Search Results (351250 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-6185 1 Noticeware 1 Noticeware Email Server Ng 2026-04-23 N/A
NoticeWare Email Server NG 5.1.2.2 allows remote attackers to cause a denial of service (crash) via multiple POP3 requests with a long PASS command.
CVE-2008-6188 1 Gforge 1 Gforge 2026-04-23 N/A
SQL injection vulnerability in people/editprofile.php in Gforge 4.6 rc1 and earlier allows remote attackers to execute arbitrary SQL commands via the skill_edit[] parameter.
CVE-2008-6189 1 Gforge 1 Gforge 2026-04-23 N/A
SQL injection vulnerability in GForge 4.5.19 allows remote attackers to execute arbitrary SQL commands via the offset parameter to (1) new/index.php, (2) news/index.php, and (3) top/topusers.php, which is not properly handled in database-pgsql.php.
CVE-2008-6443 1 Phpkf 1 Phpkf 2026-04-23 N/A
SQL injection vulnerability in forum_duzen.php in phpKF allows remote attackers to execute arbitrary SQL commands via the fno parameter.
CVE-2008-6200 1 Wiki 1 Swiki 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Swiki 1.5 allow remote attackers to inject arbitrary web script or HTML via (1) the query string and (2) a new wiki entry.
CVE-2008-6201 1 Kwsphp 1 Kwsphp 2026-04-23 N/A
Directory traversal vulnerability in help.php in the eskuel module in KwsPHP 1.3.456, as available before 20080416, allows remote attackers to execute arbitrary commands via the action parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-6209 1 Vastal 1 Software Zone 2026-04-23 N/A
SQL injection vulnerability in view_product.php in Vastal I-Tech Software Zone allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
CVE-2008-6207 1 Phpg Upload 1 Phpg Upload 2026-04-23 N/A
Unrestricted file upload vulnerability in form_upload.php in PHPG Upload 1.0 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-6215 1 Bookingcentre 1 Booking System For Hotels Group 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in cadena_ofertas_ext.php in Venalsur Booking Centre Booking System for Hotels Group allows remote attackers to inject arbitrary web script or HTML via the OfertaID parameter.
CVE-2008-6216 1 Bookingcentre 1 Booking System For Hotels Group 2026-04-23 N/A
SQL injection vulnerability in cadena_ofertas_ext.php in Venalsur Booking Centre Booking System for Hotels Group allows remote attackers to execute arbitrary SQL commands via the OfertaID parameter.
CVE-2008-6228 1 Preproject 1 Pre Multi-vendor Shopping Malls 2026-04-23 N/A
Pre Multi-Vendor Shopping Malls allows remote attackers to bypass authentication and gain administrative access by setting the (1) adminname and the (2) adminid cookies to "admin".
CVE-2008-6231 1 Preprojects 1 Pre Classified Listings 2026-04-23 N/A
Pre Classified Listing PHP allows remote attackers to bypass authentication and gain administrative access by setting the (1) adminname and the (2) adminid cookies to "admin".
CVE-2008-6232 1 Preprojects 1 Pre Shopping Mall 2026-04-23 N/A
Pre Shopping Mall allows remote attackers to bypass authentication and gain administrative access by setting the (1) adminname and the (2) adminid cookies to "admin".
CVE-2008-6233 1 Fivedollarscripts 1 Drinks 2026-04-23 N/A
SQL injection vulnerability in index.php in Five Dollar Scripts Drinks script allows remote attackers to execute arbitrary SQL commands via the recid parameter.
CVE-2008-6244 1 Scripts-for-sites 1 Ez Gaming Cheats 2026-04-23 N/A
SQL injection vulnerability in view_reviews.php in Scripts for Sites (SFS) EZ Gaming Cheats allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-6245 1 Scripts-for-sites 1 Ez Biz Pro 2026-04-23 N/A
SQL injection vulnerability in track.php in Scripts For Sites (SFS) EZ BIZ PRO allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-6246 1 Scripts-for-sites 1 Ez Webring 2026-04-23 N/A
SQL injection vulnerability in category.php in Scripts For Sites (SFS) EZ Webring allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2008-6247 1 Scripts-for-sites 1 Ez Top Sites 2026-04-23 N/A
SQL injection vulnerability in topsite.php in Scripts For Sites (SFS) EZ Top Sites allows remote attackers to execute arbitrary SQL commands via the ts parameter.
CVE-2008-6254 1 Jadu 1 Jadu Galaxies 2026-04-23 N/A
SQL injection vulnerability in scripts/documents.php in Jadu Galaxies allows remote attackers to execute arbitrary SQL commands via the categoryID parameter.
CVE-2008-6257 1 Openasp 1 Openasp 2026-04-23 N/A
SQL injection vulnerability in default.asp in Openasp 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the idpage parameter in the pages module.