• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2008-0391
Alilg, Alitalk
Aliboard, Alitalk
2017-09-29
N/A
N/A
inc/elementz.php in aliTalk 1.9.1.1 does not properly verify authentication, which allows remote attackers to add an arbitrary user account via a modified lilil parameter, in conjunction with the ubild and pa parameters.
CVE-2008-0390
2017-09-29
N/A
N/A
stat.php in AuraCMS 1.62, and Mod Block Statistik for AuraCMS, allows remote attackers to inject arbitrary PHP code into online.db.txt via the X-Forwarded-For HTTP header in a stat action to index.php, and execute online.db.txt via a certain request to index.php.
CVE-2008-0389
2017-08-08
N/A
N/A
Unspecified vulnerability in the serveServletsByClassnameEnabled feature in IBM WebSphere Application Server (WAS) 6.0 through 6.0.2.25, 6.1 through 6.1.0.14, and 5.1.1.x before 5.1.1.18 has unknown impact and attack vectors.
CVE-2008-0388
2017-09-29
N/A
N/A
SQL injection vulnerability in the WP-Forum 1.7.4 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the user parameter in a showprofile action to the default URI.
CVE-2008-0387
2018-10-26
N/A
N/A
Integer overflow in Firebird SQL 1.0.3 and earlier, 1.5.x before 1.5.6, 2.0.x before 2.0.4, and 2.1.x before 2.1.0 RC1 might allow remote attackers to execute arbitrary code via crafted (1) op_receive, (2) op_start, (3) op_start_and_receive, (4) op_send, (5) op_start_and_send, and (6) op_start_send_and_receive XDR requests, which triggers memory corruption.
CVE-2008-0386
2011-03-08
N/A
N/A
Xdg-utils 1.0.2 and earlier allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a URL argument to (1) xdg-open or (2) xdg-email.
CVE-2008-0385
2018-10-15
N/A
N/A
SQL injection vulnerability in server/widgetallocator.php in Urulu 2.1 allows remote attackers to execute arbitrary SQL commands via the connectionId parameter to index.php with (1) statprt/js/request or (2) dyn/js/request in the PATH_INFO.
CVE-2008-0384
2018-10-30
N/A
N/A
OpenBSD 4.2 allows local users to cause a denial of service (kernel panic) by calling the SIOCGIFRTLABEL IOCTL on an interface that does not have a route label, which triggers a NULL pointer dereference when the return value from the rtlabel_id2name function is not checked.
CVE-2008-0383
2018-10-15
N/A
N/A
Multiple SQL injection vulnerabilities in MyBB 1.2.10 and earlier allow remote moderators and administrators to execute arbitrary SQL commands via (1) the mergepost parameter in a do_mergeposts action, (2) rid parameter in an allreports action, or (3) threads parameter in a do_multimovethreads action to (a) moderation.php; or (4) gid parameter to (b) admin/usergroups.php.
CVE-2008-0382
2018-10-15
N/A
N/A
Multiple eval injection vulnerabilities in MyBB 1.2.10 and earlier allow remote attackers to execute arbitrary code via the sortby parameter to (1) forumdisplay.php or (2) a results action in search.php.
« Previous 1 … 679 680 681 682 683 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE