Search Results (351250 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-1855 1 Mcafee 1 Cma 2026-04-23 N/A
FrameworkService.exe in McAfee Common Management Agent (CMA) 3.6.0.574 Patch 3 and earlier, as used by ePolicy Orchestrator (ePO) and ProtectionPilot (PrP), allows remote attackers to corrupt memory and cause a denial of service (CMA Framework service crash) via a long invalid method in requests for the /spin//AVClient//AVClient.csp URI, a different vulnerability than CVE-2006-5274.
CVE-2008-1858 1 724cms 1 724cms 2026-04-23 N/A
SQL injection vulnerability in index.php in 724Networks 724CMS 4.01 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter.
CVE-2008-1867 1 Pixel Motion 1 Pixel Motion Blog 2026-04-23 N/A
SQL injection vulnerability in Blog Pixel Motion (aka Blog PixelMotion) allows remote attackers to execute arbitrary SQL commands via the categorie parameter to index.php, possibly related to include/requetesIndex.php.
CVE-2008-1869 1 Site Sift Media 1 Site Sift Listings 2026-04-23 N/A
SQL injection vulnerability in Site Sift Listings allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. NOTE: this issue might be site-specific.
CVE-2008-1870 1 Geek247 1 Pigmy-sql 2026-04-23 N/A
SQL injection vulnerability in getdata.php in PIGMy-SQL 1.4.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-1871 1 Scriptsagent 1 Links Directory 2026-04-23 N/A
SQL injection vulnerability in links.php in Scriptsagent.com Links Directory 1.1 allows remote authenticated users to execute arbitrary SQL commands via the cat_id parameter in a list action.
CVE-2008-2189 1 Anserv 1 Auction Xl 2026-04-23 N/A
SQL injection vulnerability in viewfaqs.php in AnServ Auction XL allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2008-1886 1 Cdnetworks 1 Download Client 2026-04-23 N/A
The NeffyLauncher 1.0.5 ActiveX control (NeffyLauncher.dll) in CDNetworks Nefficient Download uses weak cryptography for a KeyCode that blocks unauthorized use of the control, which allows remote attackers to bypass this protection mechanism by calculating the required KeyCode. NOTE: this can be used by arbitrary web sites to host exploit code that targets this control.
CVE-2008-1888 1 Microsoft 1 Sharepoint Server 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in Microsoft Windows SharePoint Services 2.0 allows remote attackers to inject arbitrary web script or HTML via the Picture Source (aka picture object source) field in the Rich Text Editor.
CVE-2008-1900 1 Carbon Communities 1 Carbon Communities 2026-04-23 N/A
option_Update.asp in Carbon Communities 2.4 and earlier allows remote attackers to edit arbitrary member information via a modified ID field.
CVE-2008-1884 1 Wikepage 1 Opus 2026-04-23 N/A
Directory traversal vulnerability in index.php in Wikepage Opus 13 2007.2 allows remote attackers to read arbitrary files via directory traversal sequences in the wiki parameter, a different vector than CVE-2006-4418.
CVE-2008-1890 2 Azrul, Joomla 2 Jom Comment, Joomla 2026-04-23 N/A
SQL injection vulnerability in the Jom Comment 2.0 build 345 component for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-1906 1 Cpcommerce 1 Cpcommerce 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in calendar.php in cpCommerce 1.1.0 allows remote attackers to inject arbitrary web script or HTML via the year parameter in a view.year action.
CVE-2008-1907 1 Cpcommerce 1 Cpcommerce 2026-04-23 N/A
Multiple SQL injection vulnerabilities in functions/display_page.func.php in cpCommerce 1.1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id_product, (2) id_manufacturer, and (3) id_category parameters to unspecified components. NOTE: this probably overlaps CVE-2007-2959 and CVE-2007-2890.
CVE-2008-1909 1 Chadha Software Technologies 1 Phpkb Knowledge Base 2026-04-23 N/A
SQL injection vulnerability in comment.php in PHP Knowledge Base (PHPKB) 1.5 and 2.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter.
CVE-2008-1910 1 Borland 1 Interbase 2026-04-23 N/A
Stack-based buffer overflow in the database service (ibserver.exe) in Borland InterBase 2007 SP2 allows remote attackers to execute arbitrary code via a malformed opcode 0x52 request to TCP port 3050. NOTE: this might overlap CVE-2007-5243 or CVE-2007-5244.
CVE-2008-1914 1 Bigantsoft 1 Bigant Messenger 2026-04-23 N/A
Stack-based buffer overflow in the AntServer module (AntServer.exe) in BigAnt IM Server in BigAnt Messenger 2.2 allows remote attackers to execute arbitrary code via a long URI in a request to TCP port 6080. NOTE: some of these details are obtained from third party information.
CVE-2008-1919 1 Yourfreeworld 1 Apartment Search Script 2026-04-23 N/A
SQL injection vulnerability in listtest.php in YourFreeWorld Apartment Search Script allows remote attackers to execute arbitrary SQL commands via the r parameter.
CVE-2008-1917 1 Amfphp 1 Amfphp 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in AMFPHP 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) class parameter to (a) methodTable.php, (b) code.php, and (c) details.php in browser/; and the (2) location parameter to browser/code.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-1933 1 Microsoft 1 Zune Software 2026-04-23 N/A
Absolute path traversal vulnerability in a certain ActiveX control in Zune allows user-assisted remote attackers to overwrite arbitrary files via the SaveToFile method. NOTE: the victim must explicitly allow the code to run.