Search Results (351250 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-6264 1 E-topbiz 1 Slide Popups 2026-04-23 N/A
SQL injection vulnerability in admin/admin.php in E-topbiz Slide Popups 1.0 allows remote attackers to execute arbitrary SQL commands via the password parameter.
CVE-2008-6265 1 Cyberfolio 1 Cyberfolio 2026-04-23 N/A
Directory traversal vulnerability in portfolio/css.php in Cyberfolio 7.12.2 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the theme parameter.
CVE-2008-6266 1 Appstate 1 Phpwebsite 2026-04-23 N/A
SQL injection vulnerability in links.php in Appalachian State University phpWebSite allows remote attackers to execute arbitrary SQL commands via the cid parameter in a viewlink action.
CVE-2008-6267 1 Sadi Samami 1 Multi Languages Webshop Online 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in detail.php in Multi Languages WebShop Online 1.02 allows remote attackers to inject arbitrary web script or HTML via the name parameter.
CVE-2008-6271 1 Tbmnet 1 Tbmnetcms 2026-04-23 N/A
Directory traversal vulnerability in index.php in TBmnetCMS 1.0, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the content parameter.
CVE-2008-6272 1 Miticdjd 1 Apoll 2026-04-23 N/A
SQL injection vulnerability in admin/index.php in Dragan Mitic Apoll 0.7 beta and 0.7.5 allows remote attackers to execute arbitrary SQL command via the pass parameter.
CVE-2008-6281 1 Bluocms 1 Bluo Cms 2026-04-23 N/A
SQL injection vulnerability in index.php in Bluo CMS 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-6282 1 Ortus.nirn 1 Cms Ortus 2026-04-23 N/A
SQL injection vulnerability in engine/users/users_edit_pub.inc in CMS Ortus 1.13 and earlier allows remote authenticated users to execute arbitrary SQL commands via the city parameter in a users_edit_pub action to index.php.
CVE-2008-6283 1 Subtextproject 1 Subtext 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in Subtext 2.0 allows remote attackers to inject arbitrary web script or HTML via a comment, related to "the feature which converts URLs to anchor tags."
CVE-2008-6293 1 Accscripts 1 Acc Real Estate 2026-04-23 N/A
admin/Index.php in Acc Real Estate 4.0 allows remote attackers to bypass authentication and gain administrative access by setting the username_cookie to "admin."
CVE-2008-6301 2 Phpbb, Prezmo 2 Phpbb, Small Shoutbox 2026-04-23 N/A
SQL injection vulnerability in shoutbox_view.php in the Small ShoutBox module 1.4 for phpBB allows remote attackers to execute arbitrary SQL commands via the id parameter in a delete action.
CVE-2008-6304 1 Xt-commerce 1 Xt-commerce 2026-04-23 N/A
SQL injection vulnerability in xt:Commerce before 3.0.4 Sp2.1, when magic_quotes_gpc is enabled and the SEO URLs are activated, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-6305 1 Freedirectoryscript 1 Free Directory Script 2026-04-23 N/A
PHP remote file inclusion vulnerability in init.php in Free Directory Script 1.1.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the API_HOME_DIR parameter.
CVE-2008-6334 1 Emetrix 1 Extract Website 2026-04-23 N/A
Directory traversal vulnerability in download.php in eMetrix Extract Website allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter.
CVE-2008-6310 1 W3matter 1 Revsense 2026-04-23 N/A
SQL injection vulnerability in index.php in W3matter RevSense 1.0 allows remote attackers to execute arbitrary SQL commands via the f[password] parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-6312 1 Manzovi 1 Proquiz 2026-04-23 N/A
SQL injection vulnerability in index.php in ProQuiz 1.0 allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVE-2008-6314 1 Phpbb 2 Phpbb, Tag Board 2026-04-23 N/A
SQL injection vulnerability in tag_board.php in the Tag Board module 4.0 and earlier for phpBB allows remote attackers to execute arbitrary SQL commands via the id parameter in a delete action.
CVE-2008-6320 1 Cfshopkart 1 Cf Shopkart 2026-04-23 N/A
SQL injection vulnerability in index.cfm in CF Shopkart 5.2.2 allows remote attackers to execute arbitrary SQL commands via the Category parameter in a ViewCategory action.
CVE-2008-6322 1 Cfmsource 1 Cfmblog 2026-04-23 N/A
SQL injection vulnerability in index.cfm in CFMSource CFMBlog allows remote attackers to execute arbitrary SQL commands via the categorynbr parameter.
CVE-2008-6323 1 Cfmsource 1 Cf Auction 2026-04-23 N/A
SQL injection vulnerability in forummessages.cfm in CFMSource CF_Auction allows remote attackers to execute arbitrary SQL commands via the categorynbr parameter.