Search Results (351250 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-2048 1 Aspindir 1 Angelo-emlak 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in hpz/admin/Default.asp in Angelo-Emlak 1.0 allows remote attackers to inject arbitrary web script or HTML via the sayfa parameter.
CVE-2008-2049 1 E-post Corporation 1 Mail Server 2026-04-23 N/A
The POP3 server (EPSTPOP3S.EXE) 4.22 in E-Post Mail Server 4.10 allows remote attackers to obtain sensitive information via multiple crafted APOP commands for a known POP3 account, which displays the password in a POP3 error message.
CVE-2008-2058 1 Cisco 2 Adaptive Security Appliance Software, Pix Security Appliance 2026-04-23 N/A
Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(3)2 and 8.0.x before 8.0(2)17 allows remote attackers to cause a denial of service (device reload) via a port scan against TCP port 443 on the device.
CVE-2008-2059 1 Cisco 2 Adaptive Security Appliance Software, Pix Security Appliance 2026-04-23 N/A
Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 8.0.x before 8.0(3)9 allows remote attackers to bypass control-plane ACLs for the device via unknown vectors.
CVE-2008-2060 1 Cisco 1 Intrusion Prevention System 2026-04-23 N/A
Unspecified vulnerability in Cisco Intrusion Prevention System (IPS) 5.x before 5.1(8)E2 and 6.x before 6.0(5)E2, when inline mode and jumbo Ethernet support are enabled, allows remote attackers to cause a denial of service (panic), and possibly bypass intended restrictions on network traffic, via a "specific series of jumbo Ethernet frames."
CVE-2008-2061 1 Cisco 1 Unified Communications Manager 2026-04-23 N/A
The Computer Telephony Integration (CTI) Manager service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3c) and 6.x before 6.1(2) allows remote attackers to cause a denial of service (TSP crash) via malformed network traffic to TCP port 2748.
CVE-2008-2057 1 Cisco 2 Adaptive Security Appliance Software, Pix Security Appliance 2026-04-23 N/A
The Instant Messenger (IM) inspection engine in Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(4), 8.0.x before 8.0(3)10, and 8.1.x before 8.1(1)2 allows remote attackers to cause a denial of service via a crafted packet.
CVE-2008-2067 1 Minibb 1 Minibb 2026-04-23 N/A
SQL injection vulnerability in bb_admin.php in miniBB 2.2a allows remote attackers to execute arbitrary SQL commands via the whatus parameter in a searchusers2 action. NOTE: it was later reported that other versions before 3.0.1 are also vulnerable.
CVE-2008-2076 1 Actualscripts 1 Actualanalyzer Lite 2026-04-23 N/A
Directory traversal vulnerability in admin.php in ActualScripts ActualAnalyzer Lite 2.78 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the style parameter.
CVE-2008-2077 1 Plain Black 1 Webgui 2026-04-23 N/A
Unspecified vulnerability in Plain Black WebGUI 7.4.34 has unknown impact and attack vectors related to "data form list view."
CVE-2008-2078 1 Robocode 1 Robocode 2026-04-23 N/A
Robocode before 1.6.0 allows user-assisted remote attackers to "access the internals of the Robocode game" via unspecified vectors related to the AWT Event Queue.
CVE-2008-2082 1 Siteman 1 Siteman 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.php in Siteman 2.0.x2 allows remote attackers to inject arbitrary web script or HTML via the module parameter, which leaks the path in an error message.
CVE-2008-2083 1 Prozilla 1 Hosting Index 2026-04-23 N/A
SQL injection vulnerability in directory.php in Prozilla Hosting Index, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action.
CVE-2008-2084 2 Myarticles, Runcms 2 Myarticles, Myarticles Module 2026-04-23 N/A
SQL injection vulnerability in topics.php in the MyArticles 0.6 beta-1 module for RunCMS allows remote attackers to execute arbitrary SQL commands via the topic_id parameter in a listarticles action.
CVE-2008-2094 1 Xoops 1 Article Module 2026-04-23 N/A
SQL injection vulnerability in article.php in the Article module for XOOPS allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-2095 3 Joomla, Mambo, Page-flip-tools 3 Com Flippingbook, Com Flippingbook, Flipping Book 2026-04-23 N/A
SQL injection vulnerability in index.php in the FlippingBook (com_flippingbook) 1.0.4 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the book_id parameter.
CVE-2008-2096 1 Backlinkspider 1 Backlink Spider 2026-04-23 N/A
SQL injection vulnerability in BackLinkSpider allows remote attackers to execute arbitrary SQL commands via the cat_id parameter to a site-specific component name such as link.php or backlinkspider.php.
CVE-2008-2116 1 Scriptsez 1 Power Editor 2026-04-23 N/A
Multiple directory traversal vulnerabilities in editor.php in ScriptsEZ.net Power Editor 2.0 allow remote attackers to read arbitrary local files via a .. (dot dot) in the (1) te and (2) dir parameters in a tempedit action.
CVE-2008-2100 1 Vmware 8 Ace, Esx, Esx Server and 5 more 2026-04-23 N/A
Multiple buffer overflows in VIX API 1.1.x before 1.1.4 build 93057 on VMware Workstation 5.x and 6.x, VMware Player 1.x and 2.x, VMware ACE 2.x, VMware Server 1.x, VMware Fusion 1.x, VMware ESXi 3.5, and VMware ESX 3.0.1 through 3.5 allow guest OS users to execute arbitrary code on the host OS via unspecified vectors.
CVE-2008-2104 1 Mozilla 1 Bugzilla 2026-04-23 N/A
The WebService in Bugzilla 3.1.3 allows remote authenticated users without canconfirm privileges to create NEW or ASSIGNED bug entries via a request to the XML-RPC interface, which bypasses the canconfirm check.