Search Results (351250 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-3763 1 Turnkeywebtools 1 Php Live Helper 2026-04-23 N/A
Variable overwrite vulnerability in libsecure.php in Turnkey PHP Live Helper 2.0.1 and earlier, when register_globals is enabled, allows remote attackers to overwrite arbitrary variables related to the db config file. NOTE: this can be leveraged for code injection by overwriting the language file.
CVE-2008-3764 1 Turnkeywebtools 1 Php Live Helper 2026-04-23 N/A
Eval injection vulnerability in globalsoff.php in Turnkey PHP Live Helper 2.0.1 and earlier allows remote attackers to execute arbitrary PHP code via the test parameter, and probably arbitrary parameters, to chat.php.
CVE-2008-3765 1 Discountedscripts 1 Quick Poll Script 2026-04-23 N/A
SQL injection vulnerability in code.php in Quick Poll Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-3771 1 Pars4u 1 Videosharing 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in members.php in Pars4u Videosharing 1 allows remote attackers to inject arbitrary web script or HTML via the PageNo parameter.
CVE-2008-3769 1 Openfreeway 1 Freeway 2026-04-23 N/A
PHP remote file inclusion vulnerability in admin/create_order_new.php in Freeway 1.4.1.171, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the include_page parameter.
CVE-2008-3772 1 Pars4u 1 Videosharing 2026-04-23 N/A
SQL injection vulnerability in categories_portal.php in Pars4u Videosharing 1 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
CVE-2008-3774 1 Simasy 1 Simasy Cms 2026-04-23 N/A
SQL injection vulnerability in index.php in Simasy CMS allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-3776 1 Fujitsu 1 Web Based Admin View 2026-04-23 N/A
Directory traversal vulnerability in Fujitsu Web-Based Admin View 2.1.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI.
CVE-2008-3802 1 Cisco 1 Ios 2026-04-23 N/A
Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4, when VoIP is configured, allows remote attackers to cause a denial of service (device reload) via unspecified valid SIP messages, aka Cisco bug ID CSCsk42759, a different vulnerability than CVE-2008-3800 and CVE-2008-3801.
CVE-2008-3808 1 Cisco 1 Ios 2026-04-23 N/A
Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted Protocol Independent Multicast (PIM) packet.
CVE-2008-3809 1 Cisco 1 Ios 2026-04-23 N/A
Cisco IOS 12.0 through 12.4 on Gigabit Switch Router (GSR) devices (aka 12000 Series routers) allows remote attackers to cause a denial of service (device crash) via a malformed Protocol Independent Multicast (PIM) packet.
CVE-2008-3810 1 Cisco 1 Ios 2026-04-23 N/A
Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) Fragmentation Support is enabled, allows remote attackers to cause a denial of service (device reload) via segmented SCCP messages, aka CSCsg22426, a different vulnerability than CVE-2008-3811.
CVE-2008-3812 1 Cisco 1 Ios 2026-04-23 N/A
Cisco IOS 12.4, when IOS firewall Application Inspection Control (AIC) with HTTP Deep Packet Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed HTTP transit packet.
CVE-2008-3813 1 Cisco 1 Ios 2026-04-23 N/A
Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when the L2TP mgmt daemon process is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted L2TP packet.
CVE-2008-3820 1 Cisco 1 Security Manager 2026-04-23 N/A
Cisco Security Manager 3.1 and 3.2 before 3.2.2, when Cisco IPS Event Viewer (IEV) is used, exposes TCP ports used by the MySQL daemon and IEV server, which allows remote attackers to obtain "root access" to IEV via unspecified use of TCP sessions to these ports.
CVE-2008-3829 2 Condor Project, Redhat 2 Condor, Enterprise Mrg 2026-04-23 N/A
Unspecified vulnerability in the condor_ schedd daemon in Condor before 7.0.5 allows attackers to cause a denial of service (crash) via unknown vectors.
CVE-2008-3830 2 Condor Project, Redhat 2 Condor, Enterprise Mrg 2026-04-23 N/A
Condor before 7.0.5 does not properly handle when the configuration specifies overlapping netmasks in allow or deny rules, which causes the rule to be ignored and allows attackers to bypass intended access restrictions.
CVE-2008-3846 1 Aquagardensoft 1 Mysql-lists 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in mysql-lists 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-3828 2 Condor Project, Redhat 2 Condor, Enterprise Mrg 2026-04-23 N/A
Stack-based buffer overflow in the condor_ schedd daemon in Condor before 7.0.5 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.
CVE-2008-3840 1 Craftysyntax 1 Crafty Syntax Live Help 2026-04-23 N/A
Crafty Syntax Live Help (CSLH) 2.14.6 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.