• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2008-2913
2017-09-29
N/A
N/A
Directory traversal vulnerability in func.php in Devalcms 1.4a, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the currentpath parameter, in conjunction with certain ... (triple dot) and ..... sequences in the currentfile parameter, to index.php.
CVE-2008-2912
2017-09-29
N/A
N/A
Multiple PHP remote file inclusion vulnerabilities in Contenido CMS 4.8.4 allow remote attackers to execute arbitrary PHP code via a URL in the (1) contenido_path parameter to (a) contenido/backend_search.php; the (2) cfg[path][contenido] parameter to (b) move_articles.php, (c) move_old_stats.php, (d) optimize_database.php, (e) run_newsletter_job.php, (f) send_reminder.php, (g) session_cleanup.php, and (h) setfrontenduserstate.php in contenido/cronjobs/, and (i) includes/include.newsletter_jobs_subnav.php and (j) plugins/content_allocation/includes/include.right_top.php in contenido/; the (3) cfg[path][templates] parameter to (k) includes/include.newsletter_jobs_subnav.php and (l) plugins/content_allocation/includes/include.right_top.php in contenido/; and the (4) cfg[templates][right_top_blank] parameter to (m) plugins/content_allocation/includes/include.right_top.php and (n) contenido/includes/include.newsletter_jobs_subnav.php in contenido/, different vectors than CVE-2006-5380.
CVE-2008-2911
2017-09-29
N/A
N/A
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Contenido 4.8.4 allow remote attackers to inject arbitrary web script or HTML via the (1) contenido, (2) Belang, and (3) username parameters.
CVE-2008-2910
2017-09-29
N/A
N/A
Buffer overflow in the DXTTextOutEffect ActiveX control (aka the Text-Effect DXT Filter), as distributed in TextOut.dll 6.0.18.1 and mvtextout.dll, in muvee autoProducer 6.0 and 6.1 allows remote attackers to execute arbitrary code via a long FontSetting property value.
CVE-2008-2909
2017-10-19
N/A
N/A
SQL injection vulnerability in results.php in Clever Copy 3.0 allows remote attackers to execute arbitrary SQL commands via the searchtype parameter.
CVE-2008-2908
2017-08-08
N/A
N/A
Multiple stack-based buffer overflows in a certain ActiveX control in ienipp.ocx in Novell iPrint Client for Windows before 4.36 allow remote attackers to execute arbitrary code via a long value of the (1) operation, (2) printer-url, or (3) target-frame parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-2907
2017-09-29
N/A
N/A
SQL injection vulnerability in admin/index.php in WebChamado 1.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the eml parameter.
CVE-2008-2906
2017-09-29
N/A
N/A
SQL injection vulnerability in lista_anexos.php in WebChamado 1.1 allows remote attackers to execute arbitrary SQL commands via the tsk_id parameter.
CVE-2008-2905
2017-09-29
N/A
N/A
PHP remote file inclusion vulnerability in includes/Cache/Lite/Output.php in the Cache_Lite package in Mambo 4.6.4 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
CVE-2008-2904
2017-09-29
N/A
N/A
SQL injection vulnerability in shop.php in Conkurent PHPMyCart allows remote attackers to execute arbitrary SQL commands via the cat parameter.
« Previous 1 … 433 434 435 436 437 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE