Search Results (351250 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-4905 1 Typosphere 1 Typo 2026-04-23 7.5 High
Typo 5.1.3 and earlier uses a hard-coded salt for calculating password hashes, which makes it easier for attackers to guess passwords via a brute force attack.
CVE-2008-4954 1 Fumitoshi Ukai 1 Fml 2026-04-23 N/A
mead.pl in fml 4.0.3 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/debugbuf temporary file.
CVE-2008-4942 1 Audiolink 1 Audiolink 2026-04-23 N/A
audiolink in audiolink 0.05 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/audiolink.db.tmp and (2) /tmp/audiolink.tb.tmp temporary files.
CVE-2008-4923 1 Mw6 Technologies 1 Aztec Activex 2026-04-23 N/A
Multiple insecure method vulnerabilities in MW6 Technologies Aztec ActiveX control (AZTECLib.MW6Aztec, Aztec.dll) 3.0.0.1 allow remote attackers to overwrite arbitrary files via a full pathname argument to the (1) SaveAsBMP and (2) SaveAsWMF methods.
CVE-2008-4936 1 Gert Doering 1 Mgetty 2026-04-23 N/A
faxspool in mgetty 1.1.36 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/faxsp.##### temporary file.
CVE-2008-4940 1 Aptoncd 1 Aptoncd 2026-04-23 N/A
xmlfile.py in aptoncd 0.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/aptoncd temporary file.
CVE-2008-4941 1 Arb Project 1 Arb-common 2026-04-23 N/A
arb-common 0.0.20071207.1 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/arb_fdnaml_*, (b) /tmp/arb_pids_*, (c) /tmp/arbdsmz.html, and (d) /tmp/arbdsmz.htm temporary files, related to the (1) arb_fastdnaml and (2) dszmconnect.pl scripts.
CVE-2008-4947 1 Guus Sliepen 1 Dhis-server 2026-04-23 N/A
dhis-dummy-log-engine in dhis-server 5.3 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/dhis-dummy-log-engine.log temporary file.
CVE-2008-4948 1 Nostatic 1 Digitaldj 2026-04-23 N/A
fest.pl in digitaldj 0.7.5 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/ddj_fest.tmp temporary file.
CVE-2008-4960 1 Dov Grobgeld 1 Impose\+ 2026-04-23 N/A
impose in impose+ 0.2 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/*-tmp.ps and (2) /tmp/bboxx-* temporary files.
CVE-2008-4964 1 Krzysztof Kozlowski 1 Konwert 2026-04-23 N/A
filters/any-UTF8 in konwert 1.8 allows local users to delete arbitrary files via a symlink attack on a /tmp/any-##### temporary file.
CVE-2008-4074 1 Zanfi Solutions 1 Autodealers Cms Autonline 2026-04-23 N/A
SQL injection vulnerability in index.php in Zanfi Autodealers CMS AutOnline allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action.
CVE-2008-4073 1 Zanfi Solutions 1 Autodealers Cms Autonline 2026-04-23 N/A
SQL injection vulnerability in index.php in Zanfi Autodealers CMS AutOnline allows remote attackers to execute arbitrary SQL commands via the pageid parameter in a DBpAGE action.
CVE-2008-4072 1 Phsdev 1 Phsblog 2026-04-23 N/A
Multiple SQL injection vulnerabilities in index.php in phsBlog 0.2 allow remote attackers to execute arbitrary SQL commands via (1) the sid parameter in a pickup action or (2) the sql_cid parameter, different vectors than CVE-2008-3588.
CVE-2008-4075 1 Dino 1 D-iscussion Board 2026-04-23 N/A
Directory traversal vulnerability in index.php in D-iscussion Board 3.01 allows remote attackers to read arbitrary files via a .. (dot dot) in the topic parameter.
CVE-2008-4052 1 Hp 1 Openvms 2026-04-23 N/A
Stack-based buffer overflow in SMGSHR.EXE in OpenVMS for Integrity Servers 8.2-1, 8.3, and 8.3-1H1 and OpenVMS ALPHA 7.3-2, 8.2, and 8.3 allows local users to cause a denial of service (crash) or gain privileges via unspecified vectors.
CVE-2008-4040 1 Kyocera Mita 1 Fs 118mfp 2026-04-23 N/A
Directory traversal vulnerability in the Kyocera Command Center in Kyocera FS-118MFP allows remote attackers to read arbitrary files via a .. (dot dot) in the URI.
CVE-2008-3128 1 Pivot 1 Pivot 2026-04-23 N/A
Directory traversal vulnerability in search.php in Pivot 1.40.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the t parameter.
CVE-2008-3129 1 Catviz 1 Catviz 2026-04-23 N/A
Multiple SQL injection vulnerabilities in index.php in Catviz 0.4 beta 1 allow remote attackers to execute arbitrary SQL commands via the (1) foreign_key_value parameter in the news page and (2) webpage parameter in the webpage_multi_edit form.
CVE-2008-3131 1 Powie 1 Psys 2026-04-23 N/A
SQL injection vulnerability in chatbox.php in pSys 0.7.0 Alpha, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the showid parameter.