• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-287

CVE-2008-5721

February 26, 2023 by

SapporoWorks BlackJumboDog (BJD) before 4.2.3 allows remote attackers to bypass authentication and obtain sensitive information via unspecified vectors.

CVE-2008-5686

February 26, 2023 by

IBM Tivoli Provisioning Manager (TPM) before 5.1.1.1 IF0006, when its LDAP service is shared with other applications, does not require that an LDAP user be listed in the TPM user records, which allows remote authenticated users to execute SOAP commands that access arbitrary TPM functionality, as demonstrated by running provisioning workflows.

CVE-2008-5692

February 26, 2023 by

Ipswitch WS_FTP Server Manager before 6.1.1, and possibly other Ipswitch products, allows remote attackers to bypass authentication and read logs via a logLogout action to FTPLogServer/login.asp followed by a request to FTPLogServer/LogViewer.asp with the localhostnull account name.

CVE-2008-5708

February 26, 2023 by

redirect.php in SlimCMS 1.0.0 does not require authentication, which allows remote attackers to create administrative users by using the newusername and newpassword parameters and setting the newisadmin parameter to 1.

CVE-2008-5575

February 26, 2023 by

Session fixation vulnerability in Pro Clan Manager 0.4.2 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.

CVE-2008-5576

February 26, 2023 by

admin/forums.php in sCssBoard 1.0, 1.1, 1.11, and 1.12 allows remote attackers to bypass authentication and gain administrative access via a large value of the current_user[users_level] parameter.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 12
  • Go to page 13
  • Go to page 14
  • Go to page 15
  • Go to page 16
  • Interim pages omitted …
  • Go to page 289
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE