• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2008-6637
Libraryvideocompany
Safari_montage
2017-08-17
N/A
N/A
Multiple cross-site scripting (XSS) vulnerabilities in forgotPW.php in Library Video Company SAFARI Montage 3.1.x allow remote attackers to inject arbitrary web script or HTML via the (1) school and (2) email parameters.
CVE-2008-6636
Geody
Dagger
2017-09-29
N/A
N/A
PHP remote file inclusion vulnerability in skins/default.php in Geody Labs Dagger - The Cutting Edge r12feb2008, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the dir_edge_skins parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-6635
Geody
Dagger
2017-09-29
N/A
N/A
PHP remote file inclusion vulnerability in skins/default.php in Geody Labs Dagger - The Cutting Edge r12feb2008, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the dir_inc parameter.
CVE-2008-6634
Beaussier
Roomphplanning
2017-09-29
N/A
N/A
SQL injection vulnerability in RoomPHPlanning 1.5 allows remote attackers to execute arbitrary SQL commands via the idroom parameter to weekview.php.
CVE-2008-6633
Beaussier
Roomphplanning
2017-09-29
N/A
N/A
SQL injection vulnerability in RoomPHPlanning 1.5 allows remote attackers to execute arbitrary SQL commands via the idresa parameter to resaopen.php.
CVE-2008-6632
Mercuryboard
Mercuryboard_message_board
2017-09-29
N/A
N/A
SQL injection vulnerability in func/login.php in MercuryBoard 1.1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header ($_SERVER['HTTP_USER_AGENT']).
CVE-2008-6631
Blogphp
2017-08-17
N/A
N/A
Multiple cross-site scripting (XSS) vulnerabilities in index.php in BlogPHP 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) user parameter in a sendmessage action and the (2) username parameter when registering a new user, different vectors than CVE-2008-0679.
CVE-2008-6630
Typo3
Address_directory, Advcalendar_extension, Aeurltool, Aimeos, Air_filemanager, Another_backend_login, Autobeuser, Bb_simplejobs, Beuserswitch, Brainstorming
2017-08-17
N/A
N/A
Directory traversal vulnerability in the wt_gallery extension 2.5.0 and earlier for TYPO3 allows remote attackers to read arbitrary image files and determine directory structure via unspecified vectors.
CVE-2008-6629
Webbdomain
Petition, Polls, Post_card, Quiz, Webshop, Webshop_online
2017-09-29
N/A
N/A
Cross-site scripting (XSS) vulnerability in detail.php in WEBBDOMAIN Multi Languages WebShop Online 1.02 allows remote attackers to inject arbitrary web script or HTML via the name parameter.
CVE-2008-6628
2009-05-15
N/A
N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-6268. Reason: This candidate is a duplicate of CVE-2008-6268. Notes: All CVE users should reference CVE-2008-6268 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
« Previous 1 … 67 68 69 70 71 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE