• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-20

CVE-2008-6826

February 26, 2023 by

dhtml.pl in MHF Media Pro allows remote attackers to execute arbitrary commands via shell metacharacters in the page parameter, as demonstrated using the (1) advert_top.htm or (2) advert_login.htm pages.

CVE-2008-6829

February 26, 2023 by

VicFTPS 5.0 allows remote attackers to cause a denial of service (crash) via a LIST command that starts with a “//” (forward slash, backward slash, forward slash). NOTE: this might be the same issue as CVE-2008-2031.

CVE-2008-6772

February 26, 2023 by

login/register_form.php in YourPlace 1.0.2 and earlier does not check that a username already exists when a new account is created, which allows remote attackers to bypass intended access restrictions by registering a new account with the username of a target user.

CVE-2008-6731

February 26, 2023 by

Unrestricted file upload vulnerability in submitlink.php in FlexPHPLink Pro 0.0.7 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the renamed file in linkphoto/.

CVE-2008-6742

February 26, 2023 by

Foxy P2P software allows remote attackers to cause a denial of service (memory consumption) via a foxy URI with a download action and a large fs value.

CVE-2008-6745

February 26, 2023 by

index.php in BlogPHP 2.0 allows remote attackers to gain administrator privileges via a crafted email parameter in a register2 action.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 6
  • Go to page 7
  • Go to page 8
  • Go to page 9
  • Go to page 10
  • Interim pages omitted …
  • Go to page 681
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE