Search Results (363680 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-5775 1 Apertoblog 1 Apertoblog 2026-04-23 N/A
SQL injection vulnerability in categories.php in Aperto Blog 0.1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-0015 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Unspecified vulnerability in fseventsd in the FSEvents framework in Apple Mac OS X 10.5.6 allows local users to obtain sensitive information (filesystem activities and directory names) via unknown vectors related to "credential management."
CVE-2008-3033 1 Rss Aggregator 1 Rss Aggregator 2026-04-23 N/A
RSS-aggregator 1.0 does not require administrative authentication for the admin/fonctions/ directory, which allows remote attackers to access admin functions and have unspecified other impact, as demonstrated by (1) an IdFlux request to supprimer_flux.php and (2) a TpsRafraich request to modifier_tps_rafraich.php.
CVE-2008-5777 1 Cadenix 1 Cadenix 2026-04-23 N/A
SQL injection vulnerability in index.php in CadeNix allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2008-3034 1 Rss Aggregator 1 Rss Aggregator 2026-04-23 N/A
Multiple SQL injection vulnerabilities in RSS-aggregator 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) IdFlux parameter to admin/fonctions/supprimer_flux.php and the (2) IdTag parameter to admin/fonctions/supprimer_tag.php.
CVE-2008-3035 1 Xchangeboard 1 Xchangeboard 2026-04-23 N/A
SQL injection vulnerability in newThread.php in XchangeBoard 1.70 Final and earlier allows remote authenticated users to execute arbitrary SQL commands via the boardID parameter.
CVE-2008-3036 1 Cms Little 1 Cms Little 2026-04-23 N/A
Directory traversal vulnerability in index.php in CMS little 0.0.1 allows remote attackers to include and execute arbitrary local files, and probably remote files, via a .. (dot dot) in the template parameter.
CVE-2008-5783 1 V3chat 1 V3 Chat Live Support 2026-04-23 N/A
admin/index.php in V3 Chat Live Support 3.0.4 allows remote attackers to bypass authentication and gain administrative access by setting the admin cookie to 1.
CVE-2008-3040 1 Typo3 1 Dam Frontend Extension 2026-04-23 N/A
Unspecified vulnerability in the DAM Frontend (dam_frontend) extension 0.1.0 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown vectors.
CVE-2008-5785 1 V3chat 1 V3 Chat Profiles Dating Script 2026-04-23 N/A
SQL injection vulnerability in V3 Chat - Profiles/Dating Script 3.0.2 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields.
CVE-2008-3041 1 Typo3 1 Dam Frontend Extension 2026-04-23 N/A
Unspecified vulnerability in the DAM Frontend (dam_frontend) extension 0.1.0 and earlier for TYPO3 has unknown impact and attack vectors related to "broken access control."
CVE-2008-3042 1 Typo3 1 Dam Frontend Extension 2026-04-23 N/A
Unspecified vulnerability in the DAM Frontend (dam_frontend) extension 0.1.0 and earlier for TYPO3 has unknown impact and attack vectors related to "Improper Error Handling."
CVE-2008-3043 1 Typo3 1 Wec Discussion Forum 2026-04-23 N/A
Unspecified vulnerability in the WEC Discussion Forum (wec_discussion) extension 1.6.2 and earlier for TYPO3 allows attackers to execute arbitrary code via vectors related to "certain file types."
CVE-2008-5786 1 Infrae 2 Silva, Silva Find 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the Silva Find extension 1.1.5 and earlier in Silva 1.x before 1.6.3.2, Silva 2.0 before 2.0.12.2, and Silva 2.1 before 2.1.0.2 allows remote attackers to inject arbitrary web script or HTML via the fulltext parameter.
CVE-2008-3044 1 Typo3 1 News Calendar Extension 2026-04-23 N/A
SQL injection vulnerability in the News Calendar (newscalendar) extension 1.0.7 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-3045 1 Typo3 1 Industry Database 2026-04-23 N/A
Unspecified vulnerability in the Industry Database (aka Branchendatenbank pro_industrydb) extension 1.0.0 and earlier for TYPO3 has unknown impact and attack vectors related to "Insufficient Verification of Data Authenticity."
CVE-2008-3047 1 Typo3 1 Kb Unpack Extension 2026-04-23 N/A
Incomplete blacklist vulnerability in the KB Unpack (kb_unpack) extension 0.1.0 and earlier for TYPO3 has unknown impact and attack vectors.
CVE-2008-3050 1 Typo3 1 Pdf Generator 2 Extension 2026-04-23 N/A
Unspecified vulnerability in the PDF Generator 2 (pdf_generator2) extension 0.5.0 and earlier for TYPO3 allows attackers to cause a denial of service via unspecified vectors.
CVE-2008-3054 1 Typo3 1 Branchenbuch Extension 2026-04-23 N/A
SQL injection vulnerability in the Branchenbuch (aka Yellow Pages o (mh_branchenbuch) extension 0.8.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-5787 2 Arabportal, Microsoft 2 Arab Portal, Windows 2026-04-23 N/A
Directory traversal vulnerability in mod.php in Arab Portal 2.1 on Windows allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, in conjunction with a show action.