| Max CVSS | 10.0 | Min CVSS | 1.2 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2008-0662 | 7.2 |
The Auto Local Logon feature in Check Point VPN-1 SecuRemote/SecureClient NGX R60 and R56 for Windows caches credentials under the Checkpoint\SecuRemote registry key, which has Everyone/Full Control permissions, which allows local users to gain privi
|
25-01-2024 - 21:31 | 08-02-2008 - 02:00 | |
| CVE-2008-0075 | 10.0 |
Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.1 through 6.0 allows remote attackers to execute arbitrary code via crafted inputs to ASP pages.
|
23-11-2020 - 19:49 | 12-02-2008 - 21:00 | |
| CVE-2016-7132 | 5.0 |
ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified other impact via an invalid wddxPacket XML document that is
|
16-11-2020 - 19:26 | 12-09-2016 - 01:59 | |
| CVE-2008-0080 | 10.0 |
Heap-based buffer overflow in the WebDAV Mini-Redirector in Microsoft Windows XP SP2, Server 2003 SP1 and SP2, and Vista allows remote attackers to execute arbitrary code via a crafted WebDAV response.
|
30-10-2018 - 16:26 | 12-02-2008 - 23:00 | |
| CVE-2008-0944 | 5.0 |
Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote attackers to cause a denial of service (NULL dereference and application crash) via a version field containing zero.
|
15-10-2018 - 22:03 | 25-02-2008 - 21:44 | |
| CVE-2008-0945 | 3.5 |
Format string vulnerability in the logging function in the IM Server (aka IMserve or IMserver) in Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote authenticated users to cause a denial of service (daemon crash) and possibly have unsp
|
15-10-2018 - 22:03 | 25-02-2008 - 21:44 | |
| CVE-2008-0946 | 4.9 |
Directory traversal vulnerability in the IM Server (aka IMserve or IMserver) in Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote authenticated users to create arbitrary empty files via a .. (dot dot) in the recipient field.
|
15-10-2018 - 22:03 | 25-02-2008 - 21:44 | |
| CVE-2008-7242 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in MODx CMS 0.9.6.1 and 0.9.6.1p1 allo remote attackers to inject arbitrary web script or HTML via the (1) search, (2) "a," (3) messagesubject, and (4) messagebody parameters to certain pages as rea
|
11-10-2018 - 20:58 | 17-09-2009 - 18:30 | |
| CVE-2008-7243 | 6.8 |
Cross-site request forgery (CSRF) vulnerability in page 34 in MODx CMS 0.9.6.1 and 0.9.6.1p1 allows remote attackers to hijack the authentication of other users for requests that modify passwords via manager/index.php. NOTE: due to the lack of detai
|
11-10-2018 - 20:58 | 17-09-2009 - 18:30 | |
| CVE-2008-5581 | 7.5 |
PHP remote file inclusion vulnerability in mini-pub.php/front-end/img.php in mini-pub 0.3 allows remote attackers to execute arbitrary PHP code via a URL in the sFileName parameter.
|
11-10-2018 - 20:56 | 15-12-2008 - 18:00 | |
| CVE-2008-5580 | 7.5 |
mini-pub.php/front-end/cat.php in mini-pub 0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the sFileName argument.
|
11-10-2018 - 20:56 | 15-12-2008 - 18:00 | |
| CVE-2008-5579 | 5.0 |
Absolute path traversal vulnerability in mini-pub.php/front-end/cat.php in mini-pub 0.3 allows remote attackers to read arbitrary files via a full pathname in the sFileName parameter.
|
11-10-2018 - 20:56 | 15-12-2008 - 18:00 | |
| CVE-2005-0448 | 1.2 |
Race condition in the rmtree function in File::Path.pm in Perl before 5.8.4 allows local users to create arbitrary setuid binaries in the tree being deleted, a different vulnerability than CVE-2004-0452.
|
03-10-2018 - 21:29 | 02-05-2005 - 04:00 | |
| CVE-2008-6324 | 7.5 |
SQL injection vulnerability in forummessages.cfm in CF_Forum allows remote attackers to execute arbitrary SQL commands via the categorynbr parameter.
|
29-09-2017 - 01:33 | 27-02-2009 - 11:30 | |
| CVE-2008-6323 | 7.5 |
SQL injection vulnerability in forummessages.cfm in CFMSource CF_Auction allows remote attackers to execute arbitrary SQL commands via the categorynbr parameter.
|
29-09-2017 - 01:33 | 27-02-2009 - 11:30 | |
| CVE-2008-0772 | 7.5 |
SQL injection vulnerability in index.php in the com_doc component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the sid parameter in a view task.
|
29-09-2017 - 01:30 | 14-02-2008 - 00:00 | |
| CVE-2008-0721 | 7.5 |
SQL injection vulnerability in index.php in the Sermon (com_sermon) 0.2 component for Mambo allows remote attackers to execute arbitrary SQL commands via the gid parameter.
|
29-09-2017 - 01:30 | 12-02-2008 - 02:00 | |
| CVE-2013-4066 | 4.3 |
IBM InfoSphere Information Server 8.0, 8.1, 8.5 through FP3, 8.7, and 9.1 allows remote attackers to conduct clickjacking attacks by creating an overlay interface on top of the Web Console interface.
|
29-08-2017 - 01:33 | 02-10-2013 - 22:55 | |
| CVE-2012-5906 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in GreenBrowser 6.1.0117 and 6.1.0216 allow remote attackers to inject arbitrary web script or HTML via (1) the URI in an about: page or (2) the last visited URL in the LastVisitWriteEn function in
|
29-08-2017 - 01:32 | 17-11-2012 - 21:55 | |
| CVE-2008-7223 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in LinPHA before 1.3.3 allow remote attackers to inject arbitrary web script or HTML via (1) ftp/index.php, (2) viewer.php, (3) functions/other.php, (4) include/left_menu.class.php, or (5) plugins/s
|
15-09-2009 - 04:00 | 14-09-2009 - 14:30 | |
| CVE-2001-1341 | 5.0 |
The Beck GmbH IPC@Chip embedded web server installs the chipcfg.cgi program by default, which allows remote attackers to obtain sensitive network information via a request to the program.
|
10-09-2008 - 19:10 | 24-05-2001 - 04:00 |