• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-287

CVE-2008-5022

February 26, 2023 by

The nsXMLHttpRequest::NotifyEventListeners method in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the same-origin policy and execute arbitrary script via multiple listeners, which bypass the inner window check.

CVE-2008-4783

February 26, 2023 by

tlAds 1.0 allows remote attackers to bypass authentication and gain administrative access by setting the tlAds_login cookie to “admin.”

CVE-2008-4784

February 26, 2023 by

aflog 1.01 allows remote attackers to bypass authentication and gain administrative access by setting the aflog_auth_a cookie to “A” or “O” in (1) edit_delete.php, (2) edit_cat.php, (3) edit_lock.php, and (4) edit_form.php.

CVE-2008-4708

February 26, 2023 by

BbZL.PhP 0.92 allows remote attackers to bypass authentication and gain administrative access by setting the phorum_admin_session cookie to 1.

CVE-2008-4714

February 26, 2023 by

Atomic Photo Album 1.1.0 pre4 does not properly handle the apa_cookie_login and apa_cookie_password cookies, which probably allows remote attackers to bypass authentication and gain administrative access via modified cookies.

CVE-2008-4721

February 26, 2023 by

PHP Jabbers Post Comment 3.0 allows remote attackers to bypass authentication and gain administrative access by setting the PostCommentsAdmin cookie to “logged.”

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 15
  • Go to page 16
  • Go to page 17
  • Go to page 18
  • Go to page 19
  • Interim pages omitted …
  • Go to page 289
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE