• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2008-6887
Pre Classified Listings, Preprojects
Business_cards_designer, E-smart_cart, Php_jobwebsite_pro, Pre_ads_portal, Pre_classified_listings, Pre_classified_listings_asp, Pre_e-learning_portal, Pre_job_board, Pre_online_tests_generator, Pre_podcast_portal
2017-08-17
N/A
N/A
SQL injection vulnerability in detailad.asp in Pre Classified Listings 1.0 allows remote attackers to execute arbitrary SQL commands via the siteid parameter.
CVE-2008-6886
Rsa
Access_manager_agent, Access_manager_agent_for_iis_5.0/6.0, Access_manager_server, Ace_agent, Ace_server, Adaptive_authentication, Adaptive_authentication_(on_premise), Archer, Archer_egrc_platform, Archer_grc_platform
2017-08-17
N/A
N/A
RSA EnVision 3.5.0, 3.5.1, 3.5.2, and 3.7.0 does not properly restrict access to unspecified user profile functionality, which allows remote attackers to obtain the administrator password hash and conduct brute force guessing attacks.
CVE-2008-6885
Xoops
Article_module, Articles_module, Cjay_content_module, Core_module, Eempregos_module, Flashgames_module, Friendfinder_module, Glossaire_module, Happy_linux_xfsection_module, Horoscope_module
2009-08-03
N/A
N/A
Cross-site scripting (XSS) vulnerability in pmlite.php in XOOPS 2.3.1 and 2.3.2a allows remote attackers to inject arbitrary web script or HTML via a STYLE attribute in a URL BBcode tag in a private message.
CVE-2008-6884
Xoops
Article_module, Articles_module, Cjay_content_module, Core_module, Eempregos_module, Flashgames_module, Friendfinder_module, Glossaire_module, Happy_linux_xfsection_module, Horoscope_module
2017-09-29
N/A
N/A
Multiple directory traversal vulnerabilities in XOOPS 2.3.1, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the xoopsConfig[language] parameter to (1) blocks.php and (2) main.php in xoops_lib/modules/protector/.
CVE-2008-6883
Com Livechat, Joompolitan
Com_livechat
2017-09-29
N/A
N/A
SQL injection vulnerability in the Live Chat (com_livechat) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the last parameter to getChatRoom.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-6882
Com Livechat, Joompolitan
Com_livechat
2017-09-29
N/A
N/A
Live Chat (com_livechat) component 1.0 for Joomla! allows remote attackers to use the xmlhttp.php script as an open HTTP proxy to hide network scanning activities or scan internal networks via a GET request with a full URL in the query string.
CVE-2008-6881
Com Livechat, Joompolitan
Com_livechat
2017-09-29
N/A
N/A
Multiple SQL injection vulnerabilities in the Live Chat (com_livechat) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the last parameter to (1) getChat.php, (2) getChatRoom.php, and (3) getSavedChatRooms.php.
CVE-2008-6880
Easysitenetwork, Jokes Complete Website
Cheats_complete_website, Drinks_complete_website, Jokes_complete_website, Recipe_website_script, Riddles_website, Tips_complete_website
2018-10-11
N/A
N/A
SQL injection vulnerability in joke.php in EasySiteNetwork Free Jokes Website allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-6879
Apache
Accumulo, Activemq, Activemq_apollo, Activemq_artemis, Age, Airavata_django_portal, Airflow, Airflow_mysql_provider, Alarm_instance_management, Allura
2009-07-31
N/A
N/A
Cross-site scripting (XSS) vulnerability in Apache Roller 2.3, 3.0, 3.1, and 4.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter in a search action.
CVE-2008-6878
Zen-cart
Zen_cart, Web_shopping_cart
2017-09-29
N/A
N/A
** DISPUTED ** Directory traversal vulnerability in admin/includes/languages/english.php in Zen Cart 1.3.8a, 1.3.8, and earlier, when .htaccess is not supported, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the _SESSION[language] parameter. NOTE: the vendor disputes this issue, stating "at worst, the use of this vulnerability will reveal some local file paths."
« Previous 1 … 42 43 44 45 46 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE