• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2008-6717
Uochm
Justbookit, Justlistit, Signup
2017-09-29
N/A
N/A
U&M Software Signup 1.0 and 1.1 does not require administrative authentication for all scripts in the admin/ directory, which allows remote attackers to have an unspecified impact via a direct request to (1) adminstart.php, (2) admineventtype.php, (3) admineventdetails.php, (4) admineventlist.php, (5) adminuserslist.php, (6) adminleaderslist.php, (7) admindatabase.php, and possibly (8) index.php.
CVE-2008-6716
Pre Ads Portal, Preprojects
Business_cards_designer, E-smart_cart, Php_jobwebsite_pro, Pre_ads_portal, Pre_classified_listings, Pre_classified_listings_asp, Pre_e-learning_portal, Pre_job_board, Pre_online_tests_generator, Pre_podcast_portal
2017-09-29
N/A
N/A
homeadmin/adminhome.php in Pre ADS Portal 2.0 and earlier does not require administrative authentication, which allows remote attackers to have an unspecified impact via a direct request.
CVE-2008-6715
Pre Ads Portal, Preprojects
Business_cards_designer, E-smart_cart, Php_jobwebsite_pro, Pre_ads_portal, Pre_classified_listings, Pre_classified_listings_asp, Pre_e-learning_portal, Pre_job_board, Pre_online_tests_generator, Pre_podcast_portal
2017-09-29
N/A
N/A
Multiple cross-site scripting (XSS) vulnerabilities in Pre ADS Portal 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the msg parameter to (1) homeadmin/adminhome.php and (2) homeadmin/signinform.php.
CVE-2008-6714
Xecms Project
Xecms
2021-03-05
N/A
N/A
admin.php in xeCMS 1.0.0 RC2 and earlier allows remote attackers to bypass authentication and access the admin panel by setting the xecms_username cookie.
CVE-2008-6713
Massive Entertainment
Ground_control_ii_operation_exodus, Wic, World_in_conflict
2018-10-11
N/A
N/A
World in Conflict (WIC) 1.008 and earlier allows remote attackers to cause a denial of service (access violation and crash) via a zero-byte data block to TCP port 48000, which triggers a NULL pointer dereference.
CVE-2008-6712
Crysis, Ea
Battlefield_2, Battlefield_2142, Crysis, Karotz_smart_rabbit, Karotz_smart_rabbit_firmware, Need_for_speed_network, Origin, Origin_client
2018-10-11
N/A
N/A
The HTTP/XML-RPC service in Crysis 1.21 (game version 1.1.1.6156) and earlier allows remote attackers to cause a denial of service (crash) via a long HTTP request, which triggers a NULL pointer dereference.
CVE-2008-6711
Avaya
4602sw_ip_phone, 9608, 9608_firmware, 9608g, 9608g_firmware, 9611g, 9611g_firmware, 9621g, 9621g_firmware, 9641g
2017-08-17
N/A
N/A
Unspecified vulnerability in the Web administration interface in Avaya Communication Manager 3.1.x before CM 3.1.4 SP2 and 4.0.x before 4.0.3 SP1 allows remote authenticated users to execute arbitrary commands via unknown vectors related to "viewing system logs."
CVE-2008-6710
Avaya
4602sw_ip_phone, 9608, 9608_firmware, 9608g, 9608g_firmware, 9611g, 9611g_firmware, 9621g, 9621g_firmware, 9641g
2017-08-17
N/A
N/A
Unspecified vulnerability in the Web administration interface in Avaya Communication Manager 3.1.x before CM 3.1.4 SP2 and 4.0.x before 4.0.3 SP1 allows remote authenticated administrators to gain root privileges via unknown vectors related to "configuring data viewing or restoring credentials."
CVE-2008-6709
Avaya
4602sw_ip_phone, 9608, 9608_firmware, 9608g, 9608g_firmware, 9611g, 9611g_firmware, 9621g, 9621g_firmware, 9641g
2017-08-17
N/A
N/A
Unspecified vulnerability in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, allows remote authenticated users to execute arbitrary commands via unknown vectors related to configuration of "local data viewing or restoring parameters."
CVE-2008-6708
Avaya
4602sw_ip_phone, 9608, 9608_firmware, 9608g, 9608g_firmware, 9611g, 9611g_firmware, 9621g, 9621g_firmware, 9641g
2017-08-17
N/A
N/A
Unspecified vulnerability in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x and 4.x, allows remote authenticated administrators to gain root privileges via unknown vectors related to configuration of "data viewing or restoring parameters."
« Previous 1 … 59 60 61 62 63 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE