• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2008-1509
2017-09-29
N/A
N/A
SQL injection vulnerability in index.php in XLPortal 2.2.4 and earlier allows remote attackers to execute arbitrary SQL commands via the query parameter.
CVE-2008-1508
2020-02-10
N/A
N/A
SQL injection vulnerability in EfesTech E-Kontör and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-1507
2017-09-29
N/A
N/A
PEEL, possibly 3.x and earlier, has (1) a default info@peel.fr account with password admin, and (2) a default contact@peel.fr account with password cinema, which allows remote attackers to gain administrative access.
CVE-2008-1506
2017-09-29
N/A
N/A
PEEL, possibly 3.x and earlier, allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function.
CVE-2008-1505
2017-09-29
N/A
N/A
PHP remote file inclusion vulnerability in the SSTREAMTV custompages (com_custompages) 1.1 and earlier component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the cpage parameter to index.php.
CVE-2008-1504
2017-08-08
N/A
N/A
Cross-site scripting (XSS) vulnerability in setup.php3 in phpHeaven phpMyChat 0.14.5 allows remote attackers to inject arbitrary web script or HTML via the Lang parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-1503
2018-10-30
N/A
N/A
Cross-site scripting (XSS) vulnerability in the web management interface in F5 BIG-IP 9.4.3 allows remote attackers to inject arbitrary web script or HTML via (1) the name of a node object, or the (2) sysContact or (3) sysLocation SNMP configuration field, aka "Audit Log XSS." NOTE: these issues might be resultant from cross-site request forgery (CSRF) vulnerabilities.
CVE-2008-1502
2020-12-01
N/A
N/A
The _bad_protocol_once function in phpgwapi/inc/class.kses.inc.php in KSES, as used in eGroupWare before 1.4.003, Moodle before 1.8.5, and other products, allows remote attackers to bypass HTML filtering and conduct cross-site scripting (XSS) attacks via a string containing crafted URL protocols.
CVE-2008-1501
2018-10-11
N/A
N/A
The send_user_mode function in s_user.c in (1) Undernet ircu 2.10.12.12 and earlier, (2) snircd 1.3.4 and earlier, and unspecified other ircu derivatives allows remote attackers to cause a denial of service (daemon crash) via a malformed MODE command.
CVE-2008-1500
2017-08-08
N/A
N/A
Cross-site scripting (XSS) vulnerability in index.php in TinyPortal 0.8.6 and 1.0.3 allows remote attackers to inject arbitrary web script or HTML via the PHPSESSID parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
« Previous 1 … 569 570 571 572 573 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE