Export limit exceeded: 346173 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 346173 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346173 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-6023 | 1 Xnova | 1 Xnova | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in includes/todofleetcontrol.php in a newer version of Xnova, possibly 0.8 sp1, allows remote attackers to execute arbitrary PHP code via a URL in the xnova_root_path parameter. | ||||
| CVE-2008-6025 | 1 Openelec | 1 Openelec | 2026-04-23 | N/A |
| Directory traversal vulnerability in scr/form.php in openElec 3.01 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the obj parameter. | ||||
| CVE-2008-6026 | 1 Bluecube | 1 Bluecube Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in tienda.php in BlueCUBE CMS allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-6028 | 1 University Of Queensland | 1 Fez | 2026-04-23 | N/A |
| SQL injection vulnerability in list.php in University of Queensland Library Fez 1.3 and 2.0 RC1 allows remote attackers to execute arbitrary SQL commands via the parent_id parameter in a subject action. | ||||
| CVE-2008-6029 | 1 Buzzywall | 1 Buzzywall | 2026-04-23 | N/A |
| SQL injection vulnerability in search.php in BuzzyWall 1.3.1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the search parameter. | ||||
| CVE-2008-6030 | 1 Netartmedia | 1 Jobs Portal | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in NetArtMedia Jobs Portal 1.3 allow remote attackers to execute arbitrary SQL commands via (1) the job parameter to index.php in the search module or (2) the news_id parameter to index.php. | ||||
| CVE-2008-6031 | 1 Wsn Links | 1 Wsn Links | 2026-04-23 | N/A |
| SQL injection vulnerability in vote.php in WSN Links 2.22 and 2.23 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: it was later reported that 2.34 is also vulnerable. | ||||
| CVE-2008-6032 | 1 Wsn | 1 Links | 2026-04-23 | N/A |
| SQL injection vulnerability in comments.php in WSN Links Free 4.0.34P allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-6035 | 1 Achievo | 1 Achievo | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in dispatch.php in Achievo 1.3.2-STABLE allows remote attackers to inject arbitrary web script or HTML via the atknodetype parameter. | ||||
| CVE-2008-6037 | 1 Availscript | 1 Availscript Article Script | 2026-04-23 | N/A |
| SQL injection vulnerability in view.php in AvailScript Article Script allows remote attackers to execute arbitrary SQL commands via the v parameter. | ||||
| CVE-2008-6038 | 1 Mapcal | 1 Mapcal | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in MapCal 0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter in an editevent action, possibly related to dsp_editevent.php. | ||||
| CVE-2008-6040 | 1 Agares Media | 1 Arcadem Pro | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Arcadem Pro 2.700 through 2.802 allows remote attackers to execute arbitrary SQL commands via the articlecat parameter, probably related to includes/articleblock.php. | ||||
| CVE-2008-6041 | 1 Dataspade | 1 Dataspade | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Index.asp in Dataspade 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) ViewName, (2) TableName, (3) OrderBy, and (4) FilterField parameters. | ||||
| CVE-2008-6042 | 1 Netartmedia | 1 Real Estate Portal | 2026-04-23 | N/A |
| SQL injection vulnerability in the re_search module in NetArtMedia Real Estate Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the ad parameter to index.php. | ||||
| CVE-2008-6044 | 1 Xt-commerce | 1 Xt-commerce | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in advanced_search_result.php in xt:Commerce 3.0.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the keywords parameter. | ||||
| CVE-2008-6045 | 1 Xt-commerce | 1 Xt-commerce | 2026-04-23 | N/A |
| Session fixation vulnerability in shopping_cart.php in xt:Commerce 3.0.4 and earlier allows remote attackers to hijack web sessions by setting the XTCsid parameter. | ||||
| CVE-2008-6046 | 1 Adbnewssender Project | 1 Adbnewssender | 2026-04-23 | N/A |
| SQL injection vulnerability in ADbNewsSender before 1.5.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors in (1) opt_in_out.php.inc, (2) confirmation.php.inc, and (3) renewal.php.inc in mailinglist/. | ||||
| CVE-2008-6047 | 1 Adbnewssender | 1 Adbnewssender | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in ADbNewsSender before 1.5.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) subscribing and (2) unsubscribing. | ||||
| CVE-2008-6048 | 1 Tangocms | 1 Tangocms | 2026-04-23 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in TangoCMS before 2.2.0 allow remote attackers to hijack the authentication of administrators. | ||||
| CVE-2008-6050 | 2 Ircmaxell, Joomla | 2 Tech Article, Joomla | 2026-04-23 | N/A |
| SQL injection vulnerability in the Tech Articles (com_tech_article) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the item parameter to index.php. | ||||