• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2008-6607
Matpo
Matpo_link
2017-09-29
N/A
N/A
Cross-site scripting (XSS) vulnerability in view.php in MatPo Link 1.2 Beta allows remote attackers to inject arbitrary web script or HTML via the thema parameter.
CVE-2008-6606
Matpo
Matpo_link
2017-09-29
N/A
N/A
SQL injection vulnerability in view.php in MatPo Link 1.2 Beta allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-6605
2700hg, 2wire
1700hg, 1701hg, 1701hg_router, 1800hw, 1800hw_router, 2071, 2071hg, 2071_router, 2700hg, 2701hg-t
2017-09-29
N/A
N/A
Cross-site request forgery (CSRF) vulnerability in the xslt script in the web-based management interface on the 2wire 1701HG, 1800HW, 2071HG, and 2700HG with firmware 3.17.5, 3.7.1, 4.25.19, or 5.29.51 allows remote attackers to hijack the intranet connectivity of arbitrary users for requests that cause a denial of service (network outage) via a page parameter with a % (percent) character followed by a non-alphanumeric character.
CVE-2008-6604
Picoflat
Picoflat_cms
2017-09-29
N/A
N/A
Directory traversal vulnerability in index.php in PicoFlat CMS 0.5.9 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pagina parameter, a different vulnerability than CVE-2007-5390.
CVE-2008-6603
Moinmo
Moinmoin
2017-08-17
N/A
N/A
MoinMoin 1.6.2 and 1.7 does not properly enforce ACL checks when acl_hierarchic is set to True, which might allow remote attackers to bypass intended access restrictions, a different vulnerability than CVE-2008-1937.
CVE-2008-6602
Stadtaus
Download_center_lite, Form_mail_script, Guestbook_script, Tell_a_friend_script
2017-08-17
N/A
N/A
Unspecified vulnerability in Download Center Lite before 2.1 has unknown impact and attack vectors related to "A minor security fix."
CVE-2008-6601
Epona
2017-08-17
N/A
N/A
Unspecified vulnerability in Epona 1.5rc3 allows remote attackers to obtain the real IP address of users via unknown vectors.
CVE-2008-6600
Xmlportal
2009-04-06
N/A
N/A
Cross-site scripting (XSS) vulnerability in the search feature in XMLPortal 3.0 allows remote attackers to inject arbitrary web script or HTML via the query parameter.
CVE-2008-6599
Jath Pala
Cookiecheck
2017-08-17
N/A
N/A
cookiecheck.php in CookieCheck 1.0 stores tmp/cc_sessions under the web root with insufficient access control, which allows remote attackers to obtain session data via a direct request related to the "default session save path."
CVE-2008-6598
Sangoma
Session_border_controller_firmware, Session_border_controller, Restapps, Freepbx, Asterisk, Certified_asterisk, Freepbx_linux_7, Netborder/vega_session, Netborder/vega_session_firmware, Pbxact
2017-08-17
N/A
N/A
Multiple race conditions in WANPIPE before 3.3.6 have unknown impact and attack vectors related to "bri restart logic."
« Previous 1 … 70 71 72 73 74 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE