_ads_portal, Pre_classified_listings, Pre_classified_listings_asp, Pre_e-learning_portal, Pre_job_board, Pre_online_tests_generator, Pre_podcast_portal
2017-08-17
N/A
N/A
Cross-site scripting (XSS) vulnerability in signup.asp in Pre Classified Listings 1.0 allows remote attackers to inject arbitrary web script or HTML via the address parameter.
1 41 42 43 44 45 11,258