• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2008-6387
2017-09-29
N/A
N/A
Quick Tree View .NET 3.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to qtv.mdb.
CVE-2008-6386
2017-08-17
N/A
N/A
Cross-site scripting (XSS) vulnerability in showads.php in Z1Exchange 1.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
CVE-2008-6385
2017-08-17
N/A
N/A
Cross-site scripting (XSS) vulnerability in index.php in W3matter RevSense 1.0 allows remote attackers to inject arbitrary web script or HTML via the section parameter.
CVE-2008-6384
Comment Mail, Drupal
Acidfree, Activity, Aggregation_module, Ajax_checklist, Archive_module, Asin_field_module, Atom_module, Audio_module, Authenticated_user_page_caching, Avatar_uploader
2017-08-17
N/A
N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in Comment Mail 5.x before 5.x-1.1, a module for Drupal, allow remote attackers to hijack the authentication of administrators.
CVE-2008-6383
2017-08-17
N/A
N/A
SQL injection vulnerability in SpeedTech Organization and Resource Manager (Storm) 5.x before 5.x-1.14 and 6.x before 6.x-1.18, a module for Drupal, allows remote authenticated users with storm project access to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-6382
2017-09-29
N/A
N/A
ASP Portal 3.2.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to ASPPortal.mdb.
CVE-2008-6381
2017-09-29
N/A
N/A
SQL injection vulnerability in modules/adresses/viewcat.php in bcoos 1.0.13, and possibly earlier, allows remote authenticated users with Addresses module permissions to execute arbitrary SQL commands via the cid parameter.
CVE-2008-6380
Active Web Helpdesk, Activewebsoftwares
Active_auction_house, Active_bids, Active_business_directory, Active_ewebquiz, Active_force_matrix, Active_membership, Active_newsletter, Active_photo_gallery, Active_price_comparison, Active_test
2017-09-29
N/A
N/A
SQL injection vulnerability in default.aspx in Active Web Helpdesk 2.0 allows remote attackers to execute arbitrary SQL commands via the CategoryID parameter.
CVE-2008-6379
2017-09-29
N/A
N/A
SQL injection vulnerability in pics_pre.asp in Gallery MX 2.0.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter.
CVE-2008-6378
2017-09-29
N/A
N/A
SQL injection vulnerability in calendar_Eventupdate.asp in Calendar Mx Professional 2.0.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter.
« Previous 1 … 92 93 94 95 96 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE