Max CVSS 7.8 Min CVSS 4.3 Total Count20
IDCVSSSummaryLast (major) updatePublished
CVE-2008-4362 4.9
The Virtual Token driver (vdlptokn.sys) 1.0.2.43 in DESlock+ 3.2.7 allows local users to cause a denial of service (system crash) via a crafted IOCTL request to \Device\DLPTokenWalter0.
07-03-2011 - 22:12 30-09-2008 - 19:24
CVE-2008-4243 7.8
Directory traversal vulnerability in ImageServer (aka UTImageServer) in WebAdmin before 1.7 for Epic Games Unreal Tournament 3 (UT3) 1.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI.
07-03-2011 - 22:12 25-09-2008 - 15:25
CVE-2008-3195 6.8
Directory traversal vulnerability in bin/configure in TWiki before 4.2.3, when a certain step in the installation guide is skipped, allows remote attackers to read arbitrary files via a query string containing a .. (dot dot) in the image variable, an
07-03-2011 - 22:10 18-09-2008 - 11:04
CVE-2008-7021 6.0
Unrestricted file upload vulnerability in editlogo.php in AvailScript Jobs Portal Script allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as an image or logo, then accessing it via a direct
21-08-2009 - 00:00 21-08-2009 - 10:30
CVE-2008-6464 7.5
SQL injection vulnerability in event.php in Mevin Productions Basic PHP Events Lister 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
19-08-2009 - 01:23 13-03-2009 - 06:30
CVE-2008-6454 7.5
SQL injection vulnerability in section.php in 6rbScript 3.3 allows remote attackers to execute arbitrary SQL commands via the singerid parameter in a singers action.
19-08-2009 - 01:23 13-03-2009 - 06:30
CVE-2008-6453 4.3
Directory traversal vulnerability in section.php in 6rbScript 3.3, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the name parameter.
19-08-2009 - 01:23 13-03-2009 - 06:30
CVE-2008-6042 7.5
SQL injection vulnerability in the re_search module in NetArtMedia Real Estate Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the ad parameter to index.php.
19-08-2009 - 01:22 03-02-2009 - 06:30
CVE-2008-6026 7.5
SQL injection vulnerability in tienda.php in BlueCUBE CMS allows remote attackers to execute arbitrary SQL commands via the id parameter.
19-08-2009 - 01:22 03-02-2009 - 06:30
CVE-2008-6037 7.5
SQL injection vulnerability in view.php in AvailScript Article Script allows remote attackers to execute arbitrary SQL commands via the v parameter.
07-08-2009 - 01:17 03-02-2009 - 06:30
CVE-2008-6466 7.5
SQL injection vulnerability in image_gallery.php in the Akira Powered Image Gallery (image_gallery) plugin 0.9.6.2 for e107 allows remote attackers to execute arbitrary SQL commands via the image parameter in an image-detail action.
07-08-2009 - 00:00 13-03-2009 - 06:30
CVE-2008-6467 7.5
SQL injection vulnerability in jobs/jobseekers/job-info.php in Diesel Job Site allows remote attackers to execute arbitrary SQL commands via the job_id parameter.
13-03-2009 - 00:00 13-03-2009 - 06:30
CVE-2008-6404 4.3
Cross-site scripting (XSS) vulnerability in add_calendars.php in eXtrovert Software Thyme 1.3 allows remote attackers to inject arbitrary web script or HTML via the callback parameter.
06-03-2009 - 00:00 06-03-2009 - 06:30
CVE-2008-5968 7.5
Directory traversal vulnerability in print.php in PHP iCalendar 2.24 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cookie_language parameter in a phpicalendar_* cookie, a different vector t
05-02-2009 - 01:52 26-01-2009 - 15:30
CVE-2008-5967 7.5
admin/index.php in PHP iCalendar 2.3.4, 2.24, and earlier does not require administrative authentication for an addupdate action, which allows remote attackers to upload a calendar (aka .ics) file with arbitrary content to the calendars/ directory ou
05-02-2009 - 01:52 26-01-2009 - 15:30
CVE-2008-6030 7.5
Multiple SQL injection vulnerabilities in NetArtMedia Jobs Portal 1.3 allow remote attackers to execute arbitrary SQL commands via (1) the job parameter to index.php in the search module or (2) the news_id parameter to index.php.
03-02-2009 - 00:00 03-02-2009 - 06:30
CVE-2008-5088 7.5
Multiple SQL injection vulnerabilities in PHPKB Knowledge Base Software 1.5 Professional allow remote attackers to execute arbitrary SQL commands via the ID parameter to (1) email.php and (2) question.php, a different vector than CVE-2008-1909.
29-01-2009 - 01:58 14-11-2008 - 14:20
CVE-2008-4245 6.5
The Admin Control Panel in Rianxosencabos CMS 0.9 does not require administrator privileges, which allows remote authenticated users to (1) change a user's privileges, (2) delete a user account, or perform unspecified other administrative actions via
29-01-2009 - 01:55 25-09-2008 - 15:25
CVE-2008-4244 7.5
Rianxosencabos CMS 0.9 allows remote attackers to bypass authentication and gain administrative access by setting the usuario and pass cookies to 1.
29-01-2009 - 01:55 25-09-2008 - 15:25
CVE-2008-4112
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-3195. Reason: This candidate is a duplicate of CVE-2008-3195. Notes: All CVE users should reference CVE-2008-3195 instead of this candidate. All references and descriptions in t
24-09-2008 - 01:41 16-09-2008 - 19:00
Back to Top Mark selected
Back to Top