• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2008-0816
2018-10-15
N/A
N/A
SQL injection vulnerability in the com_sg component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the pid parameter in an order task.
CVE-2008-0815
2018-10-15
N/A
N/A
SQL injection vulnerability in the com_mezun component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit task.
CVE-2008-0814
2017-09-29
N/A
N/A
Directory traversal vulnerability in download.php in Tracking Requirements & Use Cases (TRUC) 0.11.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the upload_filename parameter.
CVE-2008-0813
2017-09-29
N/A
N/A
Directory traversal vulnerability in Download.php in XPWeb 3.0.1, 3.3.2, and possibly other versions, allows remote attackers to read arbitrary files via a .. (dot dot) in the url parameter.
CVE-2008-0812
2018-10-15
N/A
N/A
Directory traversal vulnerability in DMS/index.php in BanPro DMS 1.0 allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the action parameter.
CVE-2008-0811
2017-09-29
N/A
N/A
Multiple SQL injection vulnerabilities in AuraCMS 1.62 allow remote attackers to execute arbitrary SQL commands via (1) the kid parameter to (a) mod/dl.php or (b) mod/links.php, and (2) the query parameter to search.php.
CVE-2008-0810
2018-10-15
N/A
N/A
SQL injection vulnerability in the com_scheduling module for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-0809
2008-09-05
N/A
N/A
Cross-site scripting (XSS) vulnerability in the htmlscrubber in Ikiwiki before 1.1.46 allows remote attackers to inject arbitrary web script or HTML via title contents.
CVE-2008-0808
2008-09-05
N/A
N/A
Cross-site scripting (XSS) vulnerability in the meta plugin in Ikiwiki before 1.1.47 allows remote attackers to inject arbitrary web script or HTML via meta tags.
CVE-2008-0807
2011-03-08
N/A
N/A
lib/Driver/sql.php in Turba 2 (turba2) Contact Manager H3 2.1.x before 2.1.7 and 2.2.x before 2.2-RC3, as used in products such as Horde Groupware before 1.0.4 and Horde Groupware Webmail Edition before 1.0.5, does not properly check access rights, which allows remote authenticated users to modify address data via a modified object_id parameter to edit.php, as demonstrated by modifying a personal address book entry when there is write access to a shared address book.
« Previous 1 … 637 638 639 640 641 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE