Export limit exceeded: 367161 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (367161 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-4458 | 1 E-php Scripts | 1 B2b Trading Marketplace Script | 2026-04-23 | N/A |
| SQL injection vulnerability in listings.php in E-Php B2B Trading Marketplace Script allows remote attackers to execute arbitrary SQL commands via the cid parameter in a product action. | ||||
| CVE-2008-4459 | 1 Extrovert Software | 1 Thyme | 2026-04-23 | N/A |
| SQL injection vulnerability in pick_users.php in the groups module in eXtrovert Thyme 1.3 allows remote attackers to execute arbitrary SQL commands via the uname_search parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-4461 | 1 Vastal I-tech | 1 Dating Zone | 2026-04-23 | N/A |
| SQL injection vulnerability in advanced_search_results.php in Vastal I-Tech Dating Zone, possibly 0.9.9, allows remote attackers to execute arbitrary SQL commands via the fage parameter. | ||||
| CVE-2008-4462 | 1 Vastal I-tech | 1 Visa Zone | 2026-04-23 | N/A |
| SQL injection vulnerability in view_news.php in Vastal I-Tech Visa Zone allows remote attackers to execute arbitrary SQL commands via the news_id parameter. | ||||
| CVE-2008-4463 | 1 Vastal I-tech | 1 Jobs Zone | 2026-04-23 | N/A |
| SQL injection vulnerability in view_news.php in Vastal I-Tech Jobs Zone allows remote attackers to execute arbitrary SQL commands via the news_id parameter. | ||||
| CVE-2008-4464 | 1 Vastal I-tech | 1 Mag Zone | 2026-04-23 | N/A |
| SQL injection vulnerability in view_mags.php in Vastal I-Tech Mag Zone allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | ||||
| CVE-2008-4465 | 1 Vastal I-tech | 1 Dvd Zone | 2026-04-23 | N/A |
| SQL injection vulnerability in view_mags.php in Vastal I-Tech DVD Zone allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | ||||
| CVE-2008-4466 | 1 Vastal I-tech | 1 Cosmetics Zone | 2026-04-23 | N/A |
| SQL injection vulnerability in view_products_cat.php in Vastal I-Tech Cosmetics Zone allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | ||||
| CVE-2008-4467 | 1 Vastal I-tech | 1 Toner Cart | 2026-04-23 | N/A |
| SQL injection vulnerability in show_series_ink.php in Vastal I-Tech Toner Cart allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-4468 | 1 Vastal I-tech | 1 Share Zone | 2026-04-23 | N/A |
| SQL injection vulnerability in view_news.php in Vastal I-Tech Share Zone allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-4469 | 1 Vastal I-tech | 1 Freelance Zone | 2026-04-23 | N/A |
| SQL injection vulnerability in view_cresume.php in Vastal I-Tech Freelance Zone allows remote attackers to execute arbitrary SQL commands via the coder_id parameter. | ||||
| CVE-2008-4470 | 1 Numark | 1 Cue | 2026-04-23 | N/A |
| Stack-based buffer overflow in Numark CUE 5.0 rev2 allows user-assisted attackers to cause a denial of service (application crash) or execute arbitrary code via an M3U playlist file that contains a long absolute pathname. | ||||
| CVE-2008-4471 | 1 Autodesk | 3 Design Review, Dwf Viewer, Revit Architecture | 2026-04-23 | N/A |
| Directory traversal vulnerability in the CExpressViewerControl class in the DWF Viewer ActiveX control (AdView.dll 9.0.0.96), as used in Revit Architecture 2009 SP2 and Autodesk Design Review 2009, allows remote attackers to overwrite arbitrary files via "..\" sequences in the argument to the SaveAS method. | ||||
| CVE-2008-4472 | 1 Autodesk | 3 Design Review, Dwf Viewer, Revit Architecture | 2026-04-23 | N/A |
| The UpdateEngine class in the LiveUpdate ActiveX control (LiveUpdate16.DLL 17.2.56), as used in Revit Architecture 2009 SP2 and Autodesk Design Review 2009, allows remote attackers to execute arbitrary programs via the second argument to the ApplyPatch method. | ||||
| CVE-2008-4473 | 2 Adobe, Microsoft | 2 Flash Player, Windows | 2026-04-23 | N/A |
| Multiple heap-based buffer overflows in Adobe Flash CS3 Professional on Windows and Flash MX 2004 allow remote attackers to execute arbitrary code via an SWF file containing long control parameters. | ||||
| CVE-2008-4474 | 1 Freeradius | 1 Freeradius | 2026-04-23 | N/A |
| freeradius-dialupadmin in freeradius 2.0.4 allows local users to overwrite arbitrary files via a symlink attack on temporary files in (1) backup_radacct, (2) clean_radacct, (3) monthly_tot_stats, (4) tot_stats, and (5) truncate_radacct. | ||||
| CVE-2008-4475 | 1 Gnu | 1 Ibackup | 2026-04-23 | N/A |
| ibackup 2.27 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | ||||
| CVE-2008-4476 | 1 Sympa | 1 Sympa | 2026-04-23 | N/A |
| sympa.pl in sympa 5.3.4 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/sympa_aliases.$$ temporary file. NOTE: wwsympa.fcgi was also reported, but the issue occurred in a dead function, so it is not a vulnerability. | ||||
| CVE-2008-4477 | 1 Jim Trocki | 1 Mon | 2026-04-23 | N/A |
| alert.d/test.alert in mon 0.99.2 allows local users to overwrite arbitrary files via a symlink attack on the test.alert.log temporary file. | ||||
| CVE-2008-4495 | 1 Select Development Solutions | 1 Php Auto Dealer | 2026-04-23 | N/A |
| SQL injection vulnerability in view_cat.php in PHP Auto Dealer 2.7 allows remote attackers to execute arbitrary SQL commands via the v_cat parameter. | ||||