• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2008-6657
Simple Machines
Opencart, Phpraider, Simple_machines_forum, Simple_machines_smf, Smf, Smf_shoutbox
2017-09-29
N/A
N/A
Cross-site request forgery (CSRF) vulnerability in index.php in Simple Machines Forum (SMF) 1.0 before 1.0.15 and 1.1 before 1.1.7 allows remote attackers to hijack the authentication of admins for requests that install packages via the package parameter in an install2 action.
CVE-2008-6656
Open Auto Classifieds, Openautoclassifieds
Open_auto_classifieds
2017-09-29
N/A
N/A
Multiple SQL injection vulnerabilities in Open Auto Classifieds 1.4.3b allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to listings.php and (2) the username field to login.php.
CVE-2008-6655
Comscripts
Annoncev, Cs-forum, Cs_guestbook, Gedcom_to_mysl, J-web_pics_navigator, News_evolution, Phpmyphorum, Phprog, Quick_classifieds, Web_server_creator
2017-08-17
N/A
N/A
Multiple cross-site scripting (XSS) vulnerabilities in GEDCOM_TO_MYSQL 2 allow remote attackers to inject arbitrary web script or HTML via the (1) nom_branche and (2) nom parameters to php/prenom.php; the (3) nom_branche parameter to php/index.php; and the (4) nom_branche, (5) nom, and (6) prenom parameters to php/info.php.
CVE-2008-6654
Infobiz Server, Structum
Infobiz_server
2017-08-17
N/A
N/A
Cross-site scripting (XSS) vulnerability in search_results.php in InfoBiz Server allows remote attackers to inject arbitrary web script or HTML via the keywords parameter.
CVE-2008-6653
Joomla, Mambo, Wh-com
Akobook, Be_it_easypartner_component, Bibtex, Bsq_sitestats, Car_manager, Classifieds_component, Colophon, Com_acajoom, Com_acctexp, Com_artistavenue, A6mambocredits_component, Anjel_component, Artlinks_component, Bayesiannaivefilter, Bigape-backup_component, Catalogshop_component, Com_comments, Com_comprofiler, Com_comprofiler_component, Com_detail, Com_webhosting
2017-09-29
N/A
N/A
SQL injection vulnerability in webhosting.php in the Webhosting Component (com_webhosting) module before 1.1 RC7 for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.
CVE-2008-6652
Insanevisions
Adapcms, Adaptbb, Adaptcms
2017-09-29
N/A
N/A
SQL injection vulnerability in asd.php in OneCMS 2.5 allows remote attackers to execute arbitrary SQL commands via the sitename parameter.
CVE-2008-6651
Oxybox, Oxyproject
Oxybox
2017-09-29
N/A
N/A
Static code injection vulnerability in edithistory.php in OxYProject OxYBox 0.85 allows remote attackers to inject arbitrary PHP code into oxyhistory.php via the oxymsg parameter.
CVE-2008-6650
Mywebland
Bloggie_lite, Minibloggie, Mybloggie, Myevent, Mystats
2017-09-29
N/A
N/A
del.php in miniBloggie 1.0 allows remote attackers to delete arbitrary posts via a direct request with a modified post_id parameter, a different vulnerability than CVE-2008-4628.
CVE-2008-6649
Ktools
Owl, Photostore
2017-09-29
N/A
N/A
SQL injection vulnerability in manager/image_details_editor.php in Ktools PhotoStore 2.5, 2.9.8, 3.1.0, and other versions through 3.5.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-6648
Ktools
Owl, Photostore
2017-09-29
N/A
N/A
SQL injection vulnerability in crumbs.php in Ktools PhotoStore 3.4.3 and 3.5.2 allows remote attackers to execute arbitrary SQL commands via the gid parameter to about_us.php. NOTE: this might be the same issue as CVE-2008-6647.
« Previous 1 … 65 66 67 68 69 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE