Max CVSS 10.0 Min CVSS 4.3 Total Count12
IDCVSSSummaryLast (major) updatePublished
CVE-2008-4558 6.8
Array index error in VLC media player 0.9.2 allows remote attackers to overwrite arbitrary memory and execute arbitrary code via an XSPF playlist file with a negative identifier tag, which passes a signed comparison.
29-10-2012 - 23:17 14-10-2008 - 20:00
CVE-2008-4556 10.0
Stack-based buffer overflow in the adm_build_path function in sadmind in Sun Solstice AdminSuite on Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted request.
07-03-2011 - 22:12 14-10-2008 - 18:36
CVE-2007-2556 7.5
SQL injection vulnerability in Nuked-klaN 1.7.6 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For (X_FORWARDED_FOR) HTTP header, as demonstrated by a request to the /nk/ URI.
07-03-2011 - 21:54 09-05-2007 - 14:19
CVE-2008-6082 5.0
Titan FTP Server 6.26 build 630 allows remote attackers to cause a denial of service (CPU consumption) via the SITE WHO command.
20-08-2009 - 01:24 06-02-2009 - 06:30
CVE-2008-4649 7.5
Session fixation vulnerability in Elxis CMS 2008.1 revision 2204 allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.
22-07-2009 - 00:00 21-10-2008 - 20:11
CVE-2008-5665 7.5
SQL injection vulnerability in index.php in the xhresim module in XOOPS allows remote attackers to execute arbitrary SQL commands via the no parameter.
29-01-2009 - 01:59 18-12-2008 - 20:52
CVE-2008-4732 7.5
SQL injection vulnerability in ajax_comments.php in the WP Comment Remix plugin before 1.4.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the p parameter.
29-01-2009 - 01:57 24-10-2008 - 06:30
CVE-2008-4705 7.5
SQL injection vulnerability in success_story.php in php Online Dating Software MyPHPDating allows remote attackers to execute arbitrary SQL commands via the id parameter.
29-01-2009 - 01:57 23-10-2008 - 13:17
CVE-2008-4704 10.0
PHP remote file inclusion vulnerability in SezHooTabsAndActions.php in SezHoo 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the IP parameter.
29-01-2009 - 01:57 23-10-2008 - 13:17
CVE-2008-4645 9.0
plugins/event_tracer/event_list.php in PhpWebGallery 1.7.2 and earlier allows remote authenticated administrators to execute arbitrary PHP code via PHP sequences in the sort parameter, which is processed by create_function.
29-01-2009 - 01:57 21-10-2008 - 20:11
CVE-2008-4588 10.0
Stack-based buffer overflow in the FTP server in Etype Eserv 3.x, possibly 3.26, allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long argument to the ABOR command.
29-01-2009 - 01:56 15-10-2008 - 18:45
CVE-2008-4648 4.3
Cross-site scripting (XSS) vulnerability in index.php in Elxis CMS 2008.1 revision 2204 allows remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO or the (2) option, (3) Itemid, (4) id, (5) task, (6) bid, and (7) contact_id
22-10-2008 - 00:00 21-10-2008 - 20:11
Back to Top Mark selected
Back to Top