CVE Vulnerability

Home ยป CVE’s

CVE’s

CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2008-1979
2021-04-07
N/A
N/A
The Discovery Service (casdscvc) in CA ARCserve Backup 12.0.5454.0 and earlier allows remote attackers to cause a denial of service (crash) via a packet with a large integer value used in an increment to TCP port 41523, which triggers a buffer over-read.
CVE-2008-1978
2017-08-08
N/A
N/A
Cross-site scripting (XSS) vulnerability in the Ubercart 5.x before 5.x-1.0 rc3 module for Drupal allows remote authenticated users to inject arbitrary web script or HTML via node titles related to unspecified product features, a different vector than CVE-2008-1428.
CVE-2008-1977
2019-08-01
N/A
N/A
Cross-site request forgery (CSRF) vulnerability in the Internationalization (i18n) Drupal module 5.x before 5.x-2.3 and 5.x-1.1, and 6.x before 6.x-1.0 beta 1, allows remote attackers to change node translation relationships via unspecified vectors.
CVE-2008-1976
2019-08-01
N/A
N/A
Multiple cross-site scripting (XSS) vulnerabilities in the Drupal modules (1) Internationalization (i18n) 5.x before 5.x-2.3 and 5.x-1.1 and 6.x before 6.x-1.0 beta 1; and (2) Localizer 5.x before 5.x-3.4, 5.x-2.1, and 5.x-1.11; allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-1975
2017-09-29
N/A
N/A
SQL injection vulnerability in index.php in E-RESERV 2.1 allows remote attackers to execute arbitrary SQL commands via the ID_loc parameter.
CVE-2008-1974
2018-10-11
N/A
N/A
Cross-site scripting (XSS) vulnerability in addevent.php in Horde Kronolith 2.1.7, Groupware Webmail Edition 1.0.6, and Groupware 1.0.5 allows remote attackers to inject arbitrary web script or HTML via the url parameter.
CVE-2008-1973
2017-09-29
N/A
N/A
Heap-based buffer overflow in SubEdit Player build 4056 and 4066 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long subtitle file.
CVE-2008-1972
2017-08-08
N/A
N/A
Multiple cross-site scripting (XSS) vulnerabilities in the user account creation feature in Exponent CMS 0.96.6-GA20071003 and earlier, when the Allow Registration? configuration option is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) username, (2) firstname, (3) lastname, and (4) e-mail address fields. NOTE: some of these details are obtained from third party information.
CVE-2008-1971
2017-09-29
N/A
N/A
phShoutBox Final 1.5 and earlier only checks passwords when specified in $_POST, which allows remote attackers to gain privileges by setting the (1) phadmin cookie to admin.php, or (2) in 1.4 and earlier, the ssbadmin cookie to shoutadmin.php.
CVE-2008-1970
2017-08-08
N/A
N/A
muCommander before 0.8.2 stores credentials.xml with insecure permissions, which allows local users to obtain credentials.
1 523 524 525 526 527 11,258