• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2008-6597
2009-04-06
N/A
N/A
Cross-site scripting (XSS) vulnerability in upload/install/index.php in PHCDownload 1.1 allows remote attackers to inject arbitrary web script or HTML via the step parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-6596
2009-04-06
N/A
N/A
SQL injection vulnerability in admin/index.php in PHCDownload 1.1 allows remote attackers to execute arbitrary SQL commands via the hash parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-6595
2017-08-17
N/A
N/A
SQL injection vulnerability in the pmk_rssnewsexport extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-6594
2019-03-12
N/A
N/A
SQL injection vulnerability in the cm_rdfexport extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-6593
2018-10-11
N/A
N/A
SQL injection vulnerability in LightNEasy/lightneasy.php in LightNEasy SQLite 1.2.2 and earlier allows remote attackers to inject arbitrary PHP code into comments.dat via the dlid parameter to index.php.
CVE-2008-6592
2018-10-11
N/A
N/A
thumbsup.php in Thumbs-Up 1.12, as used in LightNEasy "no database" (aka flat) and SQLite 1.2.2 and earlier, allows remote attackers to copy, rename, and read arbitrary files via directory traversal sequences in the image parameter with a modified cache_dir parameter containing a %00 (encoded null byte).
CVE-2008-6591
2018-10-11
N/A
N/A
LightNEasy "no database" (aka flat) version 1.2.2, and possibly SQLite version 1.2.2, allows remote attackers to create arbitrary files via the page parameter to (1) index.php and (2) LightNEasy.php.
CVE-2008-6590
2018-10-11
N/A
N/A
Multiple directory traversal vulnerabilities in LightNEasy "no database" (aka flat) version 1.2.2, and possibly SQLite version 1.2.2, allow remote attackers to read arbitrary files via a .. (dot dot) in the page parameter to (1) index.php and (2) LightNEasy.php.
CVE-2008-6589
2018-10-11
N/A
N/A
Multiple cross-site scripting (XSS) vulnerabilities in LightNEasy "no database" (aka flat) version 1.2.2, and possibly SQLite version 1.2.2, allow remote attackers to inject arbitrary web script or HTML via the page parameter to (1) index.php and (2) LightNEasy.php.
CVE-2008-6588
2017-08-17
N/A
N/A
Aztech ADSL2/2+ 4-port router has a default "isp" account with a default "isp" password, which allows remote attackers to obtain access if this default is not changed.
« Previous 1 … 71 72 73 74 75 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE