Search Results (351250 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-0700 1 Crux Software 1 Cruxcms 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in search.php in Crux Software CruxCMS 3.0 allows remote attackers to inject arbitrary web script or HTML via the search parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-0711 1 Hp 4 Bl860c, Rx2660, Rx3600 and 1 more 2026-04-23 N/A
Unspecified vulnerability in the embedded management console in HP iLO-2 Management Processors (iLO-2 MP), as used in Integrity Servers rx2660, rx3600, and rx6600, and Integrity Blade Server model bl860c, allows remote attackers to cause a denial of service via unknown vectors.
CVE-2008-0712 1 Hp 1 Software Update 2026-04-23 N/A
Unspecified vulnerability in the HP HPeDiag (aka eSupportDiagnostics) ActiveX control in hpediag.dll in HP Software Update 4.000.009.002 and earlier allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors. NOTE: this might overlap CVE-2007-6513.
CVE-2008-0706 2 Compaq, Hp 4 Presario A900, Presario C700, G7000 and 1 more 2026-04-23 N/A
Unspecified vulnerability in the BIOS F.26 and earlier for the HP Compaq Notebook PC allows physically proximate attackers to obtain privileged access via unspecified vectors, possibly involving an authentication bypass of the power-on password.
CVE-2008-0707 1 Hp 2 Hp-ux, Storageworks Library And Tape Tools 2026-04-23 N/A
HP StorageWorks Library and Tape Tools (LTT) before 4.5 SR1 on HP-UX B.11.11 and B.11.23 allows local users to gain privileges via unspecified vectors.
CVE-2008-0749 1 Calimero.cms 1 Calimero.cms 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.php in Calimero.CMS 3.3 allows remote attackers to inject arbitrary web script or HTML via the id parameter in a calimero_webpage action.
CVE-2008-0728 1 Clamav 1 Clamav 2026-04-23 N/A
The unmew11 function in libclamav/mew.c in libclamav in ClamAV before 0.92.1 has unknown impact and attack vectors that trigger "heap corruption."
CVE-2008-0723 1 Planetluc 1 Mynews 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in mynews.inc.php in MyNews 1.6.4, and other earlier 1.6.x versions, allows remote attackers to inject arbitrary web script or HTML via the hash parameter in an admin action to index.php, a different vulnerability than CVE-2006-2208.1.
CVE-2008-0734 1 Limbo Cms 1 Limbo Cms 2026-04-23 N/A
SQL injection vulnerability in class_auth.php in Limbo CMS 1.0.4.2, and possibly earlier versions, allows remote attackers to execute arbitrary SQL commands via the cuid cookie parameter to admin.php.
CVE-2008-0737 1 Shoppingtree 1 Candypress Store 2026-04-23 N/A
SQL injection vulnerability in admin/utilities_ConfigHelp.asp in CandyPress (CP) 4.1.1.26, and other 4.x and 3.x versions, allows remote attackers to execute arbitrary SQL commands via the helpfield parameter.
CVE-2008-0735 1 Auracms 1 Auracms 2026-04-23 N/A
SQL injection vulnerability in mod/gallery/ajax/gallery_data.php in AuraCMS 2.2 allows remote attackers to execute arbitrary SQL commands via the albums parameter.
CVE-2008-0739 1 Shoppingtree 1 Candypress Store 2026-04-23 N/A
SQL injection vulnerability in admin/SA_shipFedExMeter.asp in CandyPress (CP) 4.1.1.26, and earlier 4.x and 3.x versions, allows remote attackers to execute arbitrary SQL commands via the FedExAccount parameter.
CVE-2008-0736 1 Shoppingtree 1 Candypress Store 2026-04-23 N/A
admin/SA_shipFedExMeter.asp in CandyPress (CP) 4.1.1.26, and possibly other 4.x and 3.x versions, allows remote attackers to obtain the path via a certain value of the FedExAccount parameter.
CVE-2008-0744 1 Preprojects.com 1 Pre Hotels \& Resorts Management System 2026-04-23 N/A
SQL injection vulnerability in user_login.asp in PreProjects.com Pre Hotels & Resorts Management System allows remote attackers to execute arbitrary SQL commands via the login page.
CVE-2008-0745 1 Domphp 1 Domphp 2026-04-23 N/A
Directory traversal vulnerability in aides/index.php in DomPHP 0.82 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
CVE-2008-0757 1 Mercuryboard 1 Mercuryboard Message Board 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.php in MercuryBoard 1.1.5 allows remote attackers to inject arbitrary web script or HTML via the message parameter (aka the message text area), which leads to an injection in the messenger during private message (PM) preview. NOTE: some of these details are obtained from third party information.
CVE-2008-0763 1 Larson Software Technology 1 Network Print Server 2026-04-23 N/A
Stack-based buffer overflow in NPSpcSVR.exe in Larson Network Print Server (LstNPS) 9.4.2 build 105 and earlier allows remote attackers to execute arbitrary code via a long argument in a LICENSE command on TCP port 3114.
CVE-2008-0766 2 Brooks Internet Software, Microsoft 3 Rpm Remote Print Manager Elite, Rpm Remote Print Manager Select, Windows 2026-04-23 N/A
Stack-based buffer overflow in RpmSrvc.exe in Brooks Remote Print Manager (RPM) 4.5.1.11 and earlier (Elite and Select) for Windows allows remote attackers to execute arbitrary code via a long filename in a "Receive data file" LPD command. NOTE: some of these details are obtained from third party information.
CVE-2008-0764 1 Larson Software Technology 1 Network Print Server 2026-04-23 N/A
Format string vulnerability in the logging function in Larson Network Print Server (LstNPS) 9.4.2 build 105 and earlier for Windows might allow remote attackers to execute arbitrary code via format string specifiers in a USEP command on TCP port 3114.
CVE-2008-0774 1 Loris 1 Hotel Reservation System 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in search.cgi in Loris Hotel Reservation System 3.01 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the hotel_name parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.