• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2008-6647
Ktools
Owl, Photostore
2017-09-29
N/A
N/A
SQL injection vulnerability in gallery.php in Ktools PhotoStore 3.4.3 allows remote attackers to execute arbitrary SQL commands via the gid parameter.
CVE-2008-6646
Coronamatrix
Phpaddressbook
2018-10-11
N/A
N/A
Cross-site scripting (XSS) vulnerability in index.php in CoronaMatrix phpAddressBook 2.0 allows remote attackers to inject arbitrary web script or HTML via the username parameter.
CVE-2008-6645
Opencosmo, Visualsentinel
Visualsentinel
2018-10-11
N/A
N/A
Cross-site scripting (XSS) vulnerability in Opencosmo VisualSentinel 0.7 allows remote attackers to inject arbitrary web script or HTML via the User-Agent header ($_SERVER ['HTTP_USER_AGENT']), which is not properly handled when displaying log files.
CVE-2008-6644
Dotnetnuke
Dotnetnuke_iframe
2018-10-11
N/A
N/A
Cross-site scripting (XSS) vulnerability in Default.aspx in DotNetNuke 4.8.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
CVE-2008-6643
Lokicms
2018-10-11
N/A
N/A
LokiCMS 0.3.4 and possibly earlier versions does not properly restrict access to administrative functions, which allows remote attackers to bypass intended restrictions and modify configuration settings via the LokiACTION parameter in a direct request to admin.php.
CVE-2008-6642
Dotcontent, Fluentcms
Fluentcms
2017-09-29
N/A
N/A
SQL injection vulnerability in view.php in DotContent FluentCMS 4.x allows remote attackers to execute arbitrary SQL commands via the sid parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-6641
Aspindir
Angelo-emlak, Aspee_ziyaretci_defteri, Ayco_okul_portali, Batmanportal, Dersimiz_haber_ekleme_modulu, Erolife_ajxgaleri_vt, Hazirsite, Husrevforum, Iltaweb_alisveris_sistemi, Kisisel_radyo_script
2017-09-29
N/A
N/A
Multiple SQL injection vulnerabilities in Shader TV (Beta) allow remote authenticated administrators to execute arbitrary SQL commands via the sid parameter to (1) kanal.asp, (2) google.asp, and (3) hakk.asp in yonet/; and allow remote attackers to execute arbitrary SQL commands via the (4) username or (5) password fields to yonet/default.asp.
CVE-2008-6640
Aspindir
Angelo-emlak, Aspee_ziyaretci_defteri, Ayco_okul_portali, Batmanportal, Dersimiz_haber_ekleme_modulu, Erolife_ajxgaleri_vt, Hazirsite, Husrevforum, Iltaweb_alisveris_sistemi, Kisisel_radyo_script
2017-08-17
N/A
N/A
Multiple SQL injection vulnerabilities in BatmanPorTaL allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) uyeadmin.asp and (2) profil.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-6639
Ajaxplorer
2017-08-17
N/A
N/A
Cross-site request forgery (CSRF) vulnerability in admin.php in AjaXplorer 2.3.3 and 2.3.4 allows remote attackers to hijack the authentication of administrators for requests that modify passwords via the update_user_pwd action.
CVE-2008-6638
Versalsoft
Http_file_upload_activex_control
2017-09-29
N/A
N/A
Insecure method vulnerability in the Versalsoft HTTP Image Uploader ActiveX control (UUploaderSvrD.dll 6.0.0.35) allows remote attackers to delete arbitrary files via the RemoveFileOrDir method.
« Previous 1 … 66 67 68 69 70 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE