Export limit exceeded: 351680 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (351680 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-0851 | 1 Dokeos | 1 E-learning System | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.4 allow remote attackers to inject arbitrary web script or HTML via the (1) username parameter to inscription.php, (2) courseCode parameter to main/calendar/myagenda.php, (3) category parameter to main/admin/course_category.php, (4) message parameter to main/admin/session_list.php in a show_message action, and (5) an avatar image to main/auth/profile.php. | ||||
| CVE-2008-0846 | 2 Joomla, Mambo | 2 Com Profile, Com Profile | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the com_profile component for Joomla! allows remote attackers to execute arbitrary SQL commands via the oid parameter. | ||||
| CVE-2008-0847 | 1 Xoops | 1 Mytopics | 2026-04-23 | N/A |
| SQL injection vulnerability in print.php in the myTopics module for XOOPS allows remote attackers to execute arbitrary SQL commands via the articleid parameter. | ||||
| CVE-2008-0849 | 2 Joomla, Mambo | 2 Com Downloads, Com Downloads | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the Downloads (com_downloads) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a selectcat function, a different vector than CVE-2008-0652. | ||||
| CVE-2008-0854 | 2 Joomla, Mambo | 2 Com Salesrep, Com Salesrep | 2026-04-23 | N/A |
| SQL injection vulnerability in the com_salesrep component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the rid parameter in a showrep action to index.php. | ||||
| CVE-2008-0855 | 2 Joomla, Mambo | 2 Com Facileforms, Com Facileforms | 2026-04-23 | N/A |
| SQL injection vulnerability in the Facile Forms (com_facileforms) component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | ||||
| CVE-2008-0857 | 1 Woltlab | 1 Burning Board | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in WoltLab Burning Board 3.0.3 PL 1 allows remote attackers to execute arbitrary SQL commands via the sortOrder parameter to the PMList page. | ||||
| CVE-2008-0863 | 1 Bea | 1 Weblogic Server | 2026-04-23 | N/A |
| BEA WebLogic Server and WebLogic Express 9.0 and 9.1 exposes the web service's WSDL and security policies, which allows remote attackers to obtain sensitive information and potentially launch further attacks. | ||||
| CVE-2008-0865 | 2 Bea Systems, Oracle | 2 Weblogic Portal, Weblogic Portal | 2026-04-23 | N/A |
| Unspecified vulnerability in BEA WebLogic Portal 8.1 through SP6 allows remote attackers to bypass entitlements for instances of a floatable WLP portlet via unknown vectors. | ||||
| CVE-2008-0866 | 1 Bea | 1 Weblogic Workshop | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Workshop allow remote attackers to inject arbitrary web script or HTML via an invalid action URI, which is not properly handled by NetUI page flows. | ||||
| CVE-2008-0868 | 2 Bea Systems, Oracle | 2 Weblogic Portal, Weblogic Portal | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Groupspace in BEA WebLogic Portal 10.0 and 9.2 through Maintenance Pack 1 allows remote authenticated users to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2008-0895 | 1 Bea | 1 Weblogic Server | 2026-04-23 | N/A |
| BEA WebLogic Server and WebLogic Express 6.1 through 10.0 allows remote attackers to bypass authentication for application servlets via crafted request headers. | ||||
| CVE-2008-0872 | 1 Smartertools | 1 Smartermail Enterprise | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in SmarterTools SmarterMail Enterprise 4.3 allows remote attackers to inject arbitrary web script or HTML via a STYLE attribute of an element in the Subject field of an e-mail message. | ||||
| CVE-2008-0870 | 2 Bea Systems, Oracle | 2 Weblogic Portal, Weblogic Portal | 2026-04-23 | N/A |
| BEA WebLogic Portal 10.0 and 9.2 through Maintenance Pack 2, under certain circumstances, can redirect a user from the https:// URI for the Portal Administration Console to an http URI, which allows remote attackers to sniff the session. | ||||
| CVE-2008-0873 | 1 Jlmzone | 1 Classifieds | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the jlmZone Classifieds module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in an Adsview action. | ||||
| CVE-2008-0874 | 1 Xoops | 1 Eempregos Module | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the eEmpregos module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action. | ||||
| CVE-2008-0875 | 1 Hitachi | 1 Eur Print Manager | 2026-04-23 | N/A |
| Unspecified vulnerability in Hitachi EUR Print Manager, and related Client and Local Server products, 05-06 through 05-06-/B and 05-08 allows remote attackers to cause a denial of service (service hang or termination) via unspecified vectors related to "unexpected data." | ||||
| CVE-2008-0876 | 1 Hitachi | 2 Sewb3 Mi-platform, Sewb3 Platform | 2026-04-23 | N/A |
| Unspecified vulnerability in the SEWB3 messaging service in Hitachi SEWB3/PLATFORM and SEWB3/MI-PLATFORM 01-00 through 02-14-/A allows remote attackers to cause a denial of service (service outage) via "invalid data." | ||||
| CVE-2008-0878 | 1 Runcms | 1 Myannonces | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the MyAnnonces 1.7 and earlier module for RunCMS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action. | ||||
| CVE-2008-0879 | 1 Phpnuke | 1 Web Links Module | 2026-04-23 | N/A |
| SQL injection vulnerability in modules.php in the Web_Links module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter in a viewlink action. | ||||