• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2008-2351
2017-09-29
N/A
N/A
Multiple SQL injection vulnerabilities in index.php in CMS WebManager-Pro allow remote attackers to execute arbitrary SQL commands via the (1) lang_id and (2) menu_id parameters.
CVE-2008-2350
2017-08-08
N/A
N/A
Directory traversal vulnerability in highlight.php in bcoos 1.0.9 through 1.0.13 allows remote attackers to read arbitrary files via (1) .. (dot dot) or (2) C: folder sequences in the file parameter.
CVE-2008-2349
2017-09-29
N/A
N/A
Zomplog 3.8.2 and earlier allows remote attackers to gain administrative access by creating an admin account via a direct request to install/newuser.php with the admin parameter set to 1.
CVE-2008-2348
2017-09-29
N/A
N/A
MeltingIce File System 1.0 allows remote attackers to bypass application authentication, create new user accounts, and exceed application quotas via a direct request to admin/adduser.php.
CVE-2008-2347
2017-09-29
N/A
N/A
MyPicGallery 1.0 allows remote attackers to bypass application authentication and gain administrative access by setting the userID parameter to "admin" in a direct request to admin/addUser.php.
CVE-2008-2346
2017-09-29
N/A
N/A
AlkalinePHP 0.77.35 and earlier allows remote attackers to bypass authentication and gain administrative access by creating an admin account via a direct request to adduser.php.
CVE-2008-2345
2017-08-08
N/A
N/A
Unspecified vulnerability in the air_filemanager 0.6.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary PHP code via unspecified vectors related to "insufficient file filtering."
CVE-2008-2344
2017-08-08
N/A
N/A
Cross-site scripting (XSS) vulnerability in the air_filemanager 0.6.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-2343
2017-09-29
N/A
N/A
News Manager 2.0 allows remote attackers to bypass restrictions and obtain sensitive information via a direct request to (1) db/connect_str.php and (2) login/info.php.
CVE-2008-2342
2017-09-29
N/A
N/A
Directory traversal vulnerability in attachments.php in News Manager 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the id parameter.
« Previous 1 … 487 488 489 490 491 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE