Total
5306 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-2228 | 1 Cyberfolio | 1 Cyberfolio | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in portfolio/commentaires/derniers_commentaires.php in Cyberfolio 7.12, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the rep parameter. | ||||
| CVE-2006-4695 | 1 Microsoft | 1 Office Web Components | 2025-04-09 | N/A |
| Unspecified vulnerability in certain COM objects in Microsoft Office Web Components 2000 allows user-assisted remote attackers to execute arbitrary code via a crafted URL, aka "Office Web Components URL Parsing Vulnerability." | ||||
| CVE-2008-2436 | 1 Novell | 1 Iprint Client | 2025-04-09 | N/A |
| Multiple heap-based buffer overflows in the IppCreateServerRef function in nipplib.dll in Novell iPrint Client 4.x before 4.38 and 5.x before 5.08 allow remote attackers to execute arbitrary code via a long argument to the (1) GetPrinterURLList, (2) GetPrinterURLList2, or (3) GetFileList2 function in the Novell iPrint ActiveX control in ienipp.ocx. | ||||
| CVE-2008-2296 | 1 Rgboard | 1 Rgboard | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in include/bbs.lib.inc.php in Rgboard 3.0.12 allows remote attackers to execute arbitrary PHP code via a URL in the site_path parameter. | ||||
| CVE-2008-2270 | 1 Phpway | 1 Kostenloses Linkmanagementscript | 2025-04-09 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in PHPWAY Kostenloses Linkmanagementscript allow remote attackers to execute arbitrary PHP code via a URL in the (1) main_page_directory and (2) page_to_include parameters in template\index.php. | ||||
| CVE-2008-2233 | 1 Openwsman | 1 Openwsman | 2025-04-09 | N/A |
| The client in Openwsman 1.2.0 and 2.0.0, in unknown configurations, allows remote Openwsman servers to replay SSL sessions via unspecified vectors. | ||||
| CVE-2008-2383 | 2 Invisible-island, Redhat | 2 Xterm, Enterprise Linux | 2025-04-09 | N/A |
| CRLF injection vulnerability in xterm allows user-assisted attackers to execute arbitrary commands via LF (aka \n) characters surrounding a command name within a Device Control Request Status String (DECRQSS) escape sequence in a text file, a related issue to CVE-2003-0063 and CVE-2003-0071. | ||||
| CVE-2008-2224 | 1 Sazcart | 1 Sazcart | 2025-04-09 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in SazCart 1.5.1, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) _saz[settings][site_dir] parameter to layouts/default/header.saz.php and the (2) _saz[settings][site_url] parameter to admin/alayouts/default/pages/login.php. | ||||
| CVE-2007-5167 | 1 Phplister | 1 Phplister | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in .systeme/fonctions.php in phpLister 0.5-pre2 allows remote attackers to execute arbitrary PHP code via a URL in the nom_rep_systeme parameter. | ||||
| CVE-2008-5947 | 1 Yapbb | 1 Yapbb | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in include/class_yapbbcooker.php in YapBB 1.2.Beta 2 allows remote attackers to execute arbitrary PHP code via a URL in the cfgIncludeDirectory parameter. | ||||
| CVE-2008-2199 | 1 Kkeim | 1 Kmita Mail | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in kmitaadmin/kmitam/htmlcode.php in Kmita Mail 3.0 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the file parameter. | ||||
| CVE-2008-2195 | 1 Deluxebb | 1 Deluxebb | 2025-04-09 | N/A |
| Static code injection vulnerability in admincp.php in DeluxeBB 1.2 and earlier allows remote authenticated administrators to inject arbitrary PHP code into logs/cp.php via the URI. | ||||
| CVE-2008-2253 | 1 Microsoft | 3 Windows-nt, Windows Media Player, Windows Xp | 2025-04-09 | N/A |
| Unspecified vulnerability in Microsoft Windows Media Player 11 allows remote attackers to execute arbitrary code via a crafted audio-only file that is streamed from a Server-Side Playlist (SSPL) on Windows Media Server, aka "Windows Media Player Sampling Rate Vulnerability." | ||||
| CVE-2008-2230 | 1 Reportbug-ng | 2 Reportbug, Reportbug-ng | 2025-04-09 | N/A |
| Untrusted search path vulnerability in (1) reportbug 3.8 and 3.31, and (2) reportbug-ng before 0.2008.06.04, allows local users to execute arbitrary code via a malicious module file in the current working directory. | ||||
| CVE-2008-2220 | 1 Interact | 1 Interact | 2025-04-09 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Interact Learning Community Environment Interact 2.4.1, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) CONFIG[LANGUAGE_CPATH] parameter to modules/forum/embedforum.php and the (2) CONFIG[BASE_PATH] parameter to modules/scorm/lib.inc.php, different vectors than CVE-2006-4448. | ||||
| CVE-2007-5842 | 1 Vortex Portal | 1 Vortex Portal | 2025-04-09 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Vortex Portal 1.0.42 allow remote attackers to execute arbitrary PHP code via a URL in the cfgProgDir parameter to (1) admincp/auth/secure.php or (2) admincp/auth/checklogin.php. | ||||
| CVE-2007-5841 | 1 Nuboard | 1 Nuboard | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in admin/index.php in nuBoard 0.5 allows remote attackers to execute arbitrary PHP code via a URL in the site parameter. | ||||
| CVE-2008-2193 | 1 Scorpnews | 1 Scorpnews | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in example.php in Thomas Gossmann ScorpNews 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the site parameter. | ||||
| CVE-2008-2160 | 1 Microsoft | 1 Windows Embedded Compact | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in the JPEG (GDI+) and GIF image processing in Microsoft Windows CE 5.0 allow remote attackers to execute arbitrary code via crafted (1) JPEG and (2) GIF images. | ||||
| CVE-2008-2041 | 1 Egroupware | 1 Egroupware | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in eGroupWare before 1.4.004 have unspecified attack vectors and "grave" impact when the web server has write access to a directory under the web document root. | ||||