• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2008-6747
Dotproject
2017-08-17
N/A
N/A
dotProject before 2.1.2 does not properly restrict access to administrative pages, which allows remote attackers to gain privileges. NOTE: some of these details are obtained from third party information.
CVE-2008-6746
Horde
Accounts, Ansel, Application_framework, Chora, Content, Dynamic_imp, File_manager, Forwards, Framework, Gollem
2017-08-17
N/A
N/A
Cross-site scripting (XSS) vulnerability in the contact display view in Turba Contact Manager H3 before 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the contact name.
CVE-2008-6745
Blogphp
2017-09-29
N/A
N/A
index.php in BlogPHP 2.0 allows remote attackers to gain administrator privileges via a crafted email parameter in a register2 action.
CVE-2008-6744
Cybozu
Collaborex, Cybozu_ag, Cybozu_dezie, Cybozu_dotsales, Cybozu_garoon, Cybozu_live, Cybozu_office, Cybozu_pocket, Cybozu_remote_service, Desktop
2017-08-17
N/A
N/A
Cross-site request forgery (CSRF) vulnerability in Cybozu Office 6, Cybozu Dezie before 6.0(1.0), and Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVE-2008-6743
Shock-therapy
Rsmscript
2017-09-29
N/A
N/A
RSMScript 1.21 allows remote attackers to bypass authentication and gain administrative privileges by setting the verified cookie to an arbitrary value and performing a direct request to (1) delete.php, (2) edit-submit.php, (3) edit.php, (4) submit.php, and (5) update.php, which bypasses the security check that is performed by verify.php.
CVE-2008-6742
Gofoxy
Foxy
2017-09-29
N/A
N/A
Foxy P2P software allows remote attackers to cause a denial of service (memory consumption) via a foxy URI with a download action and a large fs value.
CVE-2008-6741
Simple Machines
Opencart, Phpraider, Simple_machines_forum, Simple_machines_smf, Smf, Smf_shoutbox
2017-09-29
N/A
N/A
SQL injection vulnerability in Load.php in Simple Machines Forum (SMF) 1.1.4 and earlier allows remote attackers to execute arbitrary SQL commands by setting the db_character_set parameter to a multibyte character set such as big5, which causes the addslashes PHP function to produce a "" (backslash) sequence that does not quote the "'" (single quote) character, as demonstrated via a manlabels action to index.php.
CVE-2008-6740
Homap
2017-09-29
N/A
N/A
PHP remote file inclusion vulnerability in html/admin/modules/plugin_admin.php in HoMaP-CMS 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the _settings[pluginpath] parameter.
CVE-2008-6739
Asp Download, Toddwoolums
Asp_download, Todd_woolums_asp_news_management
2017-09-29
N/A
N/A
Todd Woolums ASP Download management script 1.03 does not require authentication for setupdownload.asp, which allows remote attackers to gain administrator privileges via a direct request.
CVE-2008-6738
Mark Girling
Myshoutpro
2017-09-29
N/A
N/A
MyShoutPro 1.2 allows remote attackers to bypass authentication and gain administrative access by setting the admin_access cookie to 1.
« Previous 1 … 56 57 58 59 60 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE