• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2008-2873
2017-10-19
N/A
N/A
sHibby sHop 2.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request to Db/urun.mdb.
CVE-2008-2872
2017-10-19
N/A
N/A
SQL injection vulnerability in default.asp in sHibby sHop 2.2 and earlier allows remote attackers to execute arbitrary SQL commands via the sayfa parameter.
CVE-2008-2871
2017-08-08
N/A
N/A
Multiple cross-site scripting (XSS) vulnerabilities in template2.php in PEGames allow remote attackers to inject arbitrary web script or HTML via the (1) sitetitle, (2) sitenav, (3) sitemain, and (4) sitealt parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-2870
2017-09-29
N/A
N/A
Multiple SQL injection vulnerabilities in ShareCMS 0.1 Beta allow remote attackers to execute arbitrary SQL commands via the (1) eventID parameter to event_info.php and the (2) userID parameter to list_user.php.
CVE-2008-2869
2017-09-29
N/A
N/A
SQL injection vulnerability in out.php in E-topbiz Link ADS 1 allows remote attackers to execute arbitrary SQL commands via the linkid parameter.
CVE-2008-2868
2017-09-29
N/A
N/A
SQL injection vulnerability in detail.asp in DUware DUcalendar 1.0 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the iEve parameter.
CVE-2008-2867
2017-09-29
N/A
N/A
SQL injection vulnerability in adclick.php in E-topbiz Viral DX 1 2.07 allows remote attackers to execute arbitrary SQL commands via the bannerid parameter.
CVE-2008-2866
2017-09-29
N/A
N/A
SQL injection vulnerability in csc_article_details.php in Caupo.net CaupoShop Classic 1.3 allows remote attackers to execute arbitrary SQL commands via the saArticle[ID] parameter.
CVE-2008-2865
2017-09-29
N/A
N/A
SQL injection vulnerability in index.php in Kalptaru Infotech PHP Site Lock 2.0 allows remote attackers to execute arbitrary SQL commands via the articleid parameter in a show_article action.
CVE-2008-2864
2018-10-11
N/A
N/A
eLineStudio Site Composer (ESC) 2.6 and earlier allows remote attackers to obtain sensitive information via a direct request to (1) trigger.asp or (2) common2.asp in cms/include/, which reveals the database path.
« Previous 1 … 437 438 439 440 441 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE